The Web Application Hacker's Handbook: Finding and Exploiting Security Flaws

27 Sep 2011

by Dafydd Stuttard


Publisher: Wiley

Overall: 64% of the 50 mentions are positive, 36% are neutral and 0% are negative.



buy now


50 mentions sorted by:
  • I see this book recommended a good it: https://www.amazon.com/Web-Application-Hackers-Handbook-Exploiting/dp/1118026470 For the price I think it is a decent resource. For playing around you can also use https://hack.me - there are a few good challenges on there.
    1 points in /r/HowToHack by Packet-Fox | 23 May 2017
  • A principle in web app security: user input cannot be trusted. With that in mind; the following are the kinds of user input you can mess around with: query parameters; post params; file uploads; cookies; http headers; even out-of-band inputs like emails (if they get processed) or all of the above but for a different but related service. Sometimes user input can be crafted to exploit unexpected behavior. Causing a 500 error may give you interesting error messages. Maybe form input isn't sanitized and you can perform sql injections; XSS; and the like. File uploads - do the files appear to be uploaded to their server (and not something like S3)? Try dropping php files (if it's a php application); try XXE if Word or Excel documents are expected. All sorts of fun possibilities can be explored wherever there is any user input. Another subject worth studying: attacking authentication. Is there no rate limiting? Usernames can be enumerated? How about a brute force attack? Take a look at the session token in the cookies - can you reuse them? Are they custom-made (does not appear to be generated by a known framework)? Try attacking the token-generation scheme itself. Discovered an XSS vuln and the cookie entry for the session token is not set to http only? Write a script to steal them cookies - that'll be your XSS payload - sit back and wait for someone to bite. I think exploring these topics is a great start. Recommended reading: https://www.amazon.com/Web-Application-Hackers-Handbook-Exploiting/dp/1118026470 Edit: to add; the tools you have listed are info gathering tools. That's the first thing you want to use to give you a nice idea about potential attack vectors. Sometimes dirbuster can yield nice results in itself. For example; I found a deployment script sitting on a prod server - with AWS keys!!! Tip for info gathering: you can use builtwith to see what tech the target is using; and tailor info gathering scripts (like dirbuster) for that.
    10 points in /r/netsecstudents by veeberz | 19 May 2017
  • I have all these except the CEH (which shouldn't be on this list lol...) and they're all pretty good in their own way. Starting over; I'd go through hacker playbook while reading through the art of exploitation. You'll be pretty rounded at this point; blackhat python and metasploit will be a breeze. Do the ceh one if you're getting a job that wants to see embossed paper. Also; check out Web Application Hacker's Handbook; and Shellcoder's Handbook.
    22 points in /r/HowToHack by keeegan | 17 May 2017
  • Yes; here's the book (https://www.amazon.com/Web-Application-Hackers-Handbook-Exploiting/dp/1118026470). The key with web application security; the one main rule is; never trust anything the user sends you. That means; you can do a lot (almost everything) just manipulating HTTP requests; which usually requires only minimal HTML/CSS knowledge. Without understanding some HTML/CSS/JS; you may have a hard time with getting XSS to pop; without knowing some XML; you might have trouble understanding things like XXE; and without understand SQL; you might have issues with SQLi. BUT; there are a lot of things you can start doing without that. In general though; you can do a lot by just learning how to proxy requests with Burp and setting up a vulnerable web app. If you're trying to learn and gain fluency in HTML/CSS; you're going to be doing a lot of unnecessary work. It's good to understand how these work; but you'll pick up most of what you need as you research and learn about specific vulnerabilities.
    1 points in /r/netsec by standardoutput | 02 May 2017
  • Web Application Hacker's Handbook 2 was written by one of the guys who created Burpsuite. It was a godsend for me when I got into web app pen.
    4 points in /r/hacking by iownahorsefurreal | 30 Mar 2017
  • I'm surprised no one recommended WAHH
    1 points in /r/AskNetsec by nosas | 13 Mar 2017
  • Web dev having trouble finding work? Buy this book and this book; read them and contact karsten.cross@nccgroup.trust.
    12 points in /r/ProgrammerHumor by chickenfun1 | 15 Feb 2017
  • If you want a very comprehensive (althought maybe a bit dry) resource on web app security; I recommend The Web Application Hackers Handbook; it covers most of the web security stuff like remote file inclusion; sql injection; csrf xss etc etc.
    2 points in /r/PHP by TheHelgeSverre | 05 Jan 2017
  • Depends on what you want to learn.

    Web Application Security?

    Exploit Development?

    "Pentesting" techniques?

    Also check here for tons other of resources.

    As for certs; if you are a beginner beginner; then probably stuff like Security+ and Network+. Unlike the guy behind me; I will never get; nor do I really recommend CISSP; unless you are going for strictly blue team (defense) work. I personally enjoy red team (pentesting; etc); so something like OSCP would be more useful.

    Like I said in a post above; feel free to PM me with questions. I'm always happy to help others on their quest to learn more about the wide world of infosec :)
    3 points in /r/AskNetsec by cquick97 | 26 Sep 2016