Re: Books on AppSec.

[Ryan Dewhurst <ryandewhurst () gmail com>]

The OWASP Testing Guide is a great start.

Free PDF:
http://www.owasp.org/images/5/56/OWASP_Testing_Guide_v3.pdf

Or buy the very reasonable paperback:
http://www.lulu.com/product/paperback/owasp-testing-guide/5310589

The Web Application Hackers Handbook is great too.

http://portswigger.net/wahh/

Ryan Dewhurst

blog www.ethicalhack3r.co.uk
projects www.dvwa.co.uk | www.webwordcount.com
twitter www.twitter.com/ethicalhack3r

On Wed, Jul 13, 2011 at 6:23 PM, Champ Clark III [Softwink]
<champ () softwink com> wrote:
>        Hello all,
>
>        I have a friend how is a fairly experienced programmer
> (C/PHP/Perl).  He's recently graduated and received his engineering
> degree.  However,  he's not having a lot of luck finding jobs in that
> market in his area.
>
>        Anyways,  long story short,  he's become interested in AppSec.
> Mostly from a testing stand point.  While he is a programmer,  he's
> never done any such AppSec work.
>
>        Does anyone know of any good starter books for him?  Or possibly
> good reference material I could pass on to him.  Thanks
>
> --
>        Champ Clark III | Softwink, Inc | 800-538-9357 x 101
>                     http://www.softwink.com
>
> GPG Key ID: 58A2A58F
> Key fingerprint = 7734 2A1C 007D 581E BDF7  6AD5 0F1F 655F 58A2 A58F
> If it wasn't for C, we'd be using BASI, PASAL and OBOL.
>
> _______________________________________________
> Pauldotcom mailing list
> Pauldotcom () mail pauldotcom com
> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
> Main Web Site: http://pauldotcom.com
_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com