+ Reply to Thread
Results 1 to 9 of 9

Thread: GWAPT Books?

  1. Junior Member Registered Member
    Join Date
    Feb 2013
    Posts
    4
    #1

    Question GWAPT Books?

    GWAPT books?

    Hi, i need some help from any person....i´m trying to get the GWAPT certification, but the cost of the official books is too high for me...Is there any possibility to get the GWAPT official books from Internet? I only saw the AudioBook file available on the Internet.....

    In the case that is not possible to find the official books, what others books should i read to prepare the GWAPT exam?


    Thanks in advance!
    Reply With Quote Quote  


  2. Login/register to remove this advertisement.
  3. Senior Member
    Join Date
    Feb 2012
    Posts
    1,962
    #2
    Hello and welcome to TE - I saw your question in the other thread but thought I would respond here instead since it's not related to the other thread.

    To my knowledge, there are no other external books on GWAPT. You could probably piece together a few books which could give you the necessary knowledge and review. A few that come to mind include:

    The Web Application Hacker's Handbook: Finding and Exploiting Security Flaws: Dafydd Stuttard, Marcus Pinto: 9781118026472: Amazon.com: Books
    Web Application Defender's Cookbook: Battling Hackers and Protecting Users: Ryan C. Barnett, Jeremiah Grossman: 9781118362181: Amazon.com: Books
    HACKING EXPOSED WEB APPLICATIONS, 3rd Edition: Joel Scambray, Vincent Liu, Caleb Sima: 9780071740647: Amazon.com: Books

    I have never actually read any of those books but I have heard good things about them.

    Secondarily - I suppose I would like to ask why you would not take the SANS course instead. GIAC certifications are highly correlated to the SANS material. I personally do not consider GIAC certifications to be of much value as a certification other than to assess knowledge from a SANS course.
    Reply With Quote Quote  

  4. Junior Member Registered Member
    Join Date
    Feb 2013
    Posts
    4
    #3
    Thanks! I already read The Web Application Hackers Handbook and the Hacking Exposed Web App 3....these books are excellent, but i don't know about the Web App Defender's Cookbook....i will find it! I don´t think to take the official courses, because these are more expensive than the official self study material... Thanks again!
    Reply With Quote Quote  

  5. Senior Member
    Join Date
    Jul 2011
    Posts
    101

    Certifications
    GCIA, GCIH, GPEN, GWAPT, GCFA, GREM, ACE
    #4
    FYI, I believe if SANs finds out you used their copyrighted material, (that means books...AND the audio file you "found") they will strip you certifications at least and maybe sue you... even if you "borrow" someone else's materials you will just get them in trouble too.. I would suggest you not go that route.
    Reply With Quote Quote  

  6. Random Member docrice's Avatar
    Join Date
    Apr 2010
    Location
    Bay Area, CA
    Posts
    1,399

    Certifications
    GSEC, GCFW, GCIA, GCIH, GWAPT, GAWN, GPEN, GCFE, GCFA, OSWP, SFCP, SnortCP, Sec+, CNSS 4011/4013; expired: CCNA (R&S, Security, Wireless), WCNA
    #5
    Is there a reason why you want the GWAPT certification? It's not the most well-known certification out there, and in fact it's not considered a very difficult exam. There are plenty of free resources to learn the material with and a ton of books that cover the subject. If you just need a cert to put on paper, OSCP is probably a much more cost-effective bet.
    Hopefully-useful stuff I've written: http://kimiushida.com/bitsandpieces/articles/
    Reply With Quote Quote  

  7. Senior Member
    Join Date
    Jul 2011
    Posts
    101

    Certifications
    GCIA, GCIH, GPEN, GWAPT, GCFA, GREM, ACE
    #6
    Actually the OSCP is not web focused and is much more self guided which would prolly not suit someone just looking for the material to pass a cert. A good comparable cert would be: Web Application Penetration Testing Boot Camp - InfoSec Institute but this is around the same price as the gwapt. pretty much all the materials to pass the cert are provided in The Web Application Hacker's Handbook: Finding and Exploiting Security Flaws: Dafydd Stuttard, Marcus Pinto: 9781118026472: Amazon.com: Books

    her is more resources you might find helpful.


    https://www.owasp.org/index.php/Web_...ration_Testing
    Reply With Quote Quote  

  8. Random Member docrice's Avatar
    Join Date
    Apr 2010
    Location
    Bay Area, CA
    Posts
    1,399

    Certifications
    GSEC, GCFW, GCIA, GCIH, GWAPT, GAWN, GPEN, GCFE, GCFA, OSWP, SFCP, SnortCP, Sec+, CNSS 4011/4013; expired: CCNA (R&S, Security, Wireless), WCNA
    #7
    Hmm, I was under the impression that the OSCP was more web-oriented with some sprinkles of network-based pentesting. That's good to know.
    Hopefully-useful stuff I've written: http://kimiushida.com/bitsandpieces/articles/
    Reply With Quote Quote  

  9. Certification Invigilator Forum Admin JDMurray's Avatar
    Join Date
    Jul 2003
    Location
    Surf City USA
    Posts
    10,291
    Blog Entries
    50

    Certifications
    GSEC, EnCE, CISSP, SSCP, CEH (ANSI), CASP, CCNA, CCENT, CWSP, CWNA, CWTS, Security+, Server+, Network+, A+, DHTI+, PDI+, MSIT InfoSec
    #8
    When I did the OSCP course nearly three years ago, it was mostly application pen testing over a nework. The OSCP could certainly feature some tinkering with ports 80 and 443 if the authors wanted to.
    Moderator of the InfoSec, CWNP, IT Jobs, Virtualization, Java, and Microsoft Developers forums at www.techexams.net
    --
    Blog: www.techexams.net/blogs/jdmurray
    LinkedIn: www.linkedin.com/in/jamesdmurray
    Twitter: www.twitter.com/jdmurray
    Reply With Quote Quote  

  10. Senior Member YuckTheFankees's Avatar
    Join Date
    Apr 2011
    Location
    United States of America
    Posts
    1,191

    Certifications
    A few..
    #9
    From what I have heard, the eCPPT certification course is great for people interested in web application attacks.
    Reply With Quote Quote  

+ Reply to Thread

Social Networking & Bookmarks