Learn how to execute web application penetration testing from end to end Key Features Build an end to end threat model landscape for Web Application Security Gain hands-on experience of using tools like Nmap, Metasploit, and Burp Suite Understand the web application vulnerabilities and learn the heart of web intrusion testing Elevate your skills to associate the network vulnerabilities to a web application infrastructure Book Description Companies all over the world want to hire professionals dedicated in Application Security. This topic is misunderstood by the security community. In this book, you will learn how to conduct application security testing using real life scenarios. Practical Web Penetration Testing starts by setting up your environment to perform web application penetration testing. You will then deep dive into different penetration testing concepts like threat modeling, intrusion test, infrastructure security threat and so on. The book will also cover advance concepts. like python scripting for automation. You will then discover end to end implementation of tools like Metasploit, Burp suite, and Kali Linux. Many companies out there deliver projects into production either using the agile methodology or the Waterfall methodology. This book will show you how to assist any company with their SDLC approach and guide you to become an application security specialist. By the end of this book, you will have hands-on knowledge of using different tools for penetration testing. What you will learn Learn how to use Burp Suite effectively Use Nmap, Metasploit and more tools for network infrastructure tests Practice all the Web Application Hacking Tools for intrusion tests using Kali Linux Learn how to analyse a web application using Application Threat Modeling Know how to conduct Web Intrusion Tests Understand how to execute Network Infrastructure Tests Master your skills by automating the Penetration Testing functions for maximum of efficiency using Python W

（我现在主要在CSDN上整理计算机安全、软件工程（可信软件）、系统及通信方面的论文及相关理论书籍，如果对这方面内容感兴趣，可以访问：http://qysh123.download.csdn.net/ 查看我上传的所有资料。内容比较多，需要大家人工手动查找。另外，资料顺序并不按照时间排列，只是想起来了就上传。请大家见谅。） ACM组织的，在软件测试与分析方面最著名的国际会议，International Symposium on Software Testing and Analysis 2011年的论文集。 传统观点认为这个会议和ICSE，POPL等大会相比层次要稍逊一筹，但我个人认为其专业性较强，大多数论文也很严谨，近年来发表文章的也多是知名高校与欧美著名研发型公司。很适合软件分析、可信软件、可靠性分析等专业的研究人员和相应测试、开发人员阅读。

Back for the third season, The Hacker Playbook 3 (THP3) takes your offensive game to the pro tier. With a combination of new strategies, attacks, exploits, tips and tricks, you will be able to put yourself in the center of the action toward victory

Owasp Testing Guide v4 中文版提供了我们在日常web安全测试中指导方向,并且在安全测试中的安全思想。

Selenium 测试工具使用方法 本书主要介绍了关于 WebDriver一些主要 API的使用，对于了解一些基础的朋友，有着非常大的帮助,超过 90 个秘籍去建立维护和改进自动化测试

英国帝国理工，D J Ewins 教授关于模态测试的经典之作。前两章讲模态理论，接着讲数据采集，模态参数估计。振动专业学生必读。

python测试框架pytest 详细的介绍，由浅到深，收益匪浅

Software Testing By Ron Patton Publisher: Sams Publishing Second Edition

电磁兼容测试,帮助理解电磁兼容方面的问题

书名：python Testing with pytest 时间 2017.09 出版，pytest是python的一种单元测试框架，与python自带的unittest测试框架类似，但是比unittest框架使用起来更简洁，效率更高。pytest官方文档地址https://media.readthedocs.org/pdf/pytest/latest/pytest.pdf 该书勘误内容在https://pragprog.com/titles/bopytest/errata