The Tangled Web: A Guide to Securing Modern Web Applications cover
The Tangled Web: A Guide to Securing Modern Web Applications
by Michal Zalewski
ISBN: 1593273886
Found in 2 comments on Hacker News
View on Amazon
We may earn a commission from purchases made through links on this page.
Not ready yet? Get weekly book picks.
yan · 2014-10-23 · Original thread
Zalewski was the reason I felt unaccomplished in 2005, when I read his "Silence on the wire" and noted he wasn't much older than I am.

His separate guide on CNC is great[1]. He also has a great intro to electronics[2]. His first book is an amazing survey of totally passive attacks[3]. His second book is a comprehensive survey of web application osecurity[4].

[1] http://lcamtuf.coredump.cx/gcnc/

[2] http://lcamtuf.coredump.cx/electronics/

[3] http://www.amazon.com/dp/1593270461

[4] http://www.amazon.com/dp/1593273886/

jyu · 2013-06-13 · Original thread
I'd also like to know Security 101 for web developers.

In a recent appsec thread, there were two books that a lot of people recommended:

http://www.amazon.com/The-Tangled-Web-Securing-Applications/...

http://www.amazon.com/The-Web-Application-Hackers-Handbook/d...

https://news.ycombinator.com/item?id=5862102