Goal

The path to "Webセキュリティ担当者のための脆弱性診断スタートガイド第2版"

Here is the reading path leading up to this book, derived from its dependencies and ordered from the fundamentals.

The path so far (2 books)

Real World HTTP 第3版
Why read this first: Authentication, sessions, and cookies all sit on top of HTTP. Grasping HTTP's behavior from first principles first lets you understand structurally where in the protocol the vulnerabilities in Tokumaru's book actually arise.
Sources
- HTTP - MDN Web Docs
- OWASP Top 10 - OWASP Foundation
体系的に学ぶ安全なWebアプリケーションの作り方第2版
Why read this first: After learning the principles of vulnerabilities, verify them with your own hands. Dynamic analysis with OWASP ZAP and Burp Suite lets you feel how attacks you knew only in theory actually succeed in real traffic, closing the gap between theory and practice.
Sources
- OWASP Web Security Testing Guide - OWASP Foundation