Cenzic 232 Patent
Paid Advertising
web application security lab

The Web Application Hacker’s Handbook

Well it’s getting closer! My friend, PortSwigger (also known as Dafydd Stuttard - author of Burp Suite) is getting ever closer to completion of his new book The Web Application Hacker’s Handbook. He’s co-authoring it with Marcus Pinto. I’ve known about the book for a while now, and am really looking forward to reading it.

He’s also released a table of contents for the book so people can get a head’s up. It looks like a pretty thorough writeup on how to do manual and semi-manual security assessments. It’s going to look nice on my bookshelf - once I get my bookshelf looking nice that is.

18 Responses to “The Web Application Hacker’s Handbook”

  1. DoctorDan Says:

    Wow! Judging by the table of contents, this book looks very very promising. I plan on purchasing it and learning quite a bit. It seems as though it will go in to adequate detail as well, which is important in order to protect an application from an area that a particular malicious user may have an expertise in. Partial security is not much better than zero security- someone will always have the knowledge to find flaws, so such explicitness in this sort of book is crucial.

    -Dan

  2. Dave Says:

    Preordered way back!

  3. lake2 Says:

    good, but, why publish PDF, I can’t buy it in China !

  4. Kyran Says:

    Ah, glad to see another WAS book coming out! Soon we will have our very own set of bibles.

  5. Jenny Says:

    This is looking awesome - there is a lot in there that not in the other books, like code review, writing attack scripts, logic flaws, & app arcitecture. The book also seems a lot longer than what Amazon say so hopefully has a lot of detail. I will defeinitely order this.

  6. Vinícius K-Max Says:

    I can’t wait!

  7. HYPERFUKBOT Says:

    this looks very nice based on the ToC

  8. Awesome AnDrEw Says:

    I looked at the table of contents, saw a lot of things I’m quite familiar with, and saw a lot of things that would be helpful to know, which is why I’ll most likely order the book.

  9. hackathology Says:

    I knew this book too and blog about it. I mean i am also preparing to get a copy of it.

  10. 0kn0ck Says:

    Yup. you are right. Another fabulouas book by WROX :

    Professional Pen Testing for Web Applications.

    Its a good book too.

  11. FiSh Says:

    I think this will be one of few books worth actually paying for a hard copy of.. Normally with this kind of book, I would just glance at an online version and glean any information from it within about 10 minutes, but this looks like a meaty, useful reference for just about everything.

  12. fazed Says:

    while you wait you can watch my videos.
    ask rsnake for the link because I don’t want to
    spam.
    (remove this link if you dont want
    spam.. http://fazed-darkstar.blogspot.com/)

  13. g4b0 Says:

    Amazon suggest me to buy it with “The Shellcoder’s Handbook: Discovering and Exploiting Security Holes” by Chris Anley.

    What do you think about that book?

  14. L00t Says:

    Just ordered this, looking forward to receiving it. Too bad it’s not on Amazon.co.uk, shipping is wickedly slow from US to europe :(

  15. seven Says:

    i am looking forward to get this book,it’s very good.
    but i don’t know when can i see it in china.

  16. mallory Says:

    I am looking forward to it too!

    Hope it will come to China ASAP!

  17. CeW Says:

    find the book which was wrotten by x-master on this site = www.cyber-warrior.org , you will be happier than now , really

  18. vlan7 Says:

    I get this book recently from amazon and it looks very promissing!!

    Good work.

    vlan7