The Web Application Hacker's Handbook and over 2 million other books are available for Amazon Kindle . Learn more
Buy Used
£14.64
+ £2.80 UK delivery
Used: Good | Details
Sold by rbmbooks
Condition: Used: Good
Comment: Used, good: average wear, reasonable shape, may have limited notes and/or highlighting. Delivered in 10-12 business days from Germany. Money-back guarantee.
Trade in your item
Get a £2.65
Gift Card.
Have one to sell?
Flip to back Flip to front
Listen Playing... Paused   You're listening to a sample of the Audible audio edition.
Learn more
See all 2 images

The Web Application Hacker's Handbook: Discovering and Exploiting Security Flaws Paperback – 19 Oct 2007

8 customer reviews

See all 3 formats and editions Hide other formats and editions
Amazon Price New from Used from
Kindle Edition
"Please retry"
Paperback
"Please retry"
£20.00 £10.59


Trade In this Item for up to £2.65
Trade in The Web Application Hacker's Handbook: Discovering and Exploiting Security Flaws for an Amazon Gift Card of up to £2.65, which you can then spend on millions of items across the site. Trade-in values may vary (terms apply). Learn more

Product details

  • Paperback: 768 pages
  • Publisher: John Wiley & Sons (19 Oct. 2007)
  • Language: English
  • ISBN-10: 0470170778
  • ISBN-13: 978-0470170779
  • Product Dimensions: 18.8 x 4.1 x 23.4 cm
  • Average Customer Review: 4.5 out of 5 stars  See all reviews (8 customer reviews)
  • Amazon Bestsellers Rank: 200,128 in Books (See Top 100 in Books)
  • See Complete Table of Contents

More About the Authors

Discover books, learn about writers, and more.

Product Description

Review

"If you have an interest in web application security, I would highly recommend picking up a copy of this book, especially if you’re interested in being able to audit applications for vulnerabilities". — Robert Wesley McGrew, McGrew Security

From the Back Cover

Hack the planet Web applications are everywhere, and they′re insecure. Banks, retailers, and others have deployed millions of applications that are full of holes, allowing attackers to steal personal data, carry out fraud, and compromise other systems. This innovative book shows you how they do it. This is hands–on stuff. The authors, recognized experts in security testing, take a practical approach, showing you the detailed steps involved in finding and exploiting security flaws in web applications. You will learn to: Defeat an application′s core defense mechanisms and gain unauthorized access, even to the most apparently secure applications Map attack surfaces and recognize potential entry points Break client–side controls implemented within HTML, Java®, ActiveX®, and Flash® Uncover subtle logic flaws that leave applications exposed Use automation to speed up your attacks, with devastating results Delve into source code and spot common vulnerabilities in languages like C#, Java, and PHP Know your enemy To defend an application, you must first know its weaknesses. If you design or maintain web applications, this book will arm you with the protective measures you need to prevent all of the attacks described. If you′re a developer, it will show you exactly where and how to strengthen your defenses. Additional resources online at www.wiley.com/go/webhacker Source code for scripts in this book Links to tools and resources Checklist of tasks involved in attacking applications Answers to the questions posed in each chapter A hacking challenge prepared by the authors

Inside This Book

(Learn More)
Browse Sample Pages
Front Cover | Copyright | Table of Contents | Excerpt | Index | Back Cover
Search inside this book:

Customer Reviews

4.5 out of 5 stars
Share your thoughts with other customers

Most Helpful Customer Reviews

5 of 5 people found the following review helpful By Kiffin Gish on 11 July 2009
Format: Paperback
This book is quite thick but it covers just about any aspect of web application security that one could possibly imagine. It provides a very readable content without diving into too much technical detail. Rather than focusing on a single technology, it covers various web frameworks and their specific vulnerabilities. Perhaps the most valuable part of the book is the final chapter in which an excellent methodology checklist is provided which allows one to verify security of a given web application step by step. After having finished this book I came to realize how valuable awareness of security issues is to the long term success of a give web application which must not only perform well but remain robust and stable to any and all security attacks.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
2 of 2 people found the following review helpful By Michael PoulChuck on 8 Oct. 2009
Format: Paperback
If you have already purchased this book then you are in a very good way to find out truths and lies on Web Application penetration testing. This book touches almost all topics that regard Web Application security and attack vectors/methods (my only objection is the lack of Web Services security).

Since there is no book that does-it-all, following the provided references is mandatory to successfully digest the entire information. Along with Andreu's, this is one of the books that will stay for long as an asset in your arsenal and operate as an day-to-day reference on Web Application pentesting.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
7 of 8 people found the following review helpful By Mr. Gary Oleary Steele on 22 Feb. 2008
Format: Paperback
The Web Application Hackers Handbook continues the tradition of the other books in the "Hackers Handbook" series in being specifically written for people who are serious about testing and protecting the security of their network and applications.
As a full time Application tester most of the books I've read have been of little use, typically providing page filler examples of vulnerabilities and techniques that have been and gone or have offered little in the way of new information. This book however is bang up to date and teaches assessment techniques that will still be current for a long time to come.
If you're hoping to pursue a career in security, need the best reference available, or are trying to get to grips with the threats posed to your web application, you should buy this book.

At our organisation all of our technical staff have a copy and have all found it useful.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
Format: Paperback
I am currently currently filling in some gaps on my Web Application hacking skills, and based on multiple recommendations I bought this book. I have to say the book is well written, and in particular the first few sections are great. The book goes into some good information tools used as well.

The problem? To take full advantage of the book you are require to pay $7 an hour to access the online application... Yes $7 an hour for a book you pay £30 for. The later chapters are full of 'Try It' with links and references to this expensive lab. If you aren't prepared to pay for it, this kind of kills the immersion of learning the techniques described in the book.

If the lab was avalible free (Or just cheaper) then it could potentially be one of the best learning tools for Web Application hacking. For me personally, I just don't like it... I will use the book as a reference, but I don't feel like using it as a learning tool.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again


Feedback