---
product_id: 76753790
title: "The Web Application Hacker's Handbook: Discovering and Exploiting Security Flaws"
brand: "dafydd stuttardmarcus pinto"
price: "16698 kr"
currency: ISK
in_stock: true
reviews_count: 4
url: https://www.desertcart.is/products/76753790-the-web-application-hackers-handbook-discovering-and-exploiting-security-flaws
store_origin: IS
region: Iceland
---

# The Web Application Hacker's Handbook: Discovering and Exploiting Security Flaws

**Brand:** dafydd stuttardmarcus pinto
**Price:** 16698 kr
**Availability:** ✅ In Stock

## Quick Answers

- **What is this?** The Web Application Hacker's Handbook: Discovering and Exploiting Security Flaws by dafydd stuttardmarcus pinto
- **How much does it cost?** 16698 kr with free shipping
- **Is it available?** Yes, in stock and ready to ship
- **Where can I buy it?** [www.desertcart.is](https://www.desertcart.is/products/76753790-the-web-application-hackers-handbook-discovering-and-exploiting-security-flaws)

## Best For

- dafydd stuttardmarcus pinto enthusiasts

## Why This Product

- Trusted dafydd stuttardmarcus pinto brand quality
- Free international shipping included
- Worldwide delivery with tracking
- 15-day hassle-free returns

## Description

Full description not available

## Images

![The Web Application Hacker's Handbook: Discovering and Exploiting Security Flaws - Image 1](https://m.media-amazon.com/images/I/614xwfIg1DL.jpg)

## Customer Reviews

### ⭐⭐⭐⭐⭐ An excellent thorough resource for web application security
*by B***M on January 20, 2008*

This is a great read for anyone interested in the security of modern web applications. It covers the hacking process from mapping the attack surface to exploiting input validation, access control, session management, and authentication vulnerabilities using real-world examples and diagrams. There is an in-depth 100pg chapter on injecting code(e.g. SQL, OS, script, etc injection) and a 95pg chapter on attacking other users(e.g. XSS, request forgery, etc attacks). There is information about bypassing common sanitization techniques in cases where user input is sanitized. The book also covers how to write your own scripts to automate complex attacks. At the end of each section are the steps necessary to defend your application against the attacks that were described with an emphasis on "defense-in-depth"; an approach where one tries to prevent the compromise of the whole application even if one component of it is already compromised.This book is extremely up to date with its coverage of new AJAX and XSS-type attacks while still covering the relatively old vulnerabilities like buffer overflows and sql injections.The authors are both professional penetration testers which gives them credibility over the information they provide in this book, and one of them is the author of the excellent free web application hacking tool called Burp Suite.I would recommend this book to anyone that has a basic knowledge of how the Web works (http, javascript, cookies, html, and basics of a programming language like php or java) although you could learn these technologies as you are reading the book which would take some more time.

### ⭐⭐⭐⭐⭐ One of the best out there
*by N***K on March 23, 2012*

I bought this book over a year ago and never got around to reviewing it. I am really disappointed by the quality of many of the security books I have read since then, so feel compelled to go back and review this to give the authors the credit they deserve. There seems to be a flourishing industry in rushing out woeful security books that make lofty claims and are little more than brief summaries of "what" tools are with absolutely no "how", "why" or any signs of original thinking. Looking at the perfect 5 scores that many of these offenders receive, I am highly suspicious that authors/publishers are gaming the system and getting their mates to pile on positive reviews. (You will need to take the 5 I award this book with a large grain of salt and do your own research to form your own opinion).Anyway, enough ranting about the state of the industry and on to this book. I have a large bookshelf of security books - many in pristine condition. This one is well worn and dog-eared as it gets a lot of use. It works equally well read from cover to cover and as a future reference. Read in sequence, it is logical and introduces concepts in layers that build understanding on various topics. The chapter breakdown is also very well thought through - attacking client-side controls, authentication schemes, session management, code injection etc. As a reference, it provides thorough coverage describing how a class of exploit works, ways of exploiting it and ways of defending it. The coverage on XSS is the best I have seen in any one reference (you can certainly find all of the info on the net, but this book will save you a lot of time).I just noticed that there is a v2 of this book. Assuming it is the same quality as the original, I would recommend that as this is now a little dated. That said, I see many of the flaws covered in this book are still highly relevant today, but the tools have moved on a bit since then. If however you bought v1, you would not be disappointed.

### ⭐⭐⭐⭐ Perfect for auditors, less useful for developers
*by T***M on March 9, 2009*

I was hoping that this book would give me a clear conception of how to secure a new web applications against potential attackers. It did, up to a point. Unfortunately, the book spends most of its time with the flaws in yesterday's technologies (e.g. older versions of ASP) that I would never touch for a new app.Still, if you're developing a web application, this book is worth at least skimming through. And if you're in charge of patching up a legacy system, this should be your bible.[Update: Since I wrote this review, a second edition of this book has been released. I have yet to read it, but my guess is that the new edition is more relevant to non-legacy app developers.]

## Frequently Bought Together

- The Web Application Hacker's Handbook: Discovering and Exploiting Security Flaws
- The Web Application Hacker's Handbook: Finding and Exploiting Security Flaws
- Black Hat Python, 2nd Edition: Python Programming for Hackers and Pentesters

---

## Why Shop on Desertcart?

- 🛒 **Trusted by 1.3+ Million Shoppers** — Serving international shoppers since 2016
- 🌍 **Shop Globally** — Access 737+ million products across 21 categories
- 💰 **No Hidden Fees** — All customs, duties, and taxes included in the price
- 🔄 **15-Day Free Returns** — Hassle-free returns (30 days for PRO members)
- 🔒 **Secure Payments** — Trusted payment options with buyer protection
- ⭐ **TrustPilot Rated 4.5/5** — Based on 8,000+ happy customer reviews

**Shop now:** [https://www.desertcart.is/products/76753790-the-web-application-hackers-handbook-discovering-and-exploiting-security-flaws](https://www.desertcart.is/products/76753790-the-web-application-hackers-handbook-discovering-and-exploiting-security-flaws)

---

*Product available on Desertcart Iceland*
*Store origin: IS*
*Last updated: 2026-05-17*