I am more of a web designer/front-end developer with a little experience in everything else. However I realize the potential of programming languages but I have never quite figured out or grasped how they go from writing a nice little web app to the drastic other side of breaching a web site, climbing into their databases, hacking their email, etc.. Can someone explain (and I'm sure someone on here can) how it all works? It seems to be a big secret but I want to know.
[+] [-] nbpoole|15 years ago|reply
tptacek has a list of books on Amazon, linked to from his news.yc profile, which cover a wide range of application security topics (http://amzn.to/cthr46). I own The Art of Software Security Assessment and The Web Application Hacker's Handbook and I can vouch for them as quality resources, although I'm not sure how accessible they would be for a beginner.
In terms of a more practical introduction, Google Gruyere is an application deliberately built with security vulnerabilities for the purposes of learning (http://google-gruyere.appspot.com/). There are plenty of other projects along those lines: WebGoat is another good example.
[+] [-] joshmlewis|15 years ago|reply
[+] [-] fmavituna|15 years ago|reply
Just like many other professions hacking/breaking is all about practising - you can safely hone your skills on these : http://ha.ckers.org/blog/20090406/hacking-without-all-the-ja...
[+] [-] cmina|15 years ago|reply
[+] [-] sidewinder|15 years ago|reply
[+] [-] burliest|15 years ago|reply