The Open Web Application Security Project (OWASP) “is developing software tools and knowledge based documentation that helps people secure web applications and web services.” They’ve got a free
book (Read before you click: PDF, 93 pages, 1.7 megs) available on their website.