Web Application Security: Exploitation and Countermeasures for Modern Web Applications by Andrew Hoffman