The second edition of the Web Application Hacker's Handbook contains the following chapters:

  1. Web Application (In)security
  2. Core Defense Mechanisms
  3. Web Application Technologies
  4. Mapping the Application
  5. Bypassing Client-Side Controls
  6. Attacking Authentication
  7. Attacking Session Management
  8. Attacking Access Controls
  9. Injecting Into Databases
  10. Injecting into Back-End Components
  11. Attacking Application Logic
  12. Attacking Users: Cross-Site Scripting
  13. Attacking Users: Other Techniques
  14. Automating Customized Attacks
  15. Exploiting Information Disclosure
  16. Attacking Native Compiled Applications
  17. Attacking Application Architecture
  18. Attacking the Web Server
  19. Finding Vulnerabilities in Source Code
  20. A Web Application Hacker's Toolkit
  21. A Web Application Hacker's Methodology

Download the full table of contents (PDF).

Copyright © 2011 Dafydd Stuttard and Marcus Pinto. All rights reserved.