The first edition of the Web Application Hacker's Handbook contains the following chapters:

  1. Web Application (In)security
  2. Core Defense Mechanisms
  3. Web Application Technologies
  4. Mapping the Application
  5. Bypassing Client-Side Controls
  6. Attacking Authentication
  7. Attacking Session Management
  8. Attacking Access Controls
  9. Injecting Code
  10. Exploiting Path Traversal
  11. Attacking Application Logic
  12. Attacking Other Users
  13. Automating Bespoke Attacks
  14. Exploiting Information Disclosure
  15. Attacking Compiled Applications
  16. Attacking Application Architecture
  17. Attacking the Web Server
  18. Finding Vulnerabilities in Source Code
  19. A Web Application Hacker's Toolkit
  20. A Web Application Hacker's Methodology

Download the full table of contents (PDF).

Copyright © 2011 Dafydd Stuttard and Marcus Pinto. All rights reserved.