Web Application Hacking Required Reading

Jess
2 min readMar 27, 2024

--

A few books that I’ve read along the way that have greatly impacted my life are still good reads, even though they are getting old.

Web Application Hacker’s Handbook

Bendy Matrix

This book is a corner-stone in web security. It properly divides vulnerabilities into different types and teaches you how to find them and what their impact is. I’ve quoted this book several times when writing the Impact portion of my Hackerone tickets.

The Tangled Web

Where spider?

Solid book that emphasizes the security implications of the browser and HTTP security practices and how they relate to application vulnerabilities.

The Pragmatic Programmer

Sad Programmer

Extremely helpful book as I learned to put my own Python scripts together for automation. Save yourself from the scope-creep and common failings of those who do not program everyday.

Web Application Security: Exploitation and Countermeasures for Modern Web Applications

Dog Book

Just published this year (2024) and am still reading this one, but enjoying it so far. I do like the format of the book of using 3 pillars (Recon, Offense, and Defense) along with a lot of newer ideas in the web application security world like, GraphQL, cloud-based deployments, and CDNs.

JavaScript for hackers: Learn to think like a hacker

New cover isn’t as good as the old

Javascript for hackers is a must if you have interest in exploiting client-side vulnerabilities. Mr. Heyes shares many of the sins of JavaScript that entrap well meaning developers. It is very much up-to-date and is one you will read at least twice because of its density.

--

--

Jess
Jess

Written by Jess

Reformed Baptist Son Of A Shepard

No responses yet