This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "OWASP Testing Guide Appendix B: Suggested Reading"
From OWASP
Deleted user (talk | contribs) |
(Reverting to last version not containing links to s1.shard.jp) |
||
| Line 1: | Line 1: | ||
| − | |||
{{Template:OWASP Testing Guide v3}} | {{Template:OWASP Testing Guide v3}} | ||
| Line 32: | Line 31: | ||
* Susan Young, Dave Aitel: "The Hacker's Handbook: The Strategy behind Breaking into and Defending Networks", Auerbach, ISBN: 0849308887 | * Susan Young, Dave Aitel: "The Hacker's Handbook: The Strategy behind Breaking into and Defending Networks", Auerbach, ISBN: 0849308887 | ||
| − | * ''Secure Coding,'' by Mark Graff and Ken Van Wyk, published by | + | * ''Secure Coding,'' by Mark Graff and Ken Van Wyk, published by O’Reilly, ISBN 0596002424''(2003)'' - http://www.securecoding.org |
* ''Building Secure Software: How to Avoid Security Problems the Right Way'', by Gary McGraw and John Viega, published by Addison-Wesley Pub Co, ISBN 020172152X (2002) - http://www.buildingsecuresoftware.com | * ''Building Secure Software: How to Avoid Security Problems the Right Way'', by Gary McGraw and John Viega, published by Addison-Wesley Pub Co, ISBN 020172152X (2002) - http://www.buildingsecuresoftware.com | ||
| Line 46: | Line 45: | ||
* ''Mastering the Requirements Process, ''by Suzanne Robertson and James Robertsonn, published by Addison-Wesley Professional, ISBN 0201360462 - http://www.systemsguild.com/GuildSite/Robs/RMPBookPage.html | * ''Mastering the Requirements Process, ''by Suzanne Robertson and James Robertsonn, published by Addison-Wesley Professional, ISBN 0201360462 - http://www.systemsguild.com/GuildSite/Robs/RMPBookPage.html | ||
| − | * ''The Unified Modeling Language | + | * ''The Unified Modeling Language – A User Guide'' - http://www.awprofessional.com/catalog/product.asp?product_id=%7B9A2EC551-6B8D-4EBC-A67E-84B883C6119F%7D |
* ''Web Applications (Hacking Exposed) ''by Joel Scambray and Mike Shema, published by McGraw-Hill Osborne Media, ISBN 007222438X | * ''Web Applications (Hacking Exposed) ''by Joel Scambray and Mike Shema, published by McGraw-Hill Osborne Media, ISBN 007222438X | ||
| Line 54: | Line 53: | ||
* ''Securing Java,'' by Gary McGraw, Edward W. Felten, published by Wiley, ISBN 047131952X (1999) - http://www.securingjava.com | * ''Securing Java,'' by Gary McGraw, Edward W. Felten, published by Wiley, ISBN 047131952X (1999) - http://www.securingjava.com | ||
| − | * Beizer, Boris, ''Software Testing Techniques'', 2nd Edition, | + | * Beizer, Boris, ''Software Testing Techniques'', 2nd Edition, © 1990 International Thomson Computer Press, ISBN 0442206720 |
[[Category:FIXME|broken links, I left them above | [[Category:FIXME|broken links, I left them above | ||
| Line 63: | Line 62: | ||
* ''Writing Secure Code,'' by Mike Howard and David LeBlanc, published by Microsoft Press, ISBN 0735617228 (2003) http://www.microsoft.com/mspress/books/5957.asp | * ''Writing Secure Code,'' by Mike Howard and David LeBlanc, published by Microsoft Press, ISBN 0735617228 (2003) http://www.microsoft.com/mspress/books/5957.asp | ||
| − | * ''The Unified Modeling Language | + | * ''The Unified Modeling Language – A User Guide'' - http://www.awprofessional.com/catalog/product.asp?product_id=%7B9A2EC551-6B8D-4EBC-A67E-84B883C6119F%7D |
| Line 70: | Line 69: | ||
==Useful Websites== | ==Useful Websites== | ||
| − | * OWASP | + | * OWASP — http://www.owasp.org |
* SANS - http://www.sans.org | * SANS - http://www.sans.org | ||
| − | * Secure Coding | + | * Secure Coding — http://www.securecoding.org |
* Secure Coding Guidelines for the .NET Framework''''' ''''' - http://msdn.microsoft.com/security/securecode/bestpractices/default.aspx?pull=/library/en-us/dnnetsec/html/seccodeguide.asp | * Secure Coding Guidelines for the .NET Framework''''' ''''' - http://msdn.microsoft.com/security/securecode/bestpractices/default.aspx?pull=/library/en-us/dnnetsec/html/seccodeguide.asp | ||
| − | * Security in the Java platform | + | * Security in the Java platform — http://java.sun.com/security |
| − | * OASIS WAS XML | + | * OASIS WAS XML — http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=was |
Revision as of 12:50, 3 June 2009
OWASP Testing Guide v3 Table of Contents
This article is part of the OWASP Testing Guide v3. The entire OWASP Testing Guide v3 can be downloaded here.
OWASP at the moment is working at the OWASP Testing Guide v4: you can browse the Guide here
Whitepapers
- The Economic Impacts of Inadequate Infrastructure for Software Testing - http://www.nist.gov/director/prog-ofc/report02-3.pdf
- Threats and Countermeasures: Improving Web Application Security - http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/html/threatcounter.asp
- Use Cases: Just the FAQs and Answers - http://www-106.ibm.com/developerworks/rational/library/content/RationalEdge/jan03/UseCaseFAQS_TheRationalEdge_Jan2003.pdf
Books
- James S. Tiller: "The Ethical Hack: A Framework for Business Value Penetration Testing", Auerbach, ISBN: 084931609X
- Susan Young, Dave Aitel: "The Hacker's Handbook: The Strategy behind Breaking into and Defending Networks", Auerbach, ISBN: 0849308887
- Secure Coding, by Mark Graff and Ken Van Wyk, published by O’Reilly, ISBN 0596002424(2003) - http://www.securecoding.org
- Building Secure Software: How to Avoid Security Problems the Right Way, by Gary McGraw and John Viega, published by Addison-Wesley Pub Co, ISBN 020172152X (2002) - http://www.buildingsecuresoftware.com
- Writing Secure Code, by Mike Howard and David LeBlanc, published by Microsoft Press, ISBN 0735617228 (2003) http://www.microsoft.com/mspress/books/5957.asp
- Innocent Code: A Security Wake-Up Call for Web Programmers, by Sverre Huseby, published by John Wiley & Sons, ISBN 0470857447(2004) - http://innocentcode.thathost.com
- Exploiting Software: How to Break Code, by Gary McGraw and Greg Hoglund, published by Addison-Wesley Pub Co, ISBN 0201786958 (2004) -http://www.exploitingsoftware.com
- Secure Programming for Linux and Unix HOWTO, David Wheeler (2004) - http://www.dwheeler.com/secure-programs
- Mastering the Requirements Process, by Suzanne Robertson and James Robertsonn, published by Addison-Wesley Professional, ISBN 0201360462 - http://www.systemsguild.com/GuildSite/Robs/RMPBookPage.html
- The Unified Modeling Language – A User Guide - http://www.awprofessional.com/catalog/product.asp?product_id=%7B9A2EC551-6B8D-4EBC-A67E-84B883C6119F%7D
- Web Applications (Hacking Exposed) by Joel Scambray and Mike Shema, published by McGraw-Hill Osborne Media, ISBN 007222438X
- Software Testing In The Real World (Acm Press Books) by Edward Kit, published by Addison-Wesley Professional, ISBN 0201877562 (1995)
- Securing Java, by Gary McGraw, Edward W. Felten, published by Wiley, ISBN 047131952X (1999) - http://www.securingjava.com
- Beizer, Boris, Software Testing Techniques, 2nd Edition, © 1990 International Thomson Computer Press, ISBN 0442206720
Useful Websites
- OWASP — http://www.owasp.org
- SANS - http://www.sans.org
- Secure Coding — http://www.securecoding.org
- Secure Coding Guidelines for the .NET Framework - http://msdn.microsoft.com/security/securecode/bestpractices/default.aspx?pull=/library/en-us/dnnetsec/html/seccodeguide.asp
- Security in the Java platform — http://java.sun.com/security
- OASIS WAS XML — http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=was
