Bug Bounty Bootcamp

The Guide to Finding and Reporting Web Vulnerabilities

Vickie Li

$79.99

Paperback

Not in-store but you can order this
How long will it take?

Availability Information

We source books from suppliers in Australia and overseas. For books we don't currently have in stock, the time it takes to get them from our suppliers can vary widely - from a few days to a few months - so we check each book with each supplier to determine the expected time it will take to be supplied to us.

We then advise you accordingly. If the time taken to get any book is too long for you, you can let us know and we will cancel or adjust your order, and refund as required.

To find out the anticipated arrival time for specific items prior to ordering, please contact us by phone or email:

Phone +61 2 9264 3111, or 1800 4 BOOKS (1800 4 26657) if outside Sydney:
option 1 Abbey's Bookshop (Crime, History, Science, Kids & more) • info@abbeys.com.au
option 2 Language Book Centre (ESL & Foreign Languages) • language@abbeys.com.au
option 3 Galaxy Bookshop (Sci-fi, Fantasy, Romance, Graphic Novels) • sf@galaxybooks.com.au

QTY:

English

No Starch Press,US
07 December 2021

Computer programming & software development

Bug Bounty Bootcamp teaches you how to hack web applications. You will learn how to perform reconnaissance on a target, how to identify vulnerabilities, and how to exploit them. You'll also learn how to navigate bug bounty programs set up by companies to reward security professionals for finding bugs in their web applications.

Bug Bounty Bootcamp teaches you how to hack web applications. You will learn how to perform reconnaissance on a target, how to identify vulnerabilities, and how to exploit them. You'll also learn how to navigate bug bounty programs set up by companies to reward security professionals for finding bugs in their web applications.

Bug bounty programs are company-sponsored programs that invite researchers to search for vulnerabilities on their applications and reward them for their findings. This book is designed to help beginners with little to no security experience learn web hacking, find bugs, and stay competitive in this booming and lucrative industry.

You'll start by learning how to choose a program, write quality bug reports, and maintain professional relationships in the industry. Then you'll learn how to set up a web hacking lab and use a proxy to capture traffic. In Part 3 of the book, you'll explore the mechanisms of common web vulnerabilities, like XSS, SQL injection, and template injection, and receive detailed advice on how to find them and bypass common protections. You'll also learn how to chain multiple bugs to maximize the impact of your vulnerabilities.

Finally, the book touches on advanced techniques rarely covered in introductory hacking books but that are crucial to understand to hack web applications. You'll learn how to hack mobile apps, review an application's source code for security issues, find vulnerabilities in APIs, and automate your hacking process. By the end of the book, you'll have learned the tools and techniques necessary to be a competent web hacker and find bugs on a bug bounty program.

By: Vickie Li
Imprint: No Starch Press,US
Country of Publication: United States
Dimensions: Height: 235mm, Width: 178mm, Spine: 1mm
Weight: 1g
ISBN: 9781718501546
ISBN 10: 1718501544
Pages: 416
Publication Date: 07 December 2021
Audience: General/trade , ELT Advanced
Format: Paperback
Publisher's Status: Active

Introduction Introduction Part I: The Industry Chapter 1: Picking a Bug Bounty Program Chapter 2: Sustaining Your Success Part II: Getting Started Chapter 3: How the Internet Works Chapter 4: Environmental Setup and Traffic Interception Chapter 5: Web Hacking Reconnaissance Part III: Web Vulnerabilities Chapter 6: Cross-Site Scripting Chapter 7: Open Redirects Chapter 8: Clickjacking Chapter 9: Cross-Site Request Forgery Chapter 10: Insecure Direct Object Reference Chapter 11: SQL Injection Chapter 12: Race Conditions Chapter 13: Server-Side Request Forgery Chapter 14: Insecure Deserialization Chapter 15: XML External Entity Vulnerabilities Chapter 16: Template Injection Chapter 17: Application Logic Errors and Broken Access Control Chapter 18: Remote Code Execution Chapter 19: Same Origin Policy Issues Chapter 20: Single Sign-on Issues Chapter 21: Information Disclosure Part IV: Expert Techniques Chapter 22: Conducting Code Reviews Chapter 23: Hacking Android Apps Chapter 24: API Hacking Chapter 25: Automatic Vulnerability Discovery Using Fuzzers Index

Vickie Li is a developer and security researcher experienced in finding and exploiting vulnerabilities in web applications. She has reported vulnerabilities to firms such as Facebook, Yelp and Starbucks and contributes to a number of online training programs and technical blogs.