Bug Bounty Hunting Essentials: Quick-paced guide to help white-hat hackers get through bug bounty programs
暫譯: 漏洞獎勵獵捕必備知識:幫助白帽駭客快速通過漏洞獎勵計畫的指南

Carlos A. Lozano, Shahmeer Amir

Bug Bounty Hunting Essentials: Quick-paced guide to help white-hat hackers get through bug bounty programs
  • 出版商: Packt Publishing
  • 出版日期: 2018-11-30
  • 售價: $1,840
  • 貴賓價: 9.5$1,748
  • 語言: 英文
  • 頁數: 270
  • 裝訂: Paperback
  • ISBN: 1788626893
  • ISBN-13: 9781788626897
  • 相關分類: 駭客 Hack

    • 海外代購書籍(需單獨結帳)

商品描述

Get hands-on experience on concepts of Bug Bounty Hunting

Key Features

  • Get well-versed with the fundamentals of Bug Bounty Hunting
  • Hands-on experience on using different tools for bug hunting
  • Learn to write a bug bounty report according to the different vulnerabilities and its analysis

Book Description

Bug bounty programs are the deals offered by prominent companies where-in any white-hat hacker can find bugs in the applications and they will have a recognition for the same. The number of prominent organizations having this program has increased gradually leading to a lot of opportunity for Ethical Hackers.

This book will initially start with introducing you to the concept of Bug Bounty hunting. Then we will dig deeper into concepts of vulnerabilities and analysis such as HTML injection, CRLF injection and so on. Towards the end of the book, we will get hands-on experience working with different tools used for bug hunting and various blogs and communities to be followed.

This book will get you started with bug bounty hunting and its fundamentals.

What you will learn

  • Learn the basics of bug bounty hunting
  • Hunt bugs in web applications
  • Hunt bugs in Android applications
  • Analyze the top 300 bug reports
  • Discover bug bounty hunting research methodologies
  • Explore different tools used for Bug Hunting

Who this book is for

This book is targeted towards white-hat hackers, or anyone who wants to understand the concept behind bug bounty hunting and understand this brilliant way of penetration testing.

This book does not require any knowledge on bug bounty hunting.

Table of Contents

  1. Basics of Bug Bounty Hunting
  2. How to write a Bug Bounty Report
  3. SQL Injection Vulnerabilities
  4. Cross Site Request Forgery
  5. Application Logic Vulnerabilities
  6. Cross Site Scripting Attacks
  7. SQL Injection
  8. Open Redirect Vulnerabilities
  9. Sub Domain Takeover
  10. XML External Entity Vulnerability
  11. Template Injection
  12. Top Bug Bounty Hunting tools
  13. Top Learning resources

商品描述(中文翻譯)

**獲得 Bug Bounty Hunting 概念的實作經驗**

### 主要特點
- 熟悉 Bug Bounty Hunting 的基本原則
- 實作使用不同工具進行漏洞獵捕的經驗
- 學習根據不同的漏洞及其分析撰寫 Bug Bounty 報告

### 書籍描述
Bug bounty 計畫是由知名公司提供的機會,任何白帽駭客都可以在應用程式中尋找漏洞,並因此獲得認可。擁有此計畫的知名組織數量逐漸增加,為道德駭客帶來了許多機會。

本書將首先介紹 Bug Bounty Hunting 的概念。接著,我們將深入探討漏洞及其分析的概念,例如 HTML 注入、CRLF 注入等。在書籍的最後,我們將獲得使用不同工具進行漏洞獵捕的實作經驗,以及需要關注的各種部落格和社群。

本書將幫助你開始了解漏洞獵捕及其基本原則。

### 你將學到的內容
- 學習漏洞獵捕的基礎知識
- 在網頁應用程式中尋找漏洞
- 在 Android 應用程式中尋找漏洞
- 分析前 300 個漏洞報告
- 探索漏洞獵捕的研究方法
- 探索用於漏洞獵捕的不同工具

### 本書適合誰
本書針對白帽駭客,或任何想要了解漏洞獵捕背後概念的人,並理解這種出色的滲透測試方式。

本書不需要任何關於漏洞獵捕的知識。

### 目錄
1. Bug Bounty Hunting 的基礎
2. 如何撰寫 Bug Bounty 報告
3. SQL 注入漏洞
4. 跨站請求偽造
5. 應用邏輯漏洞
6. 跨站腳本攻擊
7. SQL 注入
8. 開放重定向漏洞
9. 子域名接管
10. XML 外部實體漏洞
11. 模板注入
12. 主要的 Bug Bounty Hunting 工具
13. 主要的學習資源

類似商品

最後瀏覽商品 (13)