The Art of Software Security Testing: Identifying Software Security Flaws (Paperback)

Chris Wysopal, Lucas Nelson, Dino Dai Zovi, Elfriede Dustin

  • 出版商: Addison Wesley
  • 出版日期: 2006-11-01
  • 定價: $1,980
  • 售價: 8.0$1,584
  • 語言: 英文
  • 頁數: 312
  • 裝訂: Paperback
  • ISBN: 0321304861
  • ISBN-13: 9780321304865
  • 相關分類: Amazon Web Services資訊安全
  • 立即出貨




Risk-based security testing, the important subject of this book, is one of seven software security touchpoints introduced in my book, Software Security: Building Security In. This book takes the basic idea several steps forward. Written by masters of software exploit, this book describes in very basic terms how security testing differs from standard software testing as practiced by QA groups everywhere. It unifies in one place ideas from Michael Howard, David Litchfield, Greg Hoglund, and me into a concise introductory package. Improve your security testing by reading this book today.”

Gary McGraw, Ph.D., CTO, Cigital; Author, Software Security, Exploiting Software, Building Secure Software, and Software Fault Injection;


“As 2006 closes out, we will see over 5,000 software vulnerabilities announced to the public. Many of these vulnerabilities were, or will be, found in enterprise applications from companies who are staffed with large, professional, QA teams. How then can it be that these flaws consistently continue to escape even well-structured diligent testing? The answer, in part, is that testing still by and large only scratches the surface when validating the presence of security flaws. Books such as this hopefully will start to bring a more thorough level of understanding to the arena of security testing and make us all a little safer over time.”

Alfred Huger, Senior Director, Development, Symantec Corporation


“Software security testing may indeed be an art, but this book provides the paint-by-numbers to perform good, solid, and appropriately destructive security testing: proof that an ounce of creative destruction is worth a pound of patching later. If understanding how software can be broken is step one in every programmers’ twelve-step program to defensible, secure, robust software, then knowledgeable security testing comprises at least steps two through six.”

Mary Ann Davidson, Chief Security Officer, Oracle


“Over the past few years, several excellent books have come out teaching developers how to write more secure software by describing common security failure patterns. However, none of these books have targeted the tester whose job it is to find the security problems before they make it out of the R&D lab and into customer hands. Into this void comes The Art of Software Security Testing: Identifying Software Security Flaws. The authors, all of whom have extensive experience in security testing, explain how to use free tools to find the problems in software, giving plenty of examples of what a software flaw looks like when it shows up in the test tool. The reader learns why security flaws are different from other types of bugs (we want to know not only that ‘the program does what it’s supposed to,’ but also that ‘the program doesn’t do that which it’s not supposed to’), and how to use the tools to find them. Examples are primarily based on C code, but some description of Java, C#, and scripting languages help for those environments. The authors cover both Windows and UNIX-based test tools, with plenty of screenshots to see what to expect. Anyone who’s doing QA testing on software should read this book, whether as a refresher for finding security problems, or as a starting point for QA people who have focused on testing functionality.”

Jeremy Epstein, WebMethods


State-of-the-Art Software Security Testing: Expert, Up to Date, and Comprehensive


The Art of Software Security Testing delivers in-depth, up-to-date, battle-tested techniques for anticipating and identifying software security problems before the “bad guys” do.


Drawing on decades of experience in application and penetration testing, this book’s authors can help you transform your approach from mere “verification” to proactive “attack.” The authors begin by systematically reviewing the design and coding vulnerabilities that can arise in software, and offering realistic guidance in avoiding them. Next, they show you ways to customize software debugging tools to test the unique aspects of any program and then analyze the results to identify exploitable vulnerabilities.


Coverage includes

  • Tips on how to think the way software attackers think to strengthen your defense strategy
  • Cost-effectively integrating security testing into your development lifecycle
  • Using threat modeling to prioritize testing based on your top areas of risk
  • Building testing labs for performing white-, grey-, and black-box software testing
  • Choosing and using the right tools for each testing project
  • Executing today’s leading attacks, from fault injection to buffer overflows
  • Determining which flaws are most likely to be exploited by real-world attackers


This book is indispensable for every technical professional responsible for software security: testers, QA specialists, security professionals, developers, and more. For IT managers and leaders, it offers a proven blueprint for implementing effective security testing or strengthening existing processes.



Table of Contents

Foreword xiii

Preface xvii

Acknowledgments xxix

About the Authors xxxi


Part I: Introduction

Chapter 1: Case Your Own Joint: A Paradigm Shift from Traditional Software Testing  3

Chapter 2: How Vulnerabilities Get Into All Software  19

Chapter 3: The Secure Software Development Lifecycle  55

Chapter 4: Risk-Based Security Testing: Prioritizing Security Testing with Threat Modeling  73

Chapter 5: Shades of Analysis: White, Gray, and Black Box Testing  93


Part II: Performing the Attacks

Chapter 6: Generic Network Fault Injection  107

Chapter 7: Web Applications: Session Attacks  125

Chapter 8: Web Applications: Common Issues  141

Chapter 9: Web Proxies: Using WebScarab  169

Chapter 10: Implementing a Custom Fuzz Utility  185

Chapter 11: Local Fault Injection  201


Part III: Analysis

Chapter 12: Determining Exploitability  233


Index  251


《軟體安全測試的藝術:辨識軟體安全漏洞》書中描述了基於風險的安全測試,這是我在《軟體安全:建構安全性》一書中介紹的七個軟體安全接觸點之一。這本書進一步發展了基本概念。由軟體攻擊大師撰寫,以非常基本的方式描述了安全測試與QA團隊普遍實踐的標準軟體測試的區別。它將Michael Howard、David Litchfield、Greg Hoglund和我們的想法統一在一個簡潔的入門包裡。閱讀這本書,提升您的安全測試能力。

"在2006年結束時,我們將看到超過5,000個軟體漏洞公開宣布。其中許多漏洞是在由大型專業QA團隊組成的企業應用程式中發現的。那麼,為什麼這些缺陷仍然繼續逃脫即使是結構良好且勤奮的測試?答案部分在於,測試在驗證安全漏洞存在時,通常只是表面上的。希望這樣的書籍能夠開始在安全測試領域帶來更深入的理解,並使我們在未來變得更安全。" - Alfred Huger, Symantec Corporation 開發高級總監

"軟體安全測試可能確實是一門藝術,但這本書提供了進行良好、堅實且適當具有破壞性的安全測試的步驟:證明創造性破壞的一點點價值遠遠超過以後的修補。如果了解軟體如何被破壞是每個程式設計師建立可防禦、安全、強健軟體的十二步計劃的第一步,那麼具備知識的安全測試至少包括第二到第六步。" - Mary Ann Davidson, Oracle 首席安全官