
 Web App Hacker's Handbook 2nd Edition - Preview - wglb
http://blog.portswigger.net/2011/05/web-app-hackers-handbook-2nd-edition.html
======
sudonim
The title was misleading. I assumed a "Web App Hacker" was someone who creates
web apps, not someone who breaks into web apps ("Web App Cracker"). AFAIK,
hacker news is not a news site for people who break into web apps.

~~~
nlo
Someone who creates web apps should be intimately familiar with the techniques
used by people who break into web apps.

Dafydd Stuttard (book author) / PortSwigger created the Burp Suite web
application security testing program, which I've found invaluable in
performing security analysis of web apps during development.

~~~
sudonim
My previous comment is a little tongue in cheek, but it would be cool if they
weren't perpetuating the media stereotype that hacker == cracker. A bunch of
other sticklers on "Hacker News" bring it up when people misuse the term.

<http://searchyc.com/cracker+hacker>

~~~
chopsueyar
As described in the article link, it is hacking.

Kevin Mitnick was not a cracker, he was a hacker.

Hacking has multiple definitions.

~~~
p4bl0
Agreed. For instance someone who breaks into web apps but doesn't use this
skill to sell user data or steal from users is not a cracker IMO, but a hacker
(he could do this to satisfy its curiosity, for fun, or to tell the webmasters
how to secure their web app better).

Hacker is a word with many _valid_ definitions.

------
iuguy
I bought the first one and it was brilliant. I've known Daf (the author) for a
few years now, he's also the author of the amazing Burp Suite[1] - if you're a
developer do try the free version then consider getting the pro suite, which
has a stupid volume of features for a relatively small amount of money.

WAHH should be standard reading for anyone that wants to learn about Web
Application attacks. I'd also highly recommend the Shellcoder's Handbook
(although that could do with an update too).

I will definitely be buying both the 2nd edition of WAHH and the try it bits
too when it comes out.

[1] - <http://www.portswigger.net/>

------
spartanfan10
So pumped for the Try It sections! This book is fantastic and Try It is a
wonderful addition.

------
watty
Well I was interested until I read that it won't be available until October.
It'd be nice if they had a preorder of some kind...

~~~
meaydinli
I think this is where you can pre-order?

[http://www.amazon.com/gp/product/1118026470?ie=UTF8&tag=...](http://www.amazon.com/gp/product/1118026470?ie=UTF8&tag=portswinet-20&linkCode=as2&camp=1789&creative=9325&creativeASIN=1118026470)

By the way, does anyone know similar books?

~~~
coin
What's with sneaking in an affiliate tag to the Amazon link (portswinet-20)?

~~~
spjwebster
It's the same link as posted on the book author's buy page (
<http://portswigger.net/wahh/buy.html>) so I'd imagine the parent just
copy/pasted it here.

