Hi,

The got a no in the latest interview I had for a sec position because my web app security skills are not up to par.

So naturally I want to try and improve my chances so have decided to start doing some research on the subject and I have heard great things from the first WAHH (not read) but noticed a second edition was release in September/October time of this year.

Only reviews I have come across are on Amazon but was wandering if there was a EH-net review or what you guys think of the new book.

Regards,
TheXero

Hi,

I have it and I am reading it right now, in order to help me better understand the material for GWAPT exam.

I can say that it is the best, and it has the advantage that you can pair it with prcatical labs created by the authors. The downsize is that the labs are quite expensive (7$/ hour), but it's cheaper than pay 4000$ for the SANS course.

For the begginers I recommend Elearnsecurity course first, and then build in its foundation using the book.

@TheXero I know that your background is good so you can start directly with the book.

by the way do you use Burp suite or the professionnal version ?

This is exactly what I'm doing right now and it's working out well!  Being the beginner I am with limited web programming experience, I think WAHHv2 is a great book.  Talks about the different security mechanisms used in web apps and how they work, helps give you different perspectives when faces with different vulnerabilities, different ways to exploit the vulnerabilities, etc.  Right now I'm reading the sections of WAHH that match with what I'm learning with eLearnSecurity, but after the class/exam is up I'll be giving the book a more thorough read through.

I am reading it now too on about chapter 11 as my web foo needs improving too.

I have it too and it's worth reading!

A suggestion to all of you...what do you think about discussing the solutions about the lab exercise?

Let me know!

Those are the answers to the questions at the end of every chapter. I don't know if there are solutions for the labs.

Hi
Just go the few books recently including a book on XSS, The Basics of Hacking and Penetration testing, Web Application Hackers Handbook, not yet started as I'm reading currently reading The Basics of Hacking and Penetration testing. I will look into it soon....exciting (not enough hours to read in a day )
V