This book is a practical guide to finding and exploiting security flaws in web applications. Highlights include:

• Comprehensive and deep coverage of all kinds of attacks.
• Practical focus that spells out the detailed steps involved in detecting and exploiting each kind of vulnerability.
• Numerous real-world examples, screen shots and code extracts.
• Advanced techniques including how to disassemble client-side components, automate custom attacks, and find vulnerabilities in source code.
• A detailed, proven methodology for performing an end-to-end attack.

Co-authored by PortSwigger (creator of Burp), this book includes all of the manual techniques that you need to master to compromise today's web applications, and also describes how you can best leverage the available tools to make your attacks faster and more effective.
 

Book details

Title: The Web Application Hacker's Handbook: Detecting and Exploiting Security Flaws
Authors: Dafydd Stuttard & Marcus Pinto
Pages: 768
Published: October 2007, Wiley.
ISBN: 0470170778 / 978-0470170779
 

From the back cover: