Search icon CANCEL
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Hands-On Bug Hunting for Penetration Testers

You're reading from   Hands-On Bug Hunting for Penetration Testers A practical guide to help ethical hackers discover web application security flaws

Arrow left icon
Product type Paperback
Published in Sep 2018
Publisher Packt
ISBN-13 9781789344202
Length 250 pages
Edition 1st Edition
Languages
Arrow right icon
Authors (2):
Arrow left icon
Himanshu Sharma Himanshu Sharma
Author Profile Icon Himanshu Sharma
Himanshu Sharma
Joe Marshall Joe Marshall
Author Profile Icon Joe Marshall
Joe Marshall
Arrow right icon
View More author details
Toc

Table of Contents (16) Chapters Close

Preface 1. Joining the Hunt 2. Choosing Your Hunting Ground FREE CHAPTER 3. Preparing for an Engagement 4. Unsanitized Data – An XSS Case Study 5. SQL, Code Injection, and Scanners 6. CSRF and Insecure Session Authentication 7. Detecting XML External Entities 8. Access Control and Security Through Obscurity 9. Framework and Application-Specific Vulnerabilities 10. Formatting Your Report 11. Other Tools 12. Other (Out of Scope) Vulnerabilities 13. Going Further 14. Assessment 15. Other Books You May Enjoy

What this book covers

Chapter 1, Joining the Hunt, introduces the concept of bug bounties, their value to companies, and the most common types of programs. It also sets up expectations for what the reader should know going into the book.

Chapter 2, Choosing Your Hunting Ground, explains how to evaluate individual bug bounty programs and whether to participate in them. It explains factors such as payouts, community engagement, terms of engagements, and participating in company quality.

Chapter 3, Preparing for an Engagement, explains how to prepare for a pentesting engagement, from how to standardize the reconnaissance process, to understanding the application’s attack surface, to the importance of good note taking and, later, preparing submission reports.

Chapter 4, Unsanitized Data – An XSS Case Study, describes how and where to find XSS vulnerabilities - a variety of code injection that represents one of the most common web application vulnerabilities today.

Chapter 5, SQL, Code Injection and Scanners, describes the different varieties of code injection attacks and how to safely test for them, covering different types of injection, such as blind or error-based injection.

Chapter 6, CSRF and Insecure Session Authentication, discusses vulnerabilities related to insecure session authentication, focusing on CSRF and how to create a CSRF PoC to test for them.

Chapter 7, Detecting XML External Entities (XEE), focuses on XML External Entity vulnerability detection and related XML injection techniques that can work in conjunction with XXE.

Chapter 8, Access Control and Security Through Obscurity, goes over how to find hidden information/data leaks in web applications and discerning between what data is important (and will win you an award) and what’s not. It covers different types of sensitive data and gives you examples from the field.

Chapter 9, Framework and Application-Specific Vulnerabilities, covers approaching a pentesting engagement from the perspective of testing for application/framework-specific vulnerabilities, focusing on general Known Common Vulnerabilities and Exposures (CVEs), as well as methods for testing WordPress, Rails, and Django apps, including strategies, tools, tips, and tricks.

Chapter 10, Formatting Your Report, goes over how to compose a bug report to receive the maximum payout, drawing on examples and information from earlier vulnerability-specific chapters and providing examples (with commentary) on the finer considerations of your submission.

Chapter 11, Other Tools, goes over other tools not covered in the course of the vulnerability examples and how to vet new ones. It also explains how to evaluate free versus paid products and jumping off points for pentesting regimens that focus on bugs not detailed extensively in the work (for example, weak WAF rules/network gaps).

Chapter 12, Other (Out-of-Scope) Vulnerabilities, goes over other vulnerabilities not covered in the course of the book and why they don’t command payouts in most bug bounty programs.

Chapter 13, Going Further, explains where the reader can turn to for more information about participating in bug bounty programs - running through courses and resources for continuing to develop your security acumen. It also features a dictionary of pentesting/security terms to clearly define the way the book employs certain terminology.

lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime