Vous voulez voir cette page en fran�ais ? Cliquez ici.

Quantity:

More Buying Choices

Have one to sell? Sell yours here

Share your own customer images

Search inside this book

The Web Application Hacker's Handbook: Discovering and Exploiting Security Flaws [Paperback]

Dafydd Stuttard (Author), Marcus Pinto (Author)

4.7 out of 5 stars See all reviews (3 customer reviews)

List Price:	CDN$ 59.99
Price:	CDN$ 37.61 & this item ships for FREE with Super Saver Shipping. Details
You Save:	CDN$ 22.38 (37%)
	o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o

In Stock.
Ships from and sold by Amazon.ca. Gift-wrap available.

Only 2 left in stock--order soon (more on the way).

Want it delivered Monday, February 13? Choose One-Day Shipping at checkout.

There is a newer edition of this item:

The Web Application Hacker's Handbook: Finding and Exploiting Security Flaws
CDN$ 37.62

In Stock.

Frequently Bought Together

Price For All Three: CDN$ 99.81

Show availability and shipping details

Buy the selected items together

This item: The Web Application Hacker's Handbook: Discovering and Exploiting Security Flaws by Dafydd Stuttard Paperback CDN$ 37.61

In Stock.
Ships from and sold by Amazon.ca.
This item ships for FREE with Super Saver Shipping. Details
Hacking : The Art of Exploitation, 2nd Edition by Jon Erickson Paperback CDN$ 34.62

In Stock.
Ships from and sold by Amazon.ca.
This item ships for FREE with Super Saver Shipping. Details
Reversing: Secrets of Reverse Engineering by Eldad Eilam Paperback CDN$ 27.58

In Stock.
Ships from and sold by Amazon.ca.
This item ships for FREE with Super Saver Shipping. Details

Customers Who Bought This Item Also Bought

Hacking : The Art of Exploitation, 2nd Edition by Jon Erickson

CDN$ 34.62
The Web Application Hacker's Handbook: Fin... by Dafydd Stuttard

CDN$ 37.62
Reversing: Secrets of Reverse Engineering by Eldad Eilam
4.8 out of 5 stars (5)

CDN$ 27.58
SQL Injection Attacks and Defense by Justin Clarke

CDN$ 53.12
The Shellcoder's Handbook: Discovering and Exp... by Chris Anley

CDN$ 34.48
Nmap Network Scanning: The Official Nmap Project G... by Gordon Lyon
5.0 out of 5 stars (2)

CDN$ 32.92

Product Details

Paperback: 768 pages
Publisher: Wiley (Oct 5 2007)
Language: English
ISBN-10: 0470170778
ISBN-13: 978-0470170779
Product Dimensions: 18.8 x 4 x 23.6 cm
Shipping Weight: 1.1 Kg

Average Customer Review: 4.7 out of 5 stars See all reviews (3 customer reviews)

Amazon Bestsellers Rank: #51,487 in Books (See Top 100 in Books)
- #19 in Books > Computers & Internet > Business & Culture > Hacking
- #27 in Books > Computers & Internet > Certification Central > Exams > Security+
- #35 in Books > Computers & Internet > Business & Culture > Privacy

Would you like to update product info or give feedback on images?

See Complete Table of Contents

Product Description

Review

"If you have an interest in web application security, I would highly recommend picking up a copy of this book, especially if you’re interested in being able to audit applications for vulnerabilities".
—Robert Wesley McGrew, McGrew Security

Product Description

This book is a practical guide to discovering and exploiting security flaws in web applications. The authors explain each category of vulnerability using real-world examples, screen shots and code extracts. The book is extremely practical in focus, and describes in detail the steps involved in detecting and exploiting each kind of security weakness found within a variety of applications such as online banking, e-commerce and other web applications.

The topics covered include bypassing login mechanisms, injecting code, exploiting logic flaws and compromising other users. Because every web application is different, attacking them entails bringing to bear various general principles, techniques and experience in an imaginative way. The most successful hackers go beyond this, and find ways to automate their bespoke attacks. This handbook describes a proven methodology that combines the virtues of human intelligence and computerized brute force, often with devastating results.

The authors are professional penetration testers who have been involved in web application security for nearly a decade. They have presented training courses at the Black Hat security conferences throughout the world. Under the alias "PortSwigger", Dafydd developed the popular Burp Suite of web application hack tools.

See all Product Description

Inside This Book (Learn More)

Tag this product

(What's this?)

Think of a tag as a keyword or label you consider is strongly related to this product.
Tags will help all customers organize and find favorite items.

What Other Items Do Customers Buy After Viewing This Item?

Hacking : The Art of Exploitation, 2nd Edition by Jon Erickson Paperback

CDN$ 34.62

The Web Application Hacker's Handbook: Finding and Exploiting Security Flaws by Dafydd Stuttard Paperback

CDN$ 37.62

Malware Analyst's Cookbook and DVD: Tools and Techniques for Fighting Malicious Code by Michael Ligh Paperback

CDN$ 45.13

CEH Certified Ethical Hacker All-in-One Exam Guide by Matt Walker Hardcover

CDN$ 34.45

› Explore similar items

Customer Reviews

3 Reviews

5 star:		(2)
4 star:		(1)
3 star:		(0)
2 star:		(0)
1 star:		(0)

Average Customer Review

4.7 out of 5 stars (3 customer reviews)

Share your thoughts with other customers:

Create your own review

Most helpful customer reviews

2 of 2 people found the following review helpful:

5.0 out of 5 stars Fantastic book with great coverage of Web apps threats, Jan 11 2010

Jose Rodriguez "Pepe" (Ottawa, Canada) - See all my reviews
(REAL NAME)

This review is from: The Web Application Hacker's Handbook: Discovering and Exploiting Security Flaws (Paperback)

Written for a hacker? Not really! The book succeeds at showing Web application vulnerabilities and how to effectively defend from the possible attacks these would allow.

We are using it in our company as the guideline for securing an important Web application and it has covered all issues automated test tools from Rational reported.

I find the book is very well written and explains concepts with clarity, I just could not stop reading it, it's a really interesting book!

Help other customers find the most helpful reviews

Was this review helpful to you? Yes No

Report abuse

1 of 1 people found the following review helpful:

5.0 out of 5 stars Wonderful introduction to the topic of web application security, Nov 16 2009

Tim Taylor - See all my reviews
(REAL NAME)

This review is from: The Web Application Hacker's Handbook: Discovering and Exploiting Security Flaws (Paperback)

This is a great resource for anyone looking for an introduction to web application security and no clue where to start. It begins with the background information you will need to work through many of the techniques that are introduced in the later chapters.

Help other customers find the most helpful reviews

Was this review helpful to you? Yes No

Report abuse

0 of 2 people found the following review helpful:

4.0 out of 5 stars Contains some priceless tricks, Jan 28 2010

Pierre Ernst (Ottawa, Canada) - See all my reviews
(REAL NAME)

This review is from: The Web Application Hacker's Handbook: Discovering and Exploiting Security Flaws (Paperback)

I found section 5.10.4 on page 696 most interesting.

This is especially important since the cookie path defaults to the current location without the trailing slash ([...])

I was able to reproduce this behavior on IE6, IE7, IE8, Safari 3 and even Netscape Communicator 4.79 :-)

However with Firefox or Chrome, cookies set on path "/bank" cannot be accessed from resources located under "/banktest/".

Help other customers find the most helpful reviews

Was this review helpful to you? Yes No

Report abuse

Share your thoughts with other customers: Create your own review

› See all 3 customer reviews on Amazon.ca

Want to see more reviews on this item?

› Go to Amazon.com to see all 20 reviews 4.8 out of 5 stars