Chapter 1, Basics of Bug Bounty Hunting, gives you an overview of what bug bounty hunting is and what the key steps for doing it are, including the techniques, platforms, and tools that are necessary for it.

Chapter 2, How to Write a Bug Bounty Report, provides you with information on how to use a vulnerability coordination platform to write bug bounty reports and how to respond to company's questions with caution and respect. It will also provide tips on how to increase payouts.

Chapter 3, SQL Injection Vulnerabilities, focuses on CRLF bug bounty reports. A CRLF injection attack occurs when a user manages to submit a CRLF into an application. This is most commonly done by modifying an HTTP parameter or URL.

Chapter 4, Cross-Site Request Forgery, is about basic Cross-Site Request Forgery (CSRF) attacks and bug bounty reports. CSRF is an attack that forces an end user to execute unwanted actions on a web application in which they're currently authenticated.

Chapter 5, Application Logic Vulnerabilities, is about business logic and application logic flaws. Application business logic flaws are unique to each custom application, potentially very damaging, and difficult to test. Attackers exploit business logic by using deductive reasoning to trick and ultimately exploit the application.

Chapter 6, Cross-Site Scripting Attacks, covers Cross-Site Scripting (XSS) vulnerabilities. XSS is a type of computer security vulnerability typically found in web applications. XSS enables attackers to inject client-side scripts into web pages viewed by other users.

Chapter 7, SQL Injection, is mostly about finding SQL injection flaws in bug bounty programs. SQL injection is one of the most common web hacking techniques. SQL injection is the placement of malicious code in SQL statements via web page input.

Chapter 8, Open Redirect Vulnerabilities, is about open redirect vulnerabilities in web applications. Unvalidated redirects and forwards are possible when a web application accepts untrusted input that could cause the web application to redirect the request to a URL contained within untrusted input. By modifying untrusted URL input to a malicious site, an attacker may successfully launch a phishing scam and steal user credentials.

Chapter 9, Sub-Domain Takeover, focuses on sub-domain takeover vulnerabilities. A sub-domain takeover is considered a high-severity threat and boils down to the registration of a domain by somebody else (with malicious intentions) in order to gain control over one or more (sub-)domains.

Chapter 10, XML External Entity Vulnerability, is about XML External Entity (XXE) attacks. XXE refers to a specific type of Server-Side Request Forgery (SSRF) attack, whereby an attacker is able to cause Denial of Service (DoS) and access local or remote files and services by abusing a widely available, rarely used feature in an XML parser.

Chapter 11, Template Injection, is mainly about template injection vulnerabilities. Template injection vulnerabilities arise when applications using a client-side or server-side template framework dynamically embed user input in web pages.

Chapter 12, Top Bug Bounty Hunting Tools, reviews the most used tools for web application security assessments. Most of them are open source or for free, but we will also mention some tools that are licensed.

Chapter 13, Top Learning Resources, lists some resources to be updated in the new technologies, exploiting techniques and vulnerability disclosures.

There are a number of text conventions used throughout this book.

CodeInText: Indicates code words in text, database table names, folder names, filenames, file extensions, pathnames, dummy URLs, user input, and Twitter handles. Here is an example: "In a vulnerability example, the subdomain (hello.domain.com) uses a canoninal name"

A block of code is set as follows:

package subjack 
 
import ( 
   "log" 
   "sync" 
)

When we wish to draw your attention to a particular part of a code block, the relevant lines or items are set in bold:

package subjack 
 
import ( 
   "log" 
   "sync" 
)

Any command-line input or output is written as follows:

$ amass -d bigshot.beet
$ amass -src -ip -brute -min-for-recursive 3 -d example.com

Bold: Indicates a new term, an important word, or words that you see onscreen. For example, words in menus or dialog boxes appear in the text like this. Here is an example: "Right-click on a website and select Inspect Element"