Bug Bounty Hunting Essentials
Packt Publishing Limited (Verlag)
978-1-78862-689-7 (ISBN)
- Keine Verlagsinformationen verfügbar
- Artikel merken
Get hands-on experience on concepts of Bug Bounty Hunting
Key Features
Get well-versed with the fundamentals of Bug Bounty Hunting
Hands-on experience on using different tools for bug hunting
Learn to write a bug bounty report according to the different vulnerabilities and its analysis
Book DescriptionBug bounty programs are the deals offered by prominent companies where-in any white-hat hacker can find bugs in the applications and they will have a recognition for the same. The number of prominent organizations having this program has increased gradually leading to a lot of opportunity for Ethical Hackers.
This book will initially start with introducing you to the concept of Bug Bounty hunting. Then we will dig deeper into concepts of vulnerabilities and analysis such as HTML injection, CRLF injection and so on. Towards the end of the book, we will get hands-on experience working with different tools used for bug hunting and various blogs and communities to be followed.
This book will get you started with bug bounty hunting and its fundamentals.
What you will learn
Learn the basics of bug bounty hunting
Hunt bugs in web applications
Hunt bugs in Android applications
Analyze the top 300 bug reports
Discover bug bounty hunting research methodologies
Explore different tools used for Bug Hunting
Who this book is forThis book is targeted towards white-hat hackers, or anyone who wants to understand the concept behind bug bounty hunting and understand this brilliant way of penetration testing.
This book does not require any knowledge on bug bounty hunting.
Carlos A. Lozano is a security consultant with more than 15 years' experience in various security fields. He has worked in penetration tester, but most of his experience is with security application assessments. He has assessed financial applications, ISC/SCADA systems, and even low-level applications, such as drivers and embedded components. Two years ago, he started on public and private bug bounty programs and focused on web applications, source code review, and reversing projects. Also, Carlos works as Chief Operations Officer at Global CyberSec, an information security firm based in Mexico, with operations in USA and Chile. Shahmeer Amir is ranked as the third most accomplished bug hunter worldwide and has helped more than 400 organizations, including Facebook, Microsoft, Yahoo, and Twitter, resolve critical security issues in their systems. Following his vision of a safer internet, Shahmeer Amir is the founder and CEO of a cyber security start-up in Pakistan, Veiliux, aiming to secure all kinds of organizations. Shahmeer also holds relevant certifications in the field of cyber security from renowned organizations such as EC-Council, Mile2, and ELearn Security. By profession, Shahmeer is an electrical engineer working on different IoT products to make the lives of people easier.
Table of Contents
Basics of Bug Bounty Hunting
How to write a Bug Bounty Report
SQL Injection Vulnerabilities
Cross Site Request Forgery
Application Logic Vulnerabilities
Cross Site Scripting Attacks
SQL Injection
Open Redirect Vulnerabilities
Sub Domain Takeover
XML External Entity Vulnerability
Template Injection
Top Bug Bounty Hunting tools
Top Learning resources
| Erscheinungsdatum | 05.12.2018 |
|---|---|
| Verlagsort | Birmingham |
| Sprache | englisch |
| Maße | 75 x 93 mm |
| Themenwelt | Informatik ► Netzwerke ► Sicherheit / Firewall |
| ISBN-10 | 1-78862-689-3 / 1788626893 |
| ISBN-13 | 978-1-78862-689-7 / 9781788626897 |
| Zustand | Neuware |
| Informationen gemäß Produktsicherheitsverordnung (GPSR) | |
| Haben Sie eine Frage zum Produkt? |
aus dem Bereich
