What do you think?
Rate this book
How to Break Software Security
How to Break Software Security describes the general problem of software security in a practical perspective from a software tester's point of view. It defines prescriptive techniques (attacks that testers can use on their own software) that are designed to ferret out security vulnerabilities in software applications. The book's style is easy to read and provides readers with the techniques and advice to hunt down security bugs and see that they're destroyed before the software is released. Accompanying the book is a CD-ROM containing Holodeck, which tests for security vulnerabilities. There are also a number of bug-finding tools, freeware, and an easy-to-use port scanner included on the CD-ROM.
208 pages, Paperback
First published May 19, 2002
11 people are currently reading
473 people want to read
Ratings & Reviews
Friends & Following
Create a free account to discover what your friends think of this book!
Community Reviews
Displaying 1 - 14 of 14 reviews
Read
April 6, 2020I don't know yet.
May 6, 2021
Good book on testing software. Bad news is, it's a book on testing software. Rather boring.
April 10, 2025
Dated but again useful enough to gain context and refresh existing ideas.
January 10, 2017
Essential reading for anyone in QA or software testing, James Whittaker outlines a model for strategic, iterative testing that dispenses with throwing levers in the dark in favor of measurable results.
April 11, 2016
This book is a bit old, back James still liked testing lol (unlike on "How Google tests Software"). But even with some outdated references there's value on the teachings and more than anything on the mindset it leaves you with. I feel like I wont look at an application the same after reading this and that's a great feeling indeed.
December 26, 2019
I think the book has interesting information. Even today there aren’t many books that are so detailed about finding bugs. However today you can find cheat-sheets and heuristics in abundance on the internet. The book is outdated, and there are many other books and articles on the internet I would recommend to read before this one.
Book review list: https://www.testerschoice.pro/book-re...
Book review list: https://www.testerschoice.pro/book-re...
November 17, 2008
Very high level intro in to the field of security testing. If you are new to the field then there may be some stuff to gain from the book, but it is too high level and introductory if you've even dabbled a little with the subject before.
May 13, 2009
I read this the first weekend after I got hired as a software tester and James Whittaker is a rockstar. Not only does he lay out a detailed methodology about how to test software, he also manages to make it an entertaining read. If you do any kind of work with software, I recommend it.
August 24, 2009
Approaches testing from a different set of fundamentals. It's not a risk-based approach in the user or business sense, but it does deal well with code-based risks. Found some new insights. Highly recommended.
December 18, 2015
A rather old book by tech standards but full of practical testing advise still aplicable today. The recap list of testing strategies at the end of each chapter is a good cheatsheet to keep around.
It's a shame that is not available in digital format.
It's a shame that is not available in digital format.
May 4, 2011
I *heart* James Whitaker's presentations. The content of the book was decent but mostly common sense...the appendix section was the most helpful/interesting.
September 16, 2014
Just for the CD alone is a useful tool for desktop software testing.
February 7, 2016
great, very efficient approach especially for UI testing.
April 2, 2018
You won't become a hacker after reading it, but I liked how it's structured and it inspired me to dig further into penetration testing.
Displaying 1 - 14 of 14 reviews