COMPUTERS

THE WEB APPLICATION HACKER’S HANDBOOK

The Web Application Hacker’s Handbook: Finding and Exploiting Security Flaws by Dafydd Stuttard and Marcus Pinto is a comprehensive guide to web application security, covering the discovery, exploitation, and prevention of vulnerabilities like SQL injection, cross-site scripting, and logic flaws, with a practical focus on real-world examples and a proven methodology. The book, particularly the second edition, is considered a key resource for security professionals, detailing techniques for testing authentication, session management, access controls, and more, and includes a companion website with tools and exercises. 

Key aspects of the book

  • Authors: Dafydd Stuttard (creator of Burp Suite) and Marcus Pinto are experienced security consultants and trainers. 
  • Content: It covers a wide range of topics, from basic defense mechanisms to advanced attacks, including:
    • Mapping and analyzing applications 
    • Bypassing client-side controls 
    • Attacking authentication and session management 
    • Code injection and path traversal 
    • Logic flaws and attacks on other users 
    • Automating attacks 
    • Newer technologies like HTML5 and cross-domain integration 
  • Methodology: It presents a structured methodology that combines human intelligence with automated tools, often using the authors’ own tools like Burp Suite. 
  • Practicality: The book uses real-world examples, screenshots, and code extracts to provide a hands-on approach to security testing. 
  • Companion Website: A website hosted by the authors offers additional resources, including answers to chapter questions and a checklist. 
DOWNLOAD
backspace
caps lock enter
shift shift
Virtual keyboard by Loderi.com   « » { } ~