The authors explain each category of vulnerability using real-world examples, screen shots and code extracts. The book is extremely practical in focus, and describes in detail the steps involved in detecting and exploiting each kind of security weakness found within a variety of applications such as online banking, e-commerce and other web applications. The topics covered include bypassing login mechanisms, injecting code, exploiting logic flaws and compromising other users. Because every web application is different, attacking them entails bringing to bear various general principles, techniques and experience in an imaginative way. The most successful hackers go beyond this, and find ways to automate their bespoke attacks. This handbook describes a proven methodology that combines the virtues of human intelligence and computerized brute force, often with devastating results.The authors are professional penetration testers who have been involved in web application security for nearly a decade. They have presented training courses at the Black Hat security conferences throughout the world. Under the alias "PortSwigger," Dafydd developed the popular Burp Suite of web application hack tools.

    Learn how to leverage the Django web framework to its full potential in this advanced tutorial and reference. Endorsed by Django, Pro Django more or less picks up where The Definitive Guide to Django left off and examines in greater detail the unusual and complex problems that Python web application developers can face and how to solve them.Provides in-depth information about advanced tools and techniques available in every Django installation Runs the gamut from the theory of Django's internal operations to actual code that solves real-world problems for high-volume environments Goes above and beyond other books, leaving the basics behind Shows how Django can do things even its core developers never dreamed possible

    Combining tools, core principles, and plenty of humor, The Agile Samurai gives you the tools and the attitude to deliver something of value every week, and make rolling software into production a non-event. You’ll see how agile software delivery really works and how to help your team get agile fast, while having fun along the way.

    Though it may not seem this way for those who have been in the field for most of their careers, in the overall scheme of professions, software builders are relative "newbies." In the short history of the software field, a lot of facts have been identified, and a lot of fallacies promulgated. Those facts and fallacies are what this book is about. There's a problem with those facts-and, as you might imagine, those fallacies. Many of these fundamentally important facts are learned by a software engineer, but over the short lifespan of the software field, all too many of them have been forgotten. While reading Facts and Fallacies of Software Engineering , you may experience moments of "Oh, yes, I had forgotten that," alongside some "Is that really true?" thoughts. The author of this book doesn't shy away from controversy. In fact, each of the facts and fallacies is accompanied by a discussion of whatever controversy envelops it. You may find yourself agreeing with a lot of the facts and fallacies, yet emotionally disturbed by a few of them! Whether you agree or disagree, you will learn why the author has been called "the premier curmudgeon of software practice." These facts and fallacies are fundamental to the software building field-forget or neglect them at your peril!

    Weinberg adds new insights and highlights the similarities and differences between now and then. Using a conversational style that invites the reader to join him, Weinberg reunites with some of his most insightful writings on the human side of software engineering.Topics include egoless programming, intelligence, psychological measurement, personality factors, motivation, training, social problems on large projects, problem-solving ability, programming language design, team formation, the programming environment, and much more.Dorset House Publishing is proud to make this important text available to new generations of programmers -- and to encourage readers of the first edition to return to its valuable lessons.

    At long last you'll be united with the programming language you've been longing for: Clojure!As a Lisp-style functional programming language, Clojure lets you write robust and elegant code, and because it runs on the Java Virtual Machine, you can take advantage of the vast Java ecosystem. Clojure for the Brave and True offers a "dessert-first" approach: you'll start playing with real programs immediately, as you steadily acclimate to the abstract but powerful features of Lisp and functional programming. Inside you'll find an offbeat, practical guide to Clojure, filled with quirky sample programs that catch cheese thieves and track glittery vampires.Learn how to: Wield Clojure's core functions Use Emacs for Clojure development Write macros to modify Clojure itself Use Clojure's tools to simplify concurrency and parallel programmingClojure for the Brave and True assumes no prior experience with Clojure, the Java Virtual Machine, or functional programming. Are you ready, brave reader, to meet your true destiny? Grab your best pair of parentheses—you're about to embark on an epic journey into the world of Clojure!

    It won’t crush you. It’s light as a feather (because I haven’t finished it yet—hehe). And there’s a reason this book will stay light: because Ruby is simple to learn.[Why’s (Poignant) Guide to Ruby is released under the Attribution-ShareAlike License. So, yes, please distribute it and print it and read it leisurely in your housecoat.]

    Learn how easy it is to handle data as self-contained JSON-style documents, rather than as records in a relational database.Explore ways that document-oriented storage will work for your projectLearn how MongoDB’s schema-free data model handles documents, collections, and multiple databasesExecute basic write operations, and create complex queries to find data with any criteriaUse indexes, aggregation tools, and other advanced query techniquesLearn about monitoring, security and authentication, backup and repair, and moreSet up master-slave and automatic failover replication in MongoDBUse sharding to scale MongoDB horizontally, and learn how it impacts applicationsGet example applications written in Java, PHP, Python, and Ruby

    The long-anticipated revision of this best-selling text offers the most comprehensive, up-to-date introduction to the theory and practice of artificial intelligence. *NEW-Nontechnical learning material-Accompanies each part of the book. *NEW-The Internet as a sample application for intelligent systems-Added in several places including logical agents, planning, and natural language. *NEW-Increased coverage of material - Includes expanded coverage of: default reasoning and truth maintenance systems, including multi-agent/distributed AI and game theory; probabilistic approaches to learning including EM; more detailed descriptions of probabilistic inference algorithms. *NEW-Updated and expanded exercises-75% of the exercises are revised, with 100 new exercises. *NEW-On-line Java software. *Makes it easy for students to do projects on the web using intelligent agents. *A unified, agent-based approach to AI-Organizes the material around the task of building intelligent agents. *Comprehensive, up-to-date coverage-Includes a unified view of the field organized around the rational decision making pa

    The preeminent expert in his field, Mr.Black draws upon years of experience as president of both theInternational and American Software Testing Qualifications boardsto offer this extensive resource of all the standards, methods, andtools you'll need.The book covers core testing concepts and thoroughly examinesthe best test management practices and tools of leading hardwareand software vendors. Step-by-step guidelines and real-worldscenarios help you follow all necessary processes and avoidmistakes.Producing high-quality computer hardware and software requirescareful, professional testing; Managing the Testing Process, Third Edition explains how to achieve that by following adisciplined set of carefully managed and monitored practices andprocessesThe book covers all standards, methods, and tools you need forprojects large and smallPresents the business case for testing products and reviews theauthor's latest test assessmentsTopics include agile testing methods, risk-based testing, IEEEstandards, ISTQB certification, distributed and outsourced testing, and moreOver 100 pages of new material and case studies have been addedto this new editionIf you're responsible for managing testing in the real world, Managing the Testing Process, Third Edition is the valuablereference and guide you need.

    Daniel Liang teaches concepts of problem-solving and object-oriented programming using a fundamentals-first approach. Beginning programmers learn critical problem-solving techniques then move on to grasp the key concepts of object-oriented and GUI programming using Java 5. Students start with the essential problem-solving and programming concepts (control statements, methods, and arrays), are then introduced to object-oriented programming, graphical user interface (GUI), and applets, and finally to exception handling, I/O, data structures, and other advanced subjects. Liang uses small, simple, and stimulating examples to demonstrate concepts and techniques while longer examples are presented in case studies with overall discussions and thorough line-by-line explanations. Students can now write short, interesting, graphical game programs starting from Chapter 2! reinforcing key concepts with objectives lists, introduction and chapter overviews, easy to follow examples, chapter summaries, review questions, programming exercises, interactive self-test. Students receive solutions to even-numbered programming exercises, source code for the examples in the book, online self assessment (w/over 1000 multiple-choice questions) and ONLINE homework through GRADIANCE, the industries most advanced online homework application. Instructors are offered the most extensive library of support materials available including interactive and animated slides, TestGen (w/over 2000 multiple-choice questions), solutions to all programming exercises, sample exams and supplemental exercises. Available in two versions, the Fundamentals First edition (chapters 1-19) and the Comprehensive version (chapters 1-36).

    It covers the basics of computer programming, including variables and values, functions, conditionals and control flow, program development and debugging. Later chapters cover basic algorithms and data structures.

    Unfortunately, developers are creating mountains of unmaintainable tests as a side effect. I've been fighting the maintenance battle pretty aggressively for years, and this book captures the what I believe is the most effective way to test.This book details my strong opinions on the best way to test, while acknowledging alternative styles and various contexts in which tests are written. Whether you prefer my style or not, this book will help you write better Unit and Functional Tests.

    If you're a reasonably proficient programmer who can think logically, you have all the background you'll need. Stepanov and Rose introduce the relevant abstract algebra and number theory with exceptional clarity. They carefully explain the problems mathematicians first needed to solve, and then show how these mathematical solutions translate to generic programming and the creation of more effective and elegant code. To demonstrate the crucial role these mathematical principles play in many modern applications, the authors show how to use these results and generalized algorithms to implement a real-world public-key cryptosystem. As you read this book, you'll master the thought processes necessary for effective programming and learn how to generalize narrowly conceived algorithms to widen their usefulness without losing efficiency. You'll also gain deep insight into the value of mathematics to programming--insight that will prove invaluable no matter what programming languages and paradigms you use. You will learn aboutHow to generalize a four thousand-year-old algorithm, demonstrating indispensable lessons about clarity and efficiencyAncient paradoxes, beautiful theorems, and the productive tension between continuous and discreteA simple algorithm for finding greatest common divisor (GCD) and modern abstractions that build on itPowerful mathematical approaches to abstractionHow abstract algebra provides the idea at the heart of generic programmingAxioms, proofs, theories, and models: using mathematical techniques to organize knowledge about your algorithms and data structuresSurprising subtleties of simple programming tasks and what you can learn from themHow practical implementations can exploit theoretical knowledge

    With 21st Century C, you’ll discover up-to-date techniques that are absent from every other C text available. C isn’t just the foundation of modern programming languages, it is a modern language, ideal for writing efficient, state-of-the-art applications. Learn to dump old habits that made sense on mainframes, and pick up the tools you need to use this evolved and aggressively simple language. No matter what programming language you currently champion, you’ll agree that C rocks.Set up a C programming environment with shell facilities, makefiles, text editors, debuggers, and memory checkersUse Autotools, C’s de facto cross-platform package managerLearn which older C concepts should be downplayed or deprecatedExplore problematic C concepts that are too useful to throw outSolve C’s string-building problems with C-standard and POSIX-standard functionsUse modern syntactic features for functions that take structured inputsBuild high-level object-based libraries and programsApply existing C libraries for doing advanced math, talking to Internet servers, and running databases