Writing Secure Code
Threat Modeling
Using w3af to achieve automated penetration testing by live DVD/live USB
Proceedings of the 2009 International Conference on Hybrid Information Technology
Using testing techniques for vulnerability detection in C programs
ICTSS'11 Proceedings of the 23rd IFIP WG 6.1 international conference on Testing software and systems
Message confidentiality testing of security protocols: passive monitoring and active checking
TestCom'06 Proceedings of the 18th IFIP TC6/WG6.1 international conference on Testing of Communicating Systems
An advanced approach for modeling and detecting software vulnerabilities
Information and Software Technology
| Hi-index | 0.00 |
Seemingly insignificant issues in applicaitons, from a quality assurance perspective, can turn out to be gaping security holes. Yet, these severe security issues often don't fit the model of traditional functional flaws. Often, testers and developers just fail to notice the side-effects of applicaiton choices, which typical software quality assurance procedures arenýt well suited to exposing. Security bugs' hidden nature requires specific, focused application-security testing techniques that defy the traditional model of verifying application specifications and instead identify the unspecified and insecure side-effects of "correct" application functionality. This installment of Basic Training examines application penetration testing--software testing thatýs specifically designed to hunt down security vulnerabilities.