Bug Bounty Hunting for Web Security - Sanjib Sinha

Bug Bounty Hunting for Web Security (eBook)

Find and Exploit Vulnerabilities in Web sites and Applications

(Autor)

eBook Download: PDF
2019 | 1st ed.
XVI, 225 Seiten
Apress (Verlag)
978-1-4842-5391-5 (ISBN)
Systemvoraussetzungen
56,99 inkl. MwSt
  • Download sofort lieferbar
  • Zahlungsarten anzeigen

Start with the basics of bug hunting and learn more about implementing an offensive approach by finding vulnerabilities in web applications. Getting an introduction to Kali Linux, you will take a close look at the types of tools available to you and move on to set up your virtual lab. You will then discover how request forgery injection works on web pages and applications in a mission-critical setup. Moving on to the most challenging task for any web application, you will take a look at how cross-site scripting works and find out about effective ways to exploit it. 

 

You will then learn about header injection and URL redirection along with key tips to find vulnerabilities in them. Keeping in mind how attackers can deface your website, you will work with malicious files and automate your approach to defend against these attacks. Moving on to Sender Policy Framework (SPF), you will see tips to find vulnerabilities in it and exploit them. Following this, you will get to know how unintended XML injection and command injection work to keep attackers at bay. Finally, you will examine different attack vectors used to exploit HTML and SQL injection. Overall, Bug Bounty Hunting for Web Security will help you become a better penetration tester and at the same time it will teach you how to earn bounty by hunting bugs in web applications.

 

What You Will Learn

  • Implement an offensive approach to bug hunting
  • Create and manage request forgery on web pages
  • Poison Sender Policy Framework and exploit it
  • Defend against cross-site scripting (XSS) attacks 
  • Inject headers and test URL redirection
  • Work with malicious files and command injection
  • Resist strongly unintended XML attacks 

Who This Book Is For

White-hat hacking enthusiasts who are new to bug hunting and are interested in understanding the core concepts.


Sanjib Sinha is an author and tech writer. Being a certified .NET Windows and web developer, he has specialized in Python security programming, Linux, and many programming languages that include C#, PHP, Python, Dart, Java, and JavaScript. Sanjib has also won Microsoft's Community Contributor Award in 2011 and he has written Beginning Ethical Hacking with Python, Beginning Ethical Hacking with Kali Linux, and two editions of Beginning Laravel for Apress.


Start with the basics of bug hunting and learn more about implementing an offensive approach by finding vulnerabilities in web applications. Getting an introduction to Kali Linux, you will take a close look at the types of tools available to you and move on to set up your virtual lab. You will then discover how request forgery injection works on web pages and applications in a mission-critical setup. Moving on to the most challenging task for any web application, you will take a look at how cross-site scripting works and find out about effective ways to exploit it.  You will then learn about header injection and URL redirection along with key tips to find vulnerabilities in them. Keeping in mind how attackers can deface your website, you will work with malicious files and automate your approach to defend against these attacks. Moving on to Sender Policy Framework (SPF), you will see tips to find vulnerabilities in it and exploit them. Following this, you will get to know how unintended XML injection and command injection work to keep attackers at bay. Finally, you will examine different attack vectors used to exploit HTML and SQL injection. Overall, Bug Bounty Hunting for Web Security will help you become a better penetration tester and at the same time it will teach you how to earn bounty by hunting bugs in web applications. What You Will Learn Implement an offensive approach to bug hunting Create and manage request forgery on web pages Poison Sender Policy Framework and exploit it Defend against cross-site scripting (XSS) attacks  Inject headers and test URL redirection Work with malicious files and command injectionResist strongly unintended XML attacks Who This Book Is ForWhite-hat hacking enthusiasts who are new to bug hunting and are interested in understanding the core concepts.
Erscheint lt. Verlag 12.11.2019
Zusatzinfo XVI, 225 p. 140 illus.
Sprache englisch
Themenwelt Informatik Netzwerke Sicherheit / Firewall
Mathematik / Informatik Informatik Programmiersprachen / -werkzeuge
Mathematik / Informatik Mathematik Finanz- / Wirtschaftsmathematik
Wirtschaft Betriebswirtschaft / Management Wirtschaftsinformatik
Schlagworte Bounty • bughunting • Bugs • burpsuite • CSRF • defacement • Linux • SPF • sqlinjection • unintendedXML • XSS
ISBN-10 1-4842-5391-4 / 1484253914
ISBN-13 978-1-4842-5391-5 / 9781484253915
Haben Sie eine Frage zum Produkt?
PDFPDF (Wasserzeichen)
Größe: 9,1 MB

DRM: Digitales Wasserzeichen
Dieses eBook enthält ein digitales Wasser­zeichen und ist damit für Sie persona­lisiert. Bei einer missbräuch­lichen Weiter­gabe des eBooks an Dritte ist eine Rück­ver­folgung an die Quelle möglich.

Dateiformat: PDF (Portable Document Format)
Mit einem festen Seiten­layout eignet sich die PDF besonders für Fach­bücher mit Spalten, Tabellen und Abbild­ungen. Eine PDF kann auf fast allen Geräten ange­zeigt werden, ist aber für kleine Displays (Smart­phone, eReader) nur einge­schränkt geeignet.

Systemvoraussetzungen:
PC/Mac: Mit einem PC oder Mac können Sie dieses eBook lesen. Sie benötigen dafür einen PDF-Viewer - z.B. den Adobe Reader oder Adobe Digital Editions.
eReader: Dieses eBook kann mit (fast) allen eBook-Readern gelesen werden. Mit dem amazon-Kindle ist es aber nicht kompatibel.
Smartphone/Tablet: Egal ob Apple oder Android, dieses eBook können Sie lesen. Sie benötigen dafür einen PDF-Viewer - z.B. die kostenlose Adobe Digital Editions-App.

Buying eBooks from abroad
For tax law reasons we can sell eBooks just within Germany and Switzerland. Regrettably we cannot fulfill eBook-orders from other countries.

Mehr entdecken
aus dem Bereich
Das Praxishandbuch zu Krisenmanagement und Krisenkommunikation

von Holger Kaschner

eBook Download (2024)
Springer Fachmedien Wiesbaden (Verlag)
34,99
Methodische Kombination von IT-Strategie und IT-Reifegradmodell

von Markus Mangiapane; Roman P. Büchler

eBook Download (2024)
Springer Vieweg (Verlag)
42,99