This almost 20-year-old book describes the then-most common weaknesses of Internet software. Although some of the referenced technologies are outdated, a majority of the principles are still relevant in 2025. SQL injection, cross-site scripting, and the need to sanitize input parameters remain hot issues in web security for developers. Other items bring eye rolls to developers who have been around the bush – Internet Explorer, to name one.
Although this book isn’t going to suddenly hop up the sales charts, it provides a nice set of history to someone who wants to better understand the history of the field. I certainly would have benefitted from reading it when it came out in 2006, but even now, after I’ve spent most of my career developing for the Internet, this book shows me where we’ve been – and perhaps, a bit of where we might go together.
How to Break Web Software: Functional and Security Testing of Web Applications and Web Services
By Mike Andrews & James A. Whittaker
Copyright (c) 2006
Pearson Education
ISBN13 9780321369444
Page Count: 219
Genre: Software
www.amazon.com