The Web Application Hacker's Handbook 2nd: Discovering and Exploiting Security Flaws
The Web Application Hacker's Handbook 2nd: Discovering and Exploiting Security Flaws

Web Application (In)security
Core Defense Mechanisms
Web Application Technologies
Mapping the Application
Bypassing Client-Side Controls
Attacking Authentication
Attacking Session Management
Attacking Access Controls
Injecting Code
Exploiting Path Traversal
Attacking Application Logic
Attacking Other Users
Automating Bespoke Attacks
Exploiting Information Disclosure
Attacking Compiled Applications
Attacking Application Architecture
Attacking the Web Server
Finding Vulnerabilities in Source Code
A Web Application Hacker's Toolkit
A Web Application Hacker's Methodology

Download the full table of contents (PDF).
http://portswigger.net/wahh/wahh-toc.pdf