Anyone read the Web Application Hackers Handbook version 2?

Viewing 15 reply threads
  • Author
    Posts
    • #7038
      TheXero
      Participant

      Hi,

      The got a no in the latest interview I had for a sec position because my web app security skills are not up to par.

      So naturally I want to try and improve my chances so have decided to start doing some research on the subject and I have heard great things from the first WAHH (not read) but noticed a second edition was release in September/October time of this year.

      Only reviews I have come across are on Amazon but was wandering if there was a EH-net review or what you guys think of the new book.

      Regards,
      TheXero

    • #43673
      n3r
      Participant

      I’ve not read it but i have the first one which is pretty good. I didn’t know a lot of things about web pentest but i have understood a lot with it.
      It’s better if you have some knowledge with HTTP/SQL/JAVA but the book covers the basic.

      Moreover you can use the book with the lab MDSEC if you don’t care about the price.

    • #43674
      alucian
      Participant

      Hi,

      I have it and I am reading it right now, in order to help me better understand the material for GWAPT exam.

      I can say that it is the best, and it has the advantage that you can pair it with prcatical labs created by the authors. The downsize is that the labs are quite expensive (7$/ hour), but it’s cheaper than pay 4000$ for the SANS course.

      For the begginers I recommend Elearnsecurity course first, and then build in its foundation using the book.

      @TheXero I know that your background is good so you can start directly with the book.

    • #43675
      cd1zz
      Participant

      It’s a fantastic book.

    • #43676
      n3r
      Participant

      by the way do you use Burp suite or the professionnal version ?

    • #43677
      alucian
      Participant

      I have both of them.

      The commercial one will be better suited for the cases where you’ll need the intruder. You will not need the scanner for the exercises, because you know what is the vulnerability.

    • #43678
      lorddicranius
      Participant

      @alucian wrote:

      For the begginers I recommend Elearnsecurity course first, and then build in its foundation using the book.

      This is exactly what I’m doing right now and it’s working out well!  Being the beginner I am with limited web programming experience, I think WAHHv2 is a great book.  Talks about the different security mechanisms used in web apps and how they work, helps give you different perspectives when faces with different vulnerabilities, different ways to exploit the vulnerabilities, etc.  Right now I’m reading the sections of WAHH that match with what I’m learning with eLearnSecurity, but after the class/exam is up I’ll be giving the book a more thorough read through.

    • #43679
      midnight monster
      Participant

      yes i start reading it and its awsome

    • #43680
      Anonymous
      Participant

      I am reading it now too on about chapter 11 as my web foo needs improving too.

    • #43681
      easy
      Participant

      @TheXero wrote:

      Hi,

      The got a no in the latest interview I had for a sec position because my web app security skills are not up to par.

      So naturally I want to try and improve my chances so have decided to start doing some research on the subject and I have heard great things from the first WAHH (not read) but noticed a second edition was release in September/October time of this year.

      Only reviews I have come across are on Amazon but was wandering if there was a EH-net review or what you guys think of the new book.

      Regards,
      TheXero

      I have read the old one and 2 days ago i got the 2nd which 920 pages.

      This book is very good to get started – intermediate.

      Good Luck

    • #43682
      Cotica
      Participant

      I have it too and it’s worth reading!

      A suggestion to all of you…what do you think about discussing the solutions about the lab exercise?

      Let me know!

    • #43683
      KrisTeason
      Participant

      Hi Cotica,

      Welcome to EthicalHacker.net. The solutions can actually be found below for edition 2:
      Spoiler Alert.

      If you were interested in labs where you can practice the material that is in the book itself, look into http://www.mdsec.net. There’s an active thread here about it.

    • #43684
      alucian
      Participant

      @xXxKrisxXx wrote:

      Hi Cotica,

      Welcome to EthicalHacker.net. The solutions can actually be found below for edition 2:
      Spoiler Alert.

      Those are the answers to the questions at the end of every chapter. I don’t know if there are solutions for the labs.

    • #43685
      eyenit0
      Participant

      I’m almost all the way through the book and I found it very insightful. I wish the labs were free!

    • #43686
      vp75
      Participant

      Hi
      Just go the few books recently including a book on XSS, The Basics of Hacking and Penetration testing, Web Application Hackers Handbook, not yet started as I’m reading currently reading The Basics of Hacking and Penetration testing. I will look into it soon….exciting (not enough hours to read in a day ???)
      V

    • #43687
      MaXe
      Participant

      @TheXero wrote:

      Hi,

      The got a no in the latest interview I had for a sec position because my web app security skills are not up to par.

      So naturally I want to try and improve my chances so have decided to start doing some research on the subject and I have heard great things from the first WAHH (not read) but noticed a second edition was release in September/October time of this year.

      ….

      Amazingly I never saw this thread before now, anyway I’m sorry to hear about that, didn’t you participate in the HaXx.Me’s? You should’ve asked me for info  ;D

      The Web Application Hackers Handbook 1 and 2 are definitely recommendable, to anyone. Even me, though sometimes, you have to think beyond, keep that in mind, always  😉

      Besides that.. I am possibly cooking something you can use hehe  ;D

Viewing 15 reply threads
  • You must be logged in to reply to this topic.

Copyright ©2020 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.

Sending

Sign in with Caendra

Forgot password?Sign up

Forgot your details?