[Owasp-leaders] Need A Reference: "Must Read" Application Security Book

Joseph Aguirre joseph.aguirre at owasp.org
Fri Mar 9 05:49:45 UTC 2012


I'd suggest the following free options:

1. The OWASP Testing Guide + Web Goat (learn by doing).
2. OWASP articles about various vulnerability classes (generally linked to
in the previous resource).


If you're really looking to pay for something, these are good books:

1. HTTP: The Definitive Guide
2. The Web Application Hacker's Handbook



--Joe Aguirre


On Thu, Mar 8, 2012 at 9:11 PM, Zaki Akhmad <za at owasp.org> wrote:

> Hi all,
>
> I need a reference on a "must read" application security book. I know
> there are a lot of application security books out there, but I need to
> know, your opinion on the "must read" one and what makes it a must
> read. Thanks a lot!
>
> Regards,
> --
> Zaki Akhmad
> OWASP Indonesia Chapter Leader
> http://www.owasp.org/index.php/Indonesia
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20120308/57066d96/attachment.html>


More information about the OWASP-Leaders mailing list