This week, after a long and arduous battle, I finally finished the Web Application Hackers Handbook. And let me tell you, it wasn’t giving up without a fight. This was definitely one of the longest and driest books I have ever laid my eyes on. 800 pages of pure textbook. It was glorious.
Now, that isn’t usually my review after reading a long and boring book cover to cover. But this was something else. I think it needed a cover to cover read once, but never again. Because this is one of the best and most complete references I’ve ever read, which is where it gets it’s value. There were no cool little projects or funny anecdotes, it was just straight content all the way through, with plenty of examples and exercises. It covered every web attack I’ve ever heard of (up to it’s publication date) and even a few I hadn’t, and it went through all of them in a solid amount of detail. I definitely feel confident that I’d know what I’m doing given an application and just going for it, even if I’d need to reference some things as I went (which is what books are for really), and I’m looking forward to putting it all into practice when I take Webapp security in first semester.
But more than examples, it went through good, solid process. Where to start, what to look for and how to best proceed once you’ve found something so that you fully understand the full extent of the vulnerability. Even though it was a slog to get through it was definitely worth the investment and that I’ll be referring back to it for a long time to come.
My Portfolio 