Bug bounty hunting for web security : find and exploit vulnerabilities in web sites and applications / Sanjib Sinha.
2019
TK5105.59
Linked e-resources
Linked Resource
Online Access
Concurrent users
Unlimited
Authorized users
Authorized users
Document Delivery Supplied
Can lend chapters, not whole ebooks
Details
Title
Bug bounty hunting for web security : find and exploit vulnerabilities in web sites and applications / Sanjib Sinha.
Author
Sinha, Sanjib. author.
ISBN
9781484253915 (electronic book)
1484253914 (electronic book)
9781484253908
1484253914 (electronic book)
9781484253908
Published
Berkeley, CA : Apress, 2019.
Language
English
Description
1 online resource (xvi, 225 pages) : illustrations.
Item Number
10.1007/978-1-4842-5391-5 doi
10.1007/978-1-4842-5
10.1007/978-1-4842-5
Call Number
TK5105.59
Dewey Decimal Classification
005.8
Summary
Start with the basics of bug hunting and learn more about implementing an offensive approach by finding vulnerabilities in web applications. Getting an introduction to Kali Linux, you will take a close look at the types of tools available to you and move on to set up your virtual lab. You will then discover how request forgery injection works on web pages and applications in a mission-critical setup. Moving on to the most challenging task for any web application, you will take a look at how cross-site scripting works and find out about effective ways to exploit it. You will then learn about header injection and URL redirection along with key tips to find vulnerabilities in them. Keeping in mind how attackers can deface your website, you will work with malicious files and automate your approach to defend against these attacks. Moving on to Sender Policy Framework (SPF),you will see tips to find vulnerabilities in it and exploit them. Following this, you will get to know how unintended XML injection and command injection work to keep attackers at bay. Finally, you will examine different attack vectors used to exploit HTML and SQL injection. Overall, Bug Bounty Hunting for Web Security will help you become a better penetration tester and at the same time it will teach you how to earn bounty by hunting bugs in web applications. You will: Implement an offensive approach to bug hunting Create and manage request forgery on web pages Poison Sender Policy Framework and exploit it Defend against cross-site scripting (XSS) attacks Inject headers and test URL redirection Work with malicious files and command injection Resist strongly unintended XML attacks.
Note
Includes index.
Access Note
Access limited to authorized users.
Source of Description
Online resource; title from PDF title page (SpringerLink, viewed November 18, 2019).
Available in Other Form
Bug Bounty Hunting for Web Security : Find and Exploit Vulnerabilities in Web Sites and Applications
Linked Resources
Online Access
Record Appears in
Online Resources > Ebooks
All Resources
All Resources
Table of Contents
Chapter 1: Introduction to Hunting Bugs
Chapter 2: Setting up Your Environment
Chapter 3: How to inject Request Forgery
Chapter 4: How to exploit through Cross Site Scripting (XSS)
Chapter 5: Header Injection and URL Redirection
Chapter 6: Malicious Files
Chapter 7: Poisoning Sender Policy Framework (SPF)
Chapter 8: Injecting Unintended XML
Chapter 9: Finding Command Injection Vulnerabilities
Chapter 10: Finding HTML and SQL Injection Vulnerabilities
Appendix: Further Reading.
Chapter 2: Setting up Your Environment
Chapter 3: How to inject Request Forgery
Chapter 4: How to exploit through Cross Site Scripting (XSS)
Chapter 5: Header Injection and URL Redirection
Chapter 6: Malicious Files
Chapter 7: Poisoning Sender Policy Framework (SPF)
Chapter 8: Injecting Unintended XML
Chapter 9: Finding Command Injection Vulnerabilities
Chapter 10: Finding HTML and SQL Injection Vulnerabilities
Appendix: Further Reading.