Skip to content Skip to footer

Publication – Web App Hacking: Carnage & Pwnage

Additional information






8.5 x 0.4 x 11 inches

Categories: , Tags: , , , Product ID: 327



From Wireless to Web Application to Container pownage, this issue covers attacks and exploitation and post exploitation. After you are on the system, what do you do? Do you want to exfil (take their data) or pivot and attack other systems first? we have you covered. This issue has a large focus on the OWASP top 10 web app vulnerabilities and even has a nice section for Docker container exploitation. Where there is a web, there is a way.

Reviews (4)


  1. Avatar

    geselle tliche

    Enjoy these cyber secrets

    Really glad I purchased the book. It has great insight and I’m excited to share this with my students.
    Jeremy Martin’s experience shines through along with his co authors Vishal Belbase and Federico Ferreira have produced a well thought out and informative book.

  2. Avatar


    Informative, Practical & Current. A must read for Cyber Security Professionals & Those Starting Out!

    The contents of this book not only assists with the understanding of the complexity of data breaches it also provides practical real-world walk throughs of applications/scripts which reinforces your understanding of the environment you are analyzing or operating in. The tools illustrated are current and relevant to today’s threats and vulnerabilities. I have not read or used any other publication like this. Great Job Cyber Secrets Team, keep it going!

    If you haven’t discovered the CSI Linux platform, you are missing out on an amazing investigative tool that outperforms any other open-source tool on the market. Its capabilities go far beyond any other platform out there. It will assist you in OSINT, Social Media, Domain Recon, and Dark Web investigations to offline Digital Forensics, Incident Response and Malware Analysis – C S I L I N U X

  3. Avatar

    Nowita Ojeh

    Web App Hacking: Carnage & Pwnage — An Absolute Cyber Arsenal

    Over the past two decades, I have read many security and web apps (pen) testing books. Jeremy Martin has assembled real-world security practitioners in writing the “Cyber Secrets” series, “Web App Hacking: Carnage & Pwnage.” This book is one of the best that covers web application testing, leveraging, and simulating modern adversaries’ tactics, techniques, and procedures (TTPs). It’s packed full of hands-on guides for assessing and securing your web-based apps. Specifically, the book addresses OWASP Top 10 security risks, among other advanced topics and frameworks.

    The one thing I didn’t see covered is Multi-Factor Authentication (MFA). I hope to see this addressed in a future edition of the book.

    I strongly recommend this book for inclusion in any practitioner’s library. The knowledge shared is indispensable

  4. Avatar

    T. Hoffman

    The most important document to read this year

    Cyber Secrets has never been more relevant than right now. The adversaries are getting skilled up – are you?
    Your cybersecurity must be approached as a Program. The value of adding this offering to your existing training can’t be overstated. Jeremy Martin and team have another success!

Add a review

Your email address will not be published. Required fields are marked *

Publication – Web App Hacking: Carnage & Pwnage