Reddit Reddit reviews The Web Application Hacker's Handbook: Discovering and Exploiting Security Flaws

We found 6 Reddit comments about The Web Application Hacker's Handbook: Discovering and Exploiting Security Flaws. Here are the top ones, ranked by their Reddit score.

Computers & Technology
Books
Computer & Technology Certification Guides
CompTIA
The Web Application Hacker's Handbook: Discovering and Exploiting Security Flaws
Check price on Amazon

6 Reddit comments about The Web Application Hacker's Handbook: Discovering and Exploiting Security Flaws:

u/fooxy · 3 pointsr/netsec

The Web Application Hacker's Handbook is a pretty good read. I didn't read the 3rd edition of Hacking Exposed but the second one was only mediocre.

u/Kadover · 3 pointsr/netsec

Ok - Here's a list of books I've read in the last few years

  • Gray Hat Hacking - The Ethical Hacker's Handbook - Really good intro to Software Sec / Reverse Enginering / Disclosure
  • Counter Hack Reloaded - A 'bible' of phased attacks - classic book.
  • Guide to Network Defense and Countermeasures - Technically designed as a 'prep' book for the SCNP, it's still a great read about IPS, IDS, NetSec Policies, Proxies, firewalls, packet filtering, etc
  • Hacking Wireless Exposed - Great intro read on 802.11 sec.
  • CWNA/CWSP Exam Guide - Assumes 0 knowledge about RF. More intense than Hacking Wireless Exposed, but also easier to learn from. I went into this book knowing very little about RF, left it feeling confident. Well written.
  • Snort 2.1 - Self explanatory, but a book about the IDS system Snort. Not perfect, but again, great starter book.
  • The Web Application Hacker's Handbook - The best for last. The holy grail of web hacking. Second edition SHOULD be coming very soon, depending on the drop date may be worth it to wait.

    As you can tell, I'm big on the technical books, and even exam prep books. This is just a selection, but I think it's a good starter pack to some different fields.
u/[deleted] · 2 pointsr/programming

I second practice. It takes many, many hours to become a great hacker.
I would look into some SANS courses http://www.sans.org/ . check out OWASP http://www.owasp.org/index.php/Main_Page . download their web goat project. it is a stand alone web app that has vulns built in, so you can learn by hacking your own test box. maybe try hack this site, http://www.hackthissite.org/ . there are also some great books out there on this subject, I personally like "The Web Application Hacker's Handbook" by Stuttard and Pinto.http://www.amazon.com/Web-Application-Hackers-Handbook-Discovering/dp/0470170778/ref=sr_1_1?ie=UTF8&s=books&qid=1267739640&sr=8-1 . Stay ethical :) EDIT for TOOLs I forgot to mention tools, there are so many. I would probably focus on downloading a framework VM and testing trough it, you can try SamuraiWTF(web test framework) Or Backtrack. I have used both, and they are both pretty good.

u/tupidflorapope · 1 pointr/netsec

Along that same vein is Web App hackers' handbook


Someone already mentioned OWASP, so i'll second that one.

u/INIT_6 · 1 pointr/hacking

I am currently reading:
The Web Application Hacker's Handbook: Discovering and Exploiting Security Flaws - Dafydd Stuttard So far its been a really good book giving you good examples easy to read and follow.

u/wkdown · -5 pointsr/programming

First off, the term is 'cracker', and second, I would think you need to be both. Knowing how crackers get into web applications helps you as a developer secure your applications. I know I personally found books like this to be invaluable:

http://www.amazon.com/Web-Application-Hackers-Handbook-Discovering/dp/0470170778

As well as publications like 2600. I don't crack systems, I use them as a how NOT to write applications guide