The Web Application Hacker's Handbook: Finding and Exploiting Security Flaws, 2nd Edition (2011)

Chapter 1. Web Application (In)security

Chapter 2. Core Defense Mechanisms

Chapter 3. Web Application Technologies

Chapter 4. Mapping the Application

Chapter 5. Bypassing Client-Side Controls

Chapter 6. Attacking Authentication

Chapter 7. Attacking Session Management

Chapter 8. Attacking Access Controls

Chapter 9. Attacking Data Stores

Chapter 10. Attacking Back-End Components

Chapter 11. Attacking Application Logic

Chapter 12. Attacking Users: Cross-Site Scripting

Chapter 13. Attacking Users: Other Techniques

Chapter 14. Automating Customized Attacks

Chapter 15. Exploiting Information Disclosure

Chapter 16. Attacking Native Compiled Applications

Chapter 17. Attacking Application Architecture

Chapter 18. Attacking the Application Server

Chapter 19. Finding Vulnerabilities in Source Code

Chapter 20. A Web Application Hacker's Toolkit

Chapter 21. A Web Application Hacker's Methodology

General Guidelines


Malware Analyst’s Cookbook and DVD: Tools and Techniques for Fighting Malicious Code (2011)


On The Book's DVD

Chapter 1. Anonymizing Your Activities

Chapter 2. Honeypots

Chapter 3. Malware Classification

Chapter 4. Sandboxes and Multi-AV Scanners

Chapter 5. Researching Domains and IP Addresses

Chapter 6. Malware Labs

Chapter 7. Automation

Chapter 8. Dynamic Analysis

Chapter 9. Malware Forensics

Chapter 10. Debugging Malware

Chapter 11. De-obfuscation

Chapter 12. Working with DLLs

Chapter 13. Kernel Debugging

Chapter 14. Memory Forensics with Volatility

Chapter 15. Memory Forensics: Code Injection and Extraction

Chapter 16. Memory Forensics: Rootkits

Chapter 17. Memory Forensics: Network and Registry