The web application hacker's handbook: discovering and exploiting security flaws
this book a practical guide to discovering and exploiting security holes in Web applications. The authors explain each category of vulnerability using real-world examples, screen shots and code extracts. The book is very practical in focus, and describes in detail the steps involved in detecting and exploiting each kind of security vulnerabilities in a variety of applications such as online banking and e-commerce and other Web applications. Topics covered include bypassing login mechanisms and injecting code and exploit logical flaws and threaten other users. Because each Web application is different, the attack requires the development of many of the General principles and techniques and experiences in an innovative way. Beyond this, the most successful hackers looking for ways to automate custom attacks. This booklet describes the methodology combines proven human intelligence and computerized brute force, often with devastating results. Writers are professional penetration tester who participated in Web application security for nearly a decade. And have provided training courses on Black Hat security conferences around the world. Under the nickname ' PortSwigger ' famous Burp Suite Dafydd has developed tools for hacking into Web applications.