Reddit Reddit reviews The Web Application Hacker's Handbook: Finding and Exploiting Security Flaws

We found 61 Reddit comments about The Web Application Hacker's Handbook: Finding and Exploiting Security Flaws. Here are the top ones, ranked by their Reddit score.

Computers & Technology
Books
Networking & Cloud Computing
Internet & Telecommunications
The Web Application Hacker's Handbook: Finding and Exploiting Security Flaws
Wiley Publishing
Check price on Amazon

61 Reddit comments about The Web Application Hacker's Handbook: Finding and Exploiting Security Flaws:

u/koeningyou666 · 73 pointsr/netsecstudents

In my opinion; every book in this bundle is a bag of shit.

Here's a list of reputable books, again in my opinion (All links are Non-Affiliate Links):

Web Hacking:

The Web Hackers Handbook (Link)

Infrastructure:

Network Security Assessment (Link)

Please Note: The examples in the book are dated (even though it's been updated to v3), but this book is the best for learning Infrastructure Testing Methodology.

General:

Hacking: The Art of Exploitation (Link)

Grey Hat Hacking (Link)

Linux:

Hacking Exposed: Linux (I don't have a link to a specific book as there are many editions / revisions for this book. Please read the reviews for the edition you want to purchase)

Metasploit:

I recommend the online course "Metaspliot Unleashed" (Link) as opposed to buying the book (Link).

Nmap:

The man pages. The book (Link) is a great reference and looks great on the bookshelf. The reality is, using Nmap is like baking a cake. There are too many variables involved in running the perfect portscan, every environment is different and as such will require tweaking to run efficiently.

Malware Analysis:

Practical Malware Analysis (Link)

The book is old, but the methodology is rock solid.

Programming / Scripting:

Python: Automate the Boring Stuff (Link)

Hope that helps.

u/ThatOtherPerson · 52 pointsr/TumblrInAction

I work in web security. For those of you that will be working on the site, please read/have already read/be aware of the lessons found in:

  • The Web Application Hackers Handbook - Everyone that makes interactive websites should at least skim this.
  • SQL Injection Attacks and Defense - Everyone remembers "The Summer of Lulz," right?
  • Web Application Obfuscation - There's more than one way to hide an attack.

    Expect your website to be attacked. Some advice:

  • Blacklists^[1] never work. There is always a way around a blacklist. Whitelist^[2] every input.
  • Never roll your own crypto.
  • If it comes from the user's computer, it can be controlled by the user. No exceptions.
  • Relying on security through obscurity will not work (ex: hiding the key to the building in a fake rock). Obscurity can be part of a strong multi-layered larger approach (hiding the key to the building inside a safe that is bolted to the foundation and hidden in a fake rock on well-lit grounds that are patrolled by competent and well-paid guards on a shorter duration than it would take to break into the safe), but never by itself.
  • Never roll your own crypto.
  • Basic Authentication: Just Say No
  • Digest Authentication: Just Say No
  • Never roll your own crypto.
  • Encrypt-then-HMAC only. Never HMAC-then-Encrypt or Encrypt-and-HMAC.
  • https encrypts the transmission of data, it does not make the transmitted data any more/less "safe".
  • Did I mention "never roll your own crypto" yet? No? Okay. Never roll your own crypto.
  • Never transmit sensitive data as GET requests over http. Use POST body parameter/value pairs over https.
  • Never store the actual passwords, only store salted cryptographic hashes of the password. No, the users do not need to see their own password. If they forget it, email them a single-use time-limited link to a page where they can set a new one. No exceptions.
  • Never roll your own crypto.
  • Do not use MD5/SHA/SHA256/etc. for password hashing. No exceptions. Salted password hashing is a solved problem.

    If you'd like some advice, have any questions, I should be able to get back on reddit sometime tomorrow (unfortunately, I have a lot of work I need to get started on).

    [1] - Blacklist: Allow everything in except for things on this incomplete list of known bad things.

    [2] - Whitelist: Only allow in things on this list of known good things and reject everything else.
u/overflowingInt · 36 pointsr/netsec

Not very specific to those technologies but:

>Web Application Hackers Handbook (2nd edition: http://www.amazon.com/The-Web-Application-Hackers-Handbook/dp/1118026470) is pretty thorough with the vectors of attack, examples, and includes a methodology for pentesters.

>The Tangled Web - a "light" but delightful read from Zalewski on the history and modern security of web apps. He also wrote the http://code.google.com/p/browsersec/

Both are pretty recent and cover some good ground.

u/Turtl3Up · 35 pointsr/hacking

I'm the manager of application security and research at a mid-level software vendor with over 400 developers and testers and I want to recommend you ignore all of the more generic advice currently in this thread. As someone with coding experience and interest, you have a unique path to infosec that so many companies want, but find it extremely difficult to hire for.

Any company that ships software has to consider the security of their application - full stop. Most rely on scanners or annual third-party vulnerability assessments for this, but obviously that falls short. They need people who can build security in from an architectural standpoint. Someone who can actually implement the fixes suggested by the above methods, and ideally, someone who can help implement security as an integral part of the SDLC instead of as a bolt-on premise.

My recommendation is to make your way through 24 Deadly Sins of Software Security and The Web Application Hacker's Handbook. If you can understand the bulk of concepts in these two books, you'll be leagues ahead of almost any developer you find yourself up against in a hiring scenario. For the coup de gras, learn about threat modeling. It's a great way to teach other developers and testers security and to build security into any system during design instead of post-release. Check out this book which is actually probably a little too comprehensive, use this card game from Microsoft (it seems silly, but I promise you it works), and watch this talk one of the guys on my team gave at BSides Cincinnati.

If you have any questions, PM me.

u/APTMan · 26 pointsr/JobFair

Most current information you are going to want to read online. There is no substitute for that. The books I'm currently reading through are:

The Web Application Hacker's Handbook 2nd Ed

The Tangled Web

Metasploit: The Penetration Tester's Guide

Webbots, Spiders and Screen Scrapers

NoStarchPress fanboy all the way :)

Keep in mind, though, that the technical requirements are only half of being employable. You also need to be a good employee, who can work with the client and keep them satisfied. For those, I recommend:

True Professionalism

Trusted Advisor

u/keeegan · 22 pointsr/HowToHack

I have all these except the CEH (which shouldn't be on this list lol...) and they're all pretty good in their own way. Starting over, I'd go through hacker playbook while reading through the art of exploitation. You'll be pretty rounded at this point, blackhat python and metasploit will be a breeze. Do the ceh one if you're getting a job that wants to see embossed paper. Also, check out Web Application Hacker's Handbook, and Shellcoder's Handbook.

u/dud3z · 18 pointsr/blackhat

The dark side has lot of facets, it depends on what you want to achieve.

If you are already working on web applications and web in general, then you may want to start with the Web Application Hackers Handbook by Dafydd Stuttard and Marcus Pinto.

This is a very valid book and with your existent knowledge it will be a very interesting read: i may also advise you to read The Tangled Web by Michal Zalewski, this instead will give you a very in-depth look of browsers' quirks and their inner working, quirks you'll learn to exploit.. for science!

Then there is the world of binary reverse engineering and exploitation, my preferred literature on this is Hacking: the art of exploitation: keep in mind that the techniques there may be outdated, but the reasoning and much of the concepts are still valid. It's a very specific book with very detailed information and you are required to know a bit of assembler, C and very low-level stuff.

Happy hunting and good luck!

u/v3ded · 17 pointsr/hacking

While Metasploit is a good tool, I would advise you to stray away from it until you learn. (I’m ignoring the fact that you rarely use Metasploit for web penetration testing in the real world anyways...)


You can carry out most of web penetration testing with just few tools like BurpSuite (this is the main one), a directory bruteforcer (gobuster, dirbuster, dirb, wfuzz..) and Nmap. These 3 tools should give you initial idea about the web application and its structure. Then it boils down to your enumeration and ability to spot weird or possibly vulnerable behavior. What is considered as “weird” or “vulnerable” behavior? According to OWASP, countless things. They made a whole web penetration testing guide for that reason - you can find it here: https://www.owasp.org/index.php/OWASP_Testing_Guide_v4_Table_of_Contents.


Alternatively, this book (https://www.amazon.com/Web-Application-Hackers-Handbook-Exploiting/dp/1118026470) covers web based exploitation in great depths and I highly recommend you obtain it. It was one of my first books ever and is definitely among my favorites.


Another useful resources:
https://portswigger.net/web-security

https://www.hackerone.com/hacker101


EDIT:
Yes, there are other very specific tools which come in handy such as wpscan or sqlmap. While I don’t mind wpscan that much, I strongly believe one should be able to do a manual sql injection before using sqlmap (therefore avoid sqlmap when learning). This way you understand what is happening behind the green terminal ;).

PS: Sorry for formatting, typed this up on a phone. I’m also pretty tired so please excuse my janky grammar!

u/kobakai · 16 pointsr/ItalyInformatica

> Supponiamo che uno (anzi, più di uno visto che siamo tutti componenti di un LUG) voglia iniziare a smanettare un po' in quest'ambito, che cosa consigli?

di farlo :)

> Mettere su un webserver e iniziare a tentare di bucarlo con gli exploit conosciuti può essere una buona idea oppure è meglio prima procedere con altro?

Tutto fa brodo (mi', ventesimo proverbio, mi sto biscardizzando :). Però per prima cosa devono essere chiare le problematiche agli strati più bassi: boot da media esterno, forensics "malevola" (accesso al fs, reset delle password, estrazione delle password, trojanizzazione dell'OS, ..), MITM e i suoi derivati, poi nmap e network/service discovery come se piovesse, analisi di tutti i servizi esposti, poi "finalmente" potete dedicarvi anche alla parte (web) applicativa.. :)

Ci sono moltissimi "playground" per divertirsi ed imparare, sia come vm da scaricare che contest, crackme & co. online, alcuni al volissimo:

u/chickenfun1 · 12 pointsr/ProgrammerHumor

Web dev having trouble finding work? Buy this book and this book, read them and contact [email protected]

u/veeberz · 10 pointsr/netsecstudents

A principle in web app security: user input cannot be trusted.

With that in mind, the following are the kinds of user input you can mess around with: query parameters, post params, file uploads, cookies, http headers, even out-of-band inputs like emails (if they get processed) or all of the above but for a different but related service.

Sometimes user input can be crafted to exploit unexpected behavior. Causing a 500 error may give you interesting error messages. Maybe form input isn't sanitized and you can perform sql injections, XSS, and the like. File uploads - do the files appear to be uploaded to their server (and not something like S3)? Try dropping php files (if it's a php application), try XXE if Word or Excel documents are expected. All sorts of fun possibilities can be explored wherever there is any user input.

Another subject worth studying: attacking authentication. Is there no rate limiting? Usernames can be enumerated? How about a brute force attack? Take a look at the session token in the cookies - can you reuse them? Are they custom-made (does not appear to be generated by a known framework)? Try attacking the token-generation scheme itself. Discovered an XSS vuln and the cookie entry for the session token is not set to http only? Write a script to steal them cookies - that'll be your XSS payload - sit back and wait for someone to bite.

I think exploring these topics is a great start.

Recommended reading:

https://www.amazon.com/Web-Application-Hackers-Handbook-Exploiting/dp/1118026470

Edit: to add, the tools you have listed are info gathering tools. That's the first thing you want to use to give you a nice idea about potential attack vectors. Sometimes dirbuster can yield nice results in itself. For example, I found a deployment script sitting on a prod server - with AWS keys!!! Tip for info gathering: you can use builtwith to see what tech the target is using, and tailor info gathering scripts (like dirbuster) for that.

u/elvinguitar · 7 pointsr/AskNetsec

IMO, these books are the best ones for web pentesting:

The Web Application Hacker's Handbook

The Tangled Web

OWASP Testing Guide v4

u/drstranglove · 7 pointsr/AskNetsec

Servers should always be hardened and because everyone likes long guides the National Vulnerability Database actually maintains a lot of information regarding hardening servers. So for the actual server itself can be hardened using the following guide located here. That is for Red Hat Enterprise Linux 5. It will change from distro to distro, but some things are pretty standard. I agree with PalermoJohn as well that learning more about networking will certainly help you in securing your server and network.

For applications running on your web server the link for OWASP Top 10 that Rsaesha posted will help you. If you have more time and would like to learn about Application Security, The Web Application Hacker's Handbook is a great resource to learn a lot about security in Web Applications.

Both application and network level security are required to truly secure your web server.

Cheers!

u/Pardon_my_dyxlesia · 5 pointsr/hacking

I was personally recommended by my mentor Hacking: The Art of Exploitation, and The Web Application Hacker's Handbook: Finding and Exploiting Security Flaws
Also some companions sent me some readings on index articles. I'm not so sure of the titles, but just browse around.

http://slav0nic.org.ua/static/books/

http://hackbbs.org/article/book/

u/CaulkParty · 5 pointsr/InternetIsBeautiful

The actual link OWASP Top 10 2013. This list is in the process of being updated so the information isn't exactly accurate anymore.

For more in depth reading I'd suggest The Web Application Hacker's Handbook. Also check out /r/netsec for a good discussion platform.

u/jhaddix · 5 pointsr/netsec

Hi Pandas_sniff! (love the name) I’m a firm advocate of the Web Application Hacker’s Handbook. I think if you look at the reviews for version 2 i’m probably one of the featured ones. It really is all encompassing for most of what application security testing should start out as. It does suffer from being a textual reference though (a snapshot in time), so I also commonly recommend learning from the OWASP Testing Guide v4 as it has frequent wiki-like updates. I could spend all day talking about resources for learners! There are some excellent (free) videos by Jeremy Druin on using Burp Suite and application testing, I absolutely love Pentesterlab.com and all of their exercises, and Sam has written a very good guide on getting started in bounty work

As for how effective these resources are “out of the gate” i think they are tremendously helpful. For example, using the above resources i’m sure any apt student of them could identify IDOR’s or basic injections. Over time these skills become second nature and free up the tester to focus on newer, cutting-edge hacks/technology. Hope that answers the question =)

u/spidermesh · 4 pointsr/AskNetsec

This list of resources is a good place to start. For security in general you can read security+ book by darril gibson or for deeper knowledge cissp book by eric conrad. For netsec you can look at this and the hacker playbook series. For pentesting oscp certification is the golden standard so if you search online on how to prep for it there are a lot of guides that will give you general idea. Take a look here and here. You can practice here or here.
For websec wahh is the main resource. With practice here, here, here and here.

u/marxocaomunista · 3 pointsr/portugal

Faz VMs/CTFs em casa, lê o Web Application Hacker's Handbook. Depois candidata-te a trabalhos na área. That easy.

​

Não tenho mestrado nenhum na área de cybersec (tenho em telecom), e já vou no segundo ano na área sem nunca ter trabalhado antes.

u/_Skeith · 3 pointsr/AskNetsec

Go here and learn about the vulnerabilities - www.hacksplaining

Review the OWASP Top 10

Buy, read, and understand The Web Application Hacker's Handbook - this is the holy bible in the Web Penetration Realm.

Set up a VM and download DVWA as well as Mutillidae to practice web hacking and exploitation on.

If you are really new to pentesting in general - go and read my blog https://jhalon.github.io/.

I suggest you read the Vulnhub Writeup's and well as the Holiday Hack Challenge and the OverTheWire Natas ones as they are related to web hacking and will show you stesp from enumeration to exploitation.

Also since you are going to be interning at a company that does this, please familiarize yourself with the The Penetration Testing Execution Standard

Hope that sheds some lights, cheers!

u/apt_snake_oil · 3 pointsr/singapore

I think very poorly of the cyber security courses offered (except NUS) in Singapore, as the things they teach are not aligned with the industry practices - either outdated or just not practical enough.

Having said that, if you have the time, I would suggest taking the SIT degree instead of the diplomas (waste of time IMO) and hopefully it provides you the fundamentals (programming, network and system administration) and be exposed to some other topics in cybersecurity.

If you are doing a career switch, I suppose you want to get up to speed fast by focusing on the need to have knowledge as a baseline. I would suggest taking the time to go through these stuff in details, setup your labs and practice the stuff

  1. https://www.cybrary.it/course/comptia-network-plus/
  2. https://www.amazon.com/Kali-Linux-Revealed-Penetration-Distribution/dp/0997615605
  3. https://www.amazon.com/Network-Security-Assessment-Know-Your/dp/149191095X
  4. https://www.amazon.com/Web-Application-Hackers-Handbook-Exploiting/dp/1118026470

    Other wise, there are hands on courses and industry certifications that you can take online at your own pace and employers look out for such as:

  5. https://www.elearnsecurity.com/training_paths/ (eLearnSecurity is good because they have a progression path from student onwards )
  6. https://www.offensive-security.com/information-security-certifications/oscp-offensive-security-certified-professional/ (I don't encourage going for this as a starter unless you already have some fundamental knowledge and skillets for system administrations but this is highly recognised in the industry)
  7. You can also go for SANS or what not, I think it's just too expensive for my liking.

    There is no one path to becoming a good pentester. However from my observations, folks who tend to be more in demands (with or without certifications/formal educations) are those who can display the ability to learn stuff on their own. This is an industry of skills and continuous learning. For employers that pay top dollar and provide time for training, learning and research, they are looking for folks who can display those stuff through actions.

    ​

    Source: Pentester
u/3nvisi0n · 3 pointsr/HowToHack

I'd recommend checking out The Web Application Hackers Handbook: http://www.amazon.com/The-Web-Application-Hackers-Handbook/dp/1118026470

Its a solid book that covers a lot of what you'd want to know. It does make heavy use of the free BURP suite tool which is a fairly standard tool for web pentesters. It doesn't do everything for you but it helps manual testing.

u/ArkionA · 3 pointsr/ITCareerQuestions

Absolutely love being a pentester and the cyber security industry. If you are willing to put in the time and study it can be very rewarding. CEH is a good step in the right direction and should open doors for you.
For entry level positions, pentesting is usually split into two areas, web application and internal/external infrastructure. It's good to have knowledge of both but it's worth choosing which area interests you the most. Personally, I specialise in web applications & API and there is a lot of online resources to help you. (As you have mentioned owasp top 10, I'll assume web apps is your interest)


The best way to learn a vulnerability and get a good understanding is to create vulnerable web pages (this also gives you something to take into an interview). I would suggest doing some basic LAMP stack (Linux, Apache, Mysql, PHP) - Don't let this put you off as it's actually pretty simple. If you can make a few vulnerable pages to display vulnerabilities, you will fly through entry level interviews.


it's really simple to do.. Here is a form that is vulnerable to cross-site scripting. (a few lines of php with some html)
---

<form method="POST" action="">

<p> <input type="text" name="xss"/></p>

<input type="submit">

<?php
$value = $_POST['xss'];
echo $value;
?>

Reading Material:

https://www.amazon.co.uk/Web-Application-Hackers-Handbook-Exploiting/dp/1118026470

https://www.amazon.co.uk/Network-Security-Assessment-Know-Your/dp/149191095X


Practical learning
DVWA (Damn Vulnerable Web App) - Purposely vulnerable web pages to practice exploiting.
http://www.dvwa.co.uk/


Once you have a bit of experience have a look at hackthebox

https://www.hackthebox.eu/

u/Kravego · 3 pointsr/AskNetsec

Get this book and go through it. A LOT of the crowsourced pentesting platforms have web application testing as their bread and butter.

And the other user who suggested it got downvoted for some reason, but further down the line you should go for GWAPT. I say further down the line because, like all SANS certs, it's expensive af.

Web app pentesting is the largest pentesting market around right now, so it's a good one to jump into. Good luck!

u/suicidalginger · 3 pointsr/HowToHack

I don't know how in depth you want to learn, how in depth determines our recommendations.

  1. Do you want to just find out if a site is vulnerable?
  2. Do you want to learn how attacks work and how the defenses to those attacks work?
  3. Do you want to get certified in security and make that a huge part of your resume?

    You sound like you want the second option.

    The key phrase for you is going to be "web application security". That is what security experts (and anyone in this industry) call it.

    For web application security there is kind of one master book that covers almost everything, The Web Application Hackers Handbook. I have the book siting right in front of me its about 900 pages and covers just about everything you could ever ask for. Also you'r going to want to get Burp Suite. You can install Kali linux in a VM and it has Burp Suite (recommended) or you can download the free edition for Windows from there website.

    Along with the book set up DVWA (there are hundreds of tutorials online on how to do that, hint use XAMPP.) or you can use the paid labs they mention in The Web Application Hackers Handbook. Also visit HackThisSite and other sites that offer web application security practice.

    So lets recap:

  4. Buy The Web Application Hackers Handbook.

  5. Setup DVWA.

    3.Visit sites that offer web application security challenges.



    By the end of that you should be pretty good at attacking web applications.
u/cquick97 · 3 pointsr/AskNetsec

Depends on what you want to learn.

Web Application Security?

Exploit Development?

"Pentesting" techniques?

Also check here for tons other of resources.

As for certs, if you are a beginner beginner, then probably stuff like Security+ and Network+. Unlike the guy behind me, I will never get, nor do I really recommend CISSP, unless you are going for strictly blue team (defense) work. I personally enjoy red team (pentesting, etc), so something like OSCP would be more useful.

Like I said in a post above, feel free to PM me with questions. I'm always happy to help others on their quest to learn more about the wide world of infosec :)

u/netscape101 · 2 pointsr/AskNetsec

Thanks, what do you think of this book?
http://amzn.com/1118026470 (Web Application Hacker's Handbook 2nd Edition)

u/mhurron · 2 pointsr/AskNetsec

I've had this bookmarked forever (Probably linked to from here)

http://www.irongeek.com/i.php?page=videos/web-application-pen-testing-tutorials-with-mutillidae

I have no comments on the quality of the information, it's been on the master to-do list for damn near ever.

If you want to spend some money there is also http://www.amazon.com/gp/product/1118026470/ref=ox_sc_sfl_title_2?ie=UTF8&psc=1&smid=ATVPDKIKX0DER

(again, it's been mentioned here, and again, can't say anything about it personally, master to-do list)

u/ladywanking · 2 pointsr/cscareerquestions

Just do your degree and start exploring ethical hacking, get involved with community.

Personally, I think great ethical hacker needs great understanding of networking, assembly, and OS, all of which you can learn in UofT.
These 3 topics are critical, you actually need to understand how to find vulnerabilities to be great in cybersec.

Also, start attending https://www.defcon.org

This book has been recommended to me as a high level introduction: https://www.amazon.ca/Web-Application-Hackers-Handbook-Exploiting/dp/1118026470/ref=pd_lpo_sbs_14_img_1?_encoding=UTF8&psc=1&refRID=195742DY502NMJ1N4JBT

Also, install cali linux and get some introductory level book on it.

Source: worked for a cyber sec in one of the Big4, worked with ethical hackers, and helped them with security scanning.


u/TailSpinBowler · 2 pointsr/netsecstudents

What kind of coding, and what are you interested in regarding security exactly? I would brush up on some python personally.

If you are inclined to read, I think the following are essential.

u/kira156 · 2 pointsr/AskNetsec

The web application hacker's handbook is an excellent book for web applications pentesting. https://www.amazon.com/Web-Application-Hackers-Handbook-Exploiting/dp/1118026470

u/science830 · 2 pointsr/learnprogramming

When i was in the process of applying for Matasano Security, they had me read this book and said it covered web security (fit application security is your thing): http://www.amazon.com/The-Web-Application-Hackers-Handbook/dp/1118026470

u/ITestPenetration · 2 pointsr/security

Penetration Testing: A Hands-On Introduction to Hacking by Georgia Weidman is similar to the OSCP syllabus and a good introduction.

The Web Application Hacker's Handbook: Finding and Exploiting Security Flaws 2E is the web application hacking bible.

Don't take any shortcuts, if you don't understand any topics read around them and make sure you do - that is usually a good start.

u/pixel1 · 2 pointsr/IWantToLearn

I don't know if you're specifically interested in learning about the security and security flaws of web apps specifically, but I would definitely recommend The Web Application Hacker's Handbook as it's an amazingly thorough guide on vulnerabilities.

Typically you start testing sites by using a security toolkit underneath your browser, such as Burp Suite. I don't do much of this stuff myself so hopefully this'll get you started.

Also /r/howtohack might be helpful, along with this thread to find some good hacking practice (DONT hack sites you don't have permission for)

Good luck!

u/MikeCodesThings · 2 pointsr/AskNetsec

Some great resources are The Web Application Hackers Handbook. It's a long read but very in-depth. Link

If you want to practice as you read look into Damn Vulnerable Web App (DVWA) [Link] (http://www.dvwa.co.uk/), Pentester Lab challenges [Link] (https://www.pentesterlab.com/), bWapp. Learn how to use tools like Burp, ZAP, sqlmap, and BEEF (among others).

I've also heard that Security Tube has a lot of great videos but I haven't checked it out personally yet.

As for fundamental knowledge, you'll need to understand how the web and web applications work. Things like HTTP/HTTPS, HTTP methods, forms, Javscript, sessions, cookies, databases. Also about application input, application frameworks, application firewalls. If you don't have any programming experience, you should start learning some fundamentals to understand application logic and structure. This can help you think of assumptions that developers made and how you might be able to bypass or work around those assumptions to do things that weren't intended or anticipated.

u/PM_ME_YOUR_0-DAYS · 2 pointsr/AskNetsec

> Ps; anyone know of a good recommendation on how to start on web apps on the labs. Looking for a good book or resource.

The OSCP web app portion is good, but if you're like me you might benefit from some supplemental materials. Not necessarily specific to the course, but I found these resources really helpful for working on my web app skills

u/CodeThree · 2 pointsr/HowToHack

OWASP Testing Guide

Also check out the Web App Hackers Handbook. This is an extremely handy book to reference to during tests. It would be a good starting point for you to check out.

u/TheHelgeSverre · 2 pointsr/PHP

If you want a very comprehensive (althought maybe a bit dry) resource on web app security, I recommend The Web Application Hackers Handbook, it covers most of the web security stuff like remote file inclusion, sql injection, csrf xss etc etc.

u/Evexor · 1 pointr/hacking

http://www.amazon.com/Web-Application-Hackers-Handbook-Exploiting/dp/1118026470
this book is definitely what you're looking for, it talks about EVERYTHING in web security.

u/2017_goal · 1 pointr/cscareerquestions

Hiya. Are there any books you would recommend to someone wanting to shore up their knowledge on security?

I'm intending to go through the below to get a grasp of the field:

u/gaten · 1 pointr/netsec

I'd suggest "The Mobile Application Hacker's Handbook" (http://www.amazon.com/The-Mobile-Application-Hackers-Handbook/dp/1118958500).

Combine it with "The Web Application Hacker's Handbook" (http://www.amazon.com/gp/product/1118026470/) and you should have a pretty good handle on testing mobile security, including the backend stuff.

These are both from a "breakers" point of view, but they go into how to secure/prevent the various attacks they teach, so are a very good source for developers.

As some general tips and what to look for, especially concerning secure communications, look into certificate pinning, message signing, and don't store anything sensitive on the device without encryption (or on the server).

Source: I break mobile apps and websites for a living

u/tacobellsupport · 1 pointr/AskNetsec

I would recommend reading:

http://www.amazon.com/The-Web-Application-Hackers-Handbook/dp/1118026470

and looking at CTF challenges focused on web over at CTFTime.org

u/JustinEngler · 1 pointr/AskNetsec

Great intro resource to web attacks and defenses. Start with their "top 10":
http://www.owasp.org

In-depth discussion of exactly how to carry out different types of attacks:
http://www.amazon.com/The-Web-Application-Hackers-Handbook/dp/1118026470

u/standardoutput · 1 pointr/netsec

Yes, here's the book (https://www.amazon.com/Web-Application-Hackers-Handbook-Exploiting/dp/1118026470). The key with web application security, the one main rule is, never trust anything the user sends you. That means, you can do a lot (almost everything) just manipulating HTTP requests, which usually requires only minimal HTML/CSS knowledge.

Without understanding some HTML/CSS/JS, you may have a hard time with getting XSS to pop, without knowing some XML, you might have trouble understanding things like XXE, and without understand SQL, you might have issues with SQLi. BUT, there are a lot of things you can start doing without that.

In general though, you can do a lot by just learning how to proxy requests with Burp and setting up a vulnerable web app. If you're trying to learn and gain fluency in HTML/CSS, you're going to be doing a lot of unnecessary work. It's good to understand how these work, but you'll pick up most of what you need as you research and learn about specific vulnerabilities.

u/Jeseh · 1 pointr/suggestmeabook

Here are a couple to consider. My apologies if the formatting sucks. I'm on mobile.

The Web Application Hacker's Handbook 2nd Ed

The Tangled Web

u/wolf2600 · 1 pointr/college

http://www.uscyberchallenge.org/cyber-camps/

Next spring, plan on taking the Cyber Challenge in order to try to get an invitation to one of the Cyber Camps. I went to one a couple years ago and the amount of knowledge you learn is incredible.

Also, buy this book (buy the physical book, not just an e-book) and study it thoroughly. This is the bible.


side note... even if you delete the original post, the replies you've posted are still visible in your profile.

u/tweaked540 · 1 pointr/promos

Hey Jaedekdee,

Yup, still checking these out. I'd recommend you read only the 2nd book (as it's more up-to-date) and if you are a web developer, an old but great book is "The Web Application Hacker's Handbook" http://www.amazon.com/The-Web-Application-Hackers-Handbook/dp/1118026470.

There are a ton of great resources out there, but it's all about which security niche area you want to go into. For example, malware reversing, forensics, pentesting, metasploit, mobile, low level (like shellcoders handbook), and etc. If you are looking for more general books on hacking, the Hacking Exposed series also has a good grasp on the basics. Let me know if that helps!

u/coffeeUp · 1 pointr/cscareerquestions

Depending on the company and organization you're a part of, the SDET role can sometimes be flexible enough to begin blending into DevOps (Infrastructure) or Tooling territory.


I'm an SDET myself and I imagine I'll eventually find my way to a DevOps/SWE/SDE/Infosec type role myself. But in the meantime, I enjoy what I do. A friend of mine was an SDET and was able to demonstrate his SDE-specific skills and land a full time SDE role with a Big 4 company. So definitely possible, just make sure you're strong on coding and algorithmic understanding / problem solving.


I do have some specific feedback to assist with your goals though:


> Some other interests of mine that I don't get to really work with are linux administration, front-end web development, data analyst/sql stuff, and information security.


Some of these can be incorporated into your work depending on your role:


  • Front-end web dev: Build out some internal tools to assist with different QA or Test specific tasks (or take existing test tools or scripts) and put them into a React or Angular app. Lets you build out something interesting while still being related to your role and work responsibilities.


  • Data Analyst/SQL stuff: Build out some dashboards or other reports to show QA or Test coverage, better aggregate test records over time (how often has this test passed or failed historically, etc). Will provide value to others and help with oversight/insight into test - best to work with potential stakeholders (Managers, Directors) who may be interested in this data after you have a basic proof of concept, see if they can support (or would like) this data.


  • Information security: Start reading up on some resources to support your testing of potentially vulnerable systems or web apps that you support (ie, read up on https://www.amazon.com/Web-Application-Hackers-Handbook-Exploiting/dp/1118026470 if you test web applications). Obviously this type of testing would be best carried out in a sandbox test environment, to give you better logs and if you discover something impactful it is contained to a test machine you can just rebuild if it breaks.


    Hope this helps and good luck!
u/Packet-Fox · 1 pointr/HowToHack

I see this book recommended a good it: https://www.amazon.com/Web-Application-Hackers-Handbook-Exploiting/dp/1118026470

For the price I think it is a decent resource.

For playing around you can also use https://hack.me - there are a few good challenges on there.

u/KevinHock · 1 pointr/netsec

Senior Security Engineer

Hi, I'm Kevin Hock and I work on the DataDog security team.
We are looking for some talented security engineers to join our security team here in NYC.

How Do I Apply

Send me an email with your resume and GitHub at [email protected]

What you will do

  • Perform code and design reviews, contribute code that improves security throughout Datadog's products
  • Eliminate bug classes
  • Educate your fellow engineers about security in code and infrastructure
  • Monitor production applications for anomalous activity
  • Prioritize and track application security issues across the company
  • Help improve our security policies and processes

    Who you should be

  • You have significant experience with network and application security
  • You can navigate the whole stack in pursuit of potential security issues
  • You want to work in a fast, high growth startup environment

    Bonus points

  • You contribute to security projects
  • You're comfortable with python, go and javascript. (You won't find any PHP or Java here :D)
  • CTF experience (I recommend you play with OpenToAll if you don't have any)
  • Program analysis knowledge

    Sample interview questions

  • Flip to a page of WAHH, TAOSSA, CryptoPals, ask you about it.
  • Explain these acronyms DEP/ASLR/GS/CFI/AFL/ASAN/LLVM/ROP/BROP/COOP/RAP/ECB/CBC/CTR/HPKP/SSL/DNS/IP/HTTP/HMAC/GCM/Z3/SMT/SHA/CSRF/SQLi/DDoS/MAC/DAC/BREACH/CRIME?
  • How would you implement TCP using UDP sockets?
  • How do you safely store a password? (Hint: scrypt/bcrypt/pbkdf2)
  • How does Let'sEncrypt work?

    Hat tip to Levi at SquareSpace, also on this thread, he is an awesome person to work with. David Wong, a crypto king of NCC, on this very Q4 thread, is also a great person to work with in Chicago.
    If you're looking to break stuff more than build stuff hat tip to Chris Rohlf's Yahoo! team.
    Random other places you can apply in nyc: MongoDB, Jane Street, 2 sigma, greenhouse.


    I personally applied because I love Python but I like the company a lot so far.
u/checky · 1 pointr/HowToHack

The Web Application Hackers Handbook is your best bet.


http://www.amazon.com/The-Web-Application-Hackers-Handbook/dp/1118026470


*For your next book purchase

u/Roxxo9001 · 1 pointr/learnprogramming
u/Makhann82 · 1 pointr/netsecstudents

Are you referring to this book;

http://www.amazon.com/Hacking-Art-Exploitation-Jon-Erickson/dp/1593271441

I see in the description that it says it's not a big deal if you don't know programming. Do you find this to be true?

I've also had

http://www.amazon.com/Web-Application-Hackers-Handbook-Exploiting/dp/1118026470

Recommended to me. The description talks about html etc. do you need to know these languages before you dive into these book? Or is it more like they teach you just what you need to know about a specific language / vulnerability inside of a language/piece of code.

Thanks

u/dougsec · 1 pointr/computerforensics

Since this is the subreddit for DFIR, that's what you're going to end up with as far as suggestions go. For pentesting stuff, checkout:

-Web Application Hacker's Handbook: https://www.amazon.com/Web-Application-Hackers-Handbook-Exploiting/dp/1118026470 (this has some labs, but just reading through the various weaknesses in WebApps will be a great start)

-The Hacker Playbook: https://www.amazon.com/dp/1512214566/ref=pd_lpo_sbs_dp_ss_1?pf_rd_p=1944687742&pf_rd_s=lpo-top-stripe-1&pf_rd_t=201&pf_rd_i=1118026470&pf_rd_m=ATVPDKIKX0DER&pf_rd_r=1NSA1RZZ3WQTP374S9WK

Red Team Field Manual: https://www.amazon.com/Rtfm-Red-Team-Field-Manual/dp/1494295504/ref=pd_bxgy_14_img_2?ie=UTF8&psc=1&refRID=S7FG8F9TCMZMM9HVX2TN

Those two are good general pentesting books. You might also try /r/AskNetsec for other suggestions.