Reddit reviews The Web Application Hacker's Handbook: Discovering and Exploiting Security Flaws
We found 6 Reddit comments about The Web Application Hacker's Handbook: Discovering and Exploiting Security Flaws. Here are the top ones, ranked by their Reddit score.
The Web Application Hacker's Handbook is a pretty good read. I didn't read the 3rd edition of Hacking Exposed but the second one was only mediocre.
Ok - Here's a list of books I've read in the last few years
As you can tell, I'm big on the technical books, and even exam prep books. This is just a selection, but I think it's a good starter pack to some different fields.
I second practice. It takes many, many hours to become a great hacker.
I would look into some SANS courses http://www.sans.org/ . check out OWASP http://www.owasp.org/index.php/Main_Page . download their web goat project. it is a stand alone web app that has vulns built in, so you can learn by hacking your own test box. maybe try hack this site, http://www.hackthissite.org/ . there are also some great books out there on this subject, I personally like "The Web Application Hacker's Handbook" by Stuttard and Pinto.http://www.amazon.com/Web-Application-Hackers-Handbook-Discovering/dp/0470170778/ref=sr_1_1?ie=UTF8&s=books&qid=1267739640&sr=8-1 . Stay ethical :) EDIT for TOOLs I forgot to mention tools, there are so many. I would probably focus on downloading a framework VM and testing trough it, you can try SamuraiWTF(web test framework) Or Backtrack. I have used both, and they are both pretty good.
Along that same vein is Web App hackers' handbook
Someone already mentioned OWASP, so i'll second that one.
I am currently reading:
The Web Application Hacker's Handbook: Discovering and Exploiting Security Flaws - Dafydd Stuttard So far its been a really good book giving you good examples easy to read and follow.
First off, the term is 'cracker', and second, I would think you need to be both. Knowing how crackers get into web applications helps you as a developer secure your applications. I know I personally found books like this to be invaluable:
http://www.amazon.com/Web-Application-Hackers-Handbook-Discovering/dp/0470170778
As well as publications like 2600. I don't crack systems, I use them as a how NOT to write applications guide