The Web Application Hacker’s Handbook Discovering and Exploiting Security Flaws

This book is strongly geared towards the hands-on techniques that you can use

to attack web applications. After reading the book, you will understand the

specifics of each individual task, what it involves technically, and why it works

in helping you detect and exploit vulnerabilities. The book is emphatically not

about downloading some tool, pointing it at a target application, and believing

what the tool’s output tells you about the state of the application’s security.

That said, there are several tools which you will find useful, and sometimes

indispensable, when performing the tasks and techniques that we describe. All

of these are easily available on the Internet, and we recommended that you

download and experiment with each tool at the point where it appears in the

course of the book.