Book

Hands-On Bug Hunting for Penetration Testers

Bug bounties have quickly become a critical part of the security economy. This book shows you how technical professionals with an interest in security can begin productively—and profitably—participating in bug bounty programs.

Offered by

Difficulty Level

Intermediate

Completion Time

8h20m

Language

English

About Book

Who Is This Book For?

This book is written for developers, hobbyists, pentesters, and anyone with an interest (and a little experience) in web application security.

Hands-On Bug Hunting for Penetration Testers

About Book

Who Is This Book For?

Book Content

Book content

chapters • 8h20m total length

Joining the Hunt

Choosing Your Hunting Ground

Preparing for an Engagement

Unsanitized Data; An XSS Case Study

SQL, Code Injection, and Scanners

CSRF and Insecure Session Authentication

Detecting XML External Entities

Access Control and Security Through Obscurity

Framework and Application-Specific Vulnerabilities

Formatting Your Report

Other Tools

Other (Out of Scope) Vulnerabilities

Going Further

Assessment

Related Resources

Access Ready-to-Use Books for Free!

Get instant access to a library of pre-built books—free trial, no credit card required. Start training your team in minutes!

Hands-On Bug Hunting for Penetration Testers

About Book

Who Is This Book For?

Hands-On Bug Hunting for Penetration Testers

Book content

Joining the Hunt

Choosing Your Hunting Ground

Preparing for an Engagement

Unsanitized Data; An XSS Case Study

SQL, Code Injection, and Scanners

CSRF and Insecure Session Authentication

Detecting XML External Entities

Access Control and Security Through Obscurity

Framework and Application-Specific Vulnerabilities

Formatting Your Report

Other Tools

Other (Out of Scope) Vulnerabilities

Going Further

Assessment

Related Resources

Access Ready-to-Use Books for Free!

Start Your 30-Day Free Trial