15 Introduction to Exploit Testing
At this point, you’ve examined your application from several security angles—and we hope you’ve closed a few holes in the process. You’ve written some automated tests to make sure your code works and will continue to work. This chapter is a bit like the pop quiz at the end of the week. Now we find out how effective your input validation and variable sanitation really are by emulating hacker activity, in a controlled environment.
What Is Exploit Testing?
Whenever you attempt to harden an application, there are really only two ways to know how effective your work is:
• Wait and see if your application or server is attacked, and whether the attack is successful or not.
• Emulate ...
Get Securing PHP Web Applications now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
