<Embed>
£26.24
  • RRP: £37.99
  • You Save: £11.75 (31%)
In stock.
Available as a Kindle eBook. Kindle eBooks can be read on any device with the free Kindle app.
Dispatched from and sold by Amazon.
The Web Application Hacke... has been added to your Basket
Have one to sell?
Flip to back Flip to front
Listen Playing... Paused   You're listening to a sample of the Audible audio edition.
Learn more
See all 3 images

Follow the author

Something went wrong. Please try your request again later.


The Web Application Hacker's Handbook: Finding and Exploiting Security Flaws Paperback – 5 Oct. 2011

4.5 out of 5 stars 298 ratings

See all formats and editions Hide other formats and editions
Amazon Price
New from Used from
Kindle Edition
Paperback
£26.24
£22.23 £23.84
Arrives: July 18 - 20 Details
Fastest delivery: Thursday, July 16
Order within 23 hrs 23 mins
Details
click to open popover

Special offers and product promotions

  • Amazon Business : For business-exclusive pricing, quantity discounts and downloadable VAT invoices. Create a free account
  • Buy this product and stream 90 days of Amazon Music Unlimited for free. E-mail after purchase. Conditions apply. Learn more

Frequently bought together

  • The Web Application Hacker's Handbook: Finding and Exploiting Security Flaws
  • +
  • Rtfm: Red Team Field Manual
  • +
  • The Hacker Playbook 3: Practical Guide To Penetration Testing
Total price: £52.67
Buy the selected items together

Enter your mobile number or email address below and we'll send you a link to download the free Kindle App. Then you can start reading Kindle books on your smartphone, tablet, or computer - no Kindle device required.

  • Apple
    Apple
  • Android
    Android
  • Windows Phone
    Windows Phone

To get the free app, enter your mobile phone number.

kcpAppSendButton


Product details

Product description

From the Back Cover

New technologies. New attack techniques. Start hacking.

Web applications are everywhere, and they're insecure. Banks, retailers, and others have deployed millions of applications that are full of holes, allowing attackers to steal personal data, carry out fraud, and compromise other systems. This book shows you how they do it.

This fully updated edition contains the very latest attack techniques and countermeasures, showing you how to break into today's complex and highly functional applications. Roll up your sleeves and dig in.

  • Discover how cloud architectures and social networking have added exploitable attack surfaces to applications

  • Leverage the latest HTML features to deliver powerful cross-site scripting attacks

  • Deliver new injection exploits, including XML external entity and HTTP parameter pollution attacks

  • Learn how to break encrypted session tokens and other sensitive data found in cloud services

  • Discover how technologies like HTML5, REST, CSS and JSON can be exploited to attack applications and compromise users

  • Learn new techniques for automating attacksand dealing with CAPTCHAs and cross-site request forgery tokens

  • Steal sensitive data across domains using seemingly harmless application functions and new browser features

Find help and resources at http: //mdsec.net/wahh

  • Source code for some of the scripts in the book

  • Links to tools and other resources

  • A checklist of tasks involved in most attacks

  • Answers to the questions posed in each chapter

  • Hundreds of interactive vulnerability labs

About the Author

DAFYDD STUTTARD is an independent security consultant, author, and software developer specializing in penetration testing of web applications and compiled software. Under the alias PortSwigger, Dafydd created the popular Burp Suite of hacking tools. MARCUS PINTO delivers security consultancy and training on web application attack and defense to leading global organizations in the financial, government, telecom, gaming, and retail sectors. The authors cofounded MDSec, a consulting company that provides training in attack and defense-based security.

Customer reviews

4.5 out of 5 stars
4.5 out of 5
298 customer ratings
How does Amazon calculate star ratings?
Reviewed in the United Kingdom on 15 January 2019
Verified Purchase
3 people found this helpful
Comment Report abuse
Reviewed in the United Kingdom on 26 July 2017
Verified Purchase
2 people found this helpful
Comment Report abuse
Reviewed in the United Kingdom on 18 December 2011
Verified Purchase
6 people found this helpful
Comment Report abuse
Reviewed in the United Kingdom on 31 May 2018
Verified Purchase
4 people found this helpful
Comment Report abuse
Reviewed in the United Kingdom on 3 February 2019
Verified Purchase
Reviewed in the United Kingdom on 12 January 2013
Verified Purchase
3 people found this helpful
Comment Report abuse
Reviewed in the United Kingdom on 26 June 2017
Verified Purchase
2 people found this helpful
Comment Report abuse
Reviewed in the United Kingdom on 24 November 2019
Verified Purchase

Top international reviews

Yash
1.0 out of 5 stars Not that good for beginners
Reviewed in India on 1 March 2019
Verified Purchase
8 people found this helpful
Sending feedback...
Thank you for your feedback.
Report abuse
Vipin
2.0 out of 5 stars Great book....bad print
Reviewed in India on 13 July 2018
Verified Purchase
review image
10 people found this helpful
Sending feedback...
Thank you for your feedback.
Report abuse
Garima
4.0 out of 5 stars Questions about the Quality
Reviewed in India on 19 October 2017
Verified Purchase
9 people found this helpful
Sending feedback...
Thank you for your feedback.
Report abuse
Ph Trinh
2.0 out of 5 stars The online resource mentioned in the book is no longer available
Reviewed in Canada on 18 November 2018
Verified Purchase
One person found this helpful
Sending feedback...
Thank you for your feedback.
Report abuse
Amazon Kunde
5.0 out of 5 stars Don't get upset about the ratings some other people gave this book
Reviewed in Germany on 12 April 2018
Verified Purchase
2 people found this helpful
Sending feedback...
Thank you for your feedback.
Report abuse
FanOfTechnicalBooks
4.0 out of 5 stars Un clásico muy bueno a nivel teórico para pentesting web
Reviewed in Spain on 15 January 2020
Verified Purchase
Sending feedback...
Thank you for your feedback.
Report abuse
marco
4.0 out of 5 stars Troppo figo per non prenderlo
Reviewed in Italy on 11 November 2016
Verified Purchase
3 people found this helpful
Sending feedback...
Thank you for your feedback.
Report abuse
Gopalsamy Rajendran
5.0 out of 5 stars Hackers handbook review
Reviewed in India on 1 May 2019
Verified Purchase
review imagereview imagereview image
3 people found this helpful
Sending feedback...
Thank you for your feedback.
Report abuse
Akhil C Chandran
5.0 out of 5 stars Bible for a Pentester!!
Reviewed in India on 19 December 2017
Verified Purchase
2 people found this helpful
Sending feedback...
Thank you for your feedback.
Report abuse
leadsinger
5.0 out of 5 stars Super Buch, sehr lehrreich
Reviewed in Germany on 17 October 2018
Verified Purchase
Sending feedback...
Thank you for your feedback.
Report abuse
Harshit saxena
5.0 out of 5 stars Wanna start Bug Hunting , prefer this Book !
Reviewed in India on 28 July 2018
Verified Purchase
review image
2 people found this helpful
Sending feedback...
Thank you for your feedback.
Report abuse
Jean-François Rioux
5.0 out of 5 stars Great resource for every serious and professional web application developer
Reviewed in Canada on 17 November 2014
Verified Purchase
One person found this helpful
Sending feedback...
Thank you for your feedback.
Report abuse
Bruno Gabriel Araujo Lebtag
5.0 out of 5 stars Excelente Livro para aprender a Segurança e ataque de aplicações web
Reviewed in Brazil on 2 September 2017
Verified Purchase
Sending feedback...
Thank you for your feedback.
Report abuse
Caterumba
3.0 out of 5 stars Recomiendo la compra, pero cuidado: me ha llegado rajado.
Reviewed in Spain on 28 April 2020
Verified Purchase
review imagereview image
Sending feedback...
Thank you for your feedback.
Report abuse
Ayan Saha
5.0 out of 5 stars best book for bug bounty
Reviewed in India on 25 May 2019
Verified Purchase
Sending feedback...
Thank you for your feedback.
Report abuse
Pages with related products. See and discover other items: computer networking