Customer Reviews


7 Reviews
5 star:
 (5)
4 star:
 (2)
3 star:    (0)
2 star:    (0)
1 star:    (0)
 
 
 
 
 
Average Customer Review
Share your thoughts with other customers
Create your own review
 
 
Most Helpful First | Newest First

5 of 5 people found the following review helpful
5.0 out of 5 stars Good read, 11 July 2009
This book is quite thick but it covers just about any aspect of web application security that one could possibly imagine. It provides a very readable content without diving into too much technical detail. Rather than focusing on a single technology, it covers various web frameworks and their specific vulnerabilities. Perhaps the most valuable part of the book is the final chapter in which an excellent methodology checklist is provided which allows one to verify security of a given web application step by step. After having finished this book I came to realize how valuable awareness of security issues is to the long term success of a give web application which must not only perform well but remain robust and stable to any and all security attacks.
Help other customers find the most helpful reviews 
Was this review helpful to you? Yes No


2 of 2 people found the following review helpful
5.0 out of 5 stars Can't get better than this!, 8 Oct. 2009
By 
Michail Poultsakis (UK, Greece) - See all my reviews
(REAL NAME)   
If you have already purchased this book then you are in a very good way to find out truths and lies on Web Application penetration testing. This book touches almost all topics that regard Web Application security and attack vectors/methods (my only objection is the lack of Web Services security).

Since there is no book that does-it-all, following the provided references is mandatory to successfully digest the entire information. Along with Andreu's, this is one of the books that will stay for long as an asset in your arsenal and operate as an day-to-day reference on Web Application pentesting.
Help other customers find the most helpful reviews 
Was this review helpful to you? Yes No


6 of 7 people found the following review helpful
5.0 out of 5 stars The Best Web Application Security Book To Date, 22 Feb. 2008
The Web Application Hackers Handbook continues the tradition of the other books in the "Hackers Handbook" series in being specifically written for people who are serious about testing and protecting the security of their network and applications.
As a full time Application tester most of the books I've read have been of little use, typically providing page filler examples of vulnerabilities and techniques that have been and gone or have offered little in the way of new information. This book however is bang up to date and teaches assessment techniques that will still be current for a long time to come.
If you're hoping to pursue a career in security, need the best reference available, or are trying to get to grips with the threats posed to your web application, you should buy this book.

At our organisation all of our technical staff have a copy and have all found it useful.
Help other customers find the most helpful reviews 
Was this review helpful to you? Yes No


5.0 out of 5 stars A must have book for web app security testers, 20 Sept. 2011
By 
Sam Hartley "Sam" (UK) - See all my reviews
(REAL NAME)   
Verified Purchase(What is this?)
This review is from: The Web Application Hacker's Handbook: Discovering and Exploiting Security Flaws (Kindle Edition)
I don't think there is another book that comes close to the Web Application Hackers Handbook at the moment. This book is well thought out and is both great to read from front to back on your first time through and then to use as a reference book later on.

I have heard it referred to as the manual for Burp Suite Pro but as Burp Suite Pro should be in every web pen testers toolkit I don't think that is a bad thing. It does cover other tools too but the most important part is that it helps you understand what goes wrong with web apps and how to discover and exploit their flaws, this is much more important for web application security testing than knowing how to click 'go' on an automated scanner.

I am looking forward to receiving the second edition and trying out the labs, it is not often in day-to-day pentesting that you get to practice all the techniques discussed in the book so the labs are a welcome edition.
Help other customers find the most helpful reviews 
Was this review helpful to you? Yes No


5.0 out of 5 stars Probably the best book for webapp pentesting, 13 Mar. 2013
Verified Purchase(What is this?)
I think it doesn't have a very good chapter about SQLi (teaching sqlmap for example), but it covers almost everything you will need to test on a webapp.

It's somewhat focused in Burp Suite, a software made (I believe) by the authors of the book. But that shouldn't be a problem because it's the software you are probably going to use, as it is the less expensive and most stable software of the kind.
Help other customers find the most helpful reviews 
Was this review helpful to you? Yes No


4.0 out of 5 stars Nice Book, 22 Aug. 2013
By 
Luis Acuna "Luis" (Caracas, Venezuela) - See all my reviews
(REAL NAME)   
Verified Purchase(What is this?)
Very technical but very well explained hacking techniques for web pentesting. 100% Recommended as a reference book for any pentester.
Help other customers find the most helpful reviews 
Was this review helpful to you? Yes No


4.0 out of 5 stars Very Good, 6 Dec. 2009
By 
M. Payne - See all my reviews
(REAL NAME)   
Perhaps not as much detail as I was looking for, but a good starting point for those with little experience in the area.
Help other customers find the most helpful reviews 
Was this review helpful to you? Yes No


Most Helpful First | Newest First

This product

Only search this product's reviews