It’s three years old but Andres Andreu has put together a gem of a book on Web security testing:
It covers Web apps, some commercial scanners, and practically every open source tool available for Web security testing. It also has some of the best coverage I’ve seen on testing Web services.
Andres must’ve had a lot of time on his hands when he wrote it…I know firsthand how much effort it takes to put together technical material and this book is chock full of it.
Check it out…and kudos to Andres!
“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.
His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”