Learn more Shop now Shop now Shop now Shop now Shop now Shop now Learn More Shop now Learn more Click Here Shop Kindle Amazon Music Unlimited for Family Shop now Shop now



There was a problem filtering reviews right now. Please try again later.

Showing 1-10 of 17 reviews(5 star). See all 23 reviews
on 26 July 2017
As a security architect this book is an invaluable source of information and very well written it covers everything you would need for web app hacking and I used it to help prepare for my CREST CRT certification.

Highly recommended and is used on a daily basis. If you work as a web developer or in cyber security then this book is a must.
0Comment|Was this review helpful to you?YesNoReport abuse
on 2 April 2017
An excellent 'read'. Very well put together and very informative. A definitive work on the subject but written so that I could pick it up again easily, when I had time to revisit it. I learnt a lot!
0Comment|Was this review helpful to you?YesNoReport abuse
on 18 December 2011
I read this book in preparation for the Live Course which was presented by Marcus.

While reading the book i found it was quite dry because i was not doing the practical excersises available online. As you have to pay for them i wasn't sure if it would be worth it. With hindsight after doing the course i would highly recommend using them. It will make the content a lot more interesting but also teach a key skill which the book doesn't:

The key to most pen testing and vulnerability research is persistence and logical thinking. It is very well to think you know how a certain bug works but it can still be quite a challenge to actually implement it.

I feel very lucky to have been able to attend the live course for hands on help from the authors but you can definitely get all the information and practice you need purely from the book and the website. Its a shame that there isn't a couple of hours of practical time included when you buy the book.

It is very well written and covers all the areas you would expect. A lot of the old school web bugs explained such as SQL injection and less common now because of better programming practices and interfaces. Later chapters in the book such as the methodologies and logic flaw errors are timeless.

The book also provides real world solutions and mitigation's for the attacks described so this is highly recommended for anyone who develops web applications swell as people who carry out penetration testing on them.

While this may not be the best book ever written i think it definitively describes the topic therefore i have given it 5 stars.
0Comment| 5 people found this helpful. Was this review helpful to you?YesNoReport abuse
on 12 January 2013
I've actually met these guys before in Dublin at the Google building at set of OWASP presentations on web app security - and the guys definitely know their stuff. The book itself is really good and i find it very helpful to have on the desk, and to be able to reference to understand a topic better and to get ideas.
0Comment| 3 people found this helpful. Was this review helpful to you?YesNoReport abuse
on 6 February 2013
Great book. A must have on my daily work. I keep it on my desk to some situation i need to review something
0Comment| 2 people found this helpful. Was this review helpful to you?YesNoReport abuse
on 10 May 2014
One of the best books on the subject of web application pen testing. The use of a strong logical approach (maybe using Dafydd philosophy background) helps to get the key concepts across. The test checklist at the end of the book is very useful if you need a quick guide to get you started while testing websites.
0Comment|Was this review helpful to you?YesNoReport abuse
on 12 May 2016
Excellent book, a must for anyone who is considering web apps testing. Full of excellent technical examples and links well to the MDSEC labs (found at mdec.net), which can be used alongside.
0Comment|Was this review helpful to you?YesNoReport abuse
on 7 December 2013
This is beyond a shadow of a doubt the GO-TO book for web applications and security.
Be warned - it's heavy reading but covers everything in amazing techical colour detail.
0Comment|Was this review helpful to you?YesNoReport abuse
on 18 March 2013
Great resource - a valuable insight into Web Application Security assessments and penetration testing - well written and explained with plenty of examples
0Comment|Was this review helpful to you?YesNoReport abuse
on 2 December 2012
My title says it all, this book is a reference, it is a bible, it has it all! Everything you may come across in web security, this book has it!
It is an amazing reference! How could I survive without this book so far?
0Comment| 2 people found this helpful. Was this review helpful to you?YesNoReport abuse

Sponsored Links

  (What is this?)