Zum Hauptinhalt springen
Dekorationsartikel gehören nicht zum Leistungsumfang.
Bug Bounty Hunting for Web Security
Find and Exploit Vulnerabilities in Web sites and Applications
Taschenbuch von Sanjib Sinha
Sprache: Englisch

49,45 €*

inkl. MwSt.

Versandkostenfrei per Post / DHL

auf Lager, Lieferzeit 2-4 Werktage

Kategorien:
Beschreibung
Start with the basics of bug hunting and learn more about implementing an offensive approach by finding vulnerabilities in web applications. Getting an introduction to Kali Linux, you will take a close look at the types of tools available to you and move on to set up your virtual lab. You will then discover how request forgery injection works on web pages and applications in a mission-critical setup. Moving on to the most challenging task for any web application, you will take a look at how cross-site scripting works and find out about effective ways to exploit it.

You will then learn about header injection and URL redirection along with key tips to find vulnerabilities in them. Keeping in mind how attackers can deface your website, you will work with malicious files and automate your approach to defend against these attacks. Moving on to Sender Policy Framework (SPF), you will see tips to find vulnerabilities in it and exploit them. Following this,you will get to know how unintended XML injection and command injection work to keep attackers at bay. Finally, you will examine different attack vectors used to exploit HTML and SQL injection. Overall, Bug Bounty Hunting for Web Security will help you become a better penetration tester and at the same time it will teach you how to earn bounty by hunting bugs in web applications.

What You Will Learn

Implement an offensive approach to bug hunting
Create and manage request forgery on web pages Poison Sender Policy Framework and exploit it
Defend against cross-site scripting (XSS) attacks Inject headers and test URL redirection
Work with malicious files and command injectionResist strongly unintended XML attacks
Who This Book Is For
White-hat hacking enthusiasts who are new to bug hunting and are interested in understanding the core concepts.
Start with the basics of bug hunting and learn more about implementing an offensive approach by finding vulnerabilities in web applications. Getting an introduction to Kali Linux, you will take a close look at the types of tools available to you and move on to set up your virtual lab. You will then discover how request forgery injection works on web pages and applications in a mission-critical setup. Moving on to the most challenging task for any web application, you will take a look at how cross-site scripting works and find out about effective ways to exploit it.

You will then learn about header injection and URL redirection along with key tips to find vulnerabilities in them. Keeping in mind how attackers can deface your website, you will work with malicious files and automate your approach to defend against these attacks. Moving on to Sender Policy Framework (SPF), you will see tips to find vulnerabilities in it and exploit them. Following this,you will get to know how unintended XML injection and command injection work to keep attackers at bay. Finally, you will examine different attack vectors used to exploit HTML and SQL injection. Overall, Bug Bounty Hunting for Web Security will help you become a better penetration tester and at the same time it will teach you how to earn bounty by hunting bugs in web applications.

What You Will Learn

Implement an offensive approach to bug hunting
Create and manage request forgery on web pages Poison Sender Policy Framework and exploit it
Defend against cross-site scripting (XSS) attacks Inject headers and test URL redirection
Work with malicious files and command injectionResist strongly unintended XML attacks
Who This Book Is For
White-hat hacking enthusiasts who are new to bug hunting and are interested in understanding the core concepts.
Über den Autor

Sanjib Sinha is an author and tech writer. Being a certified .NET Windows and web developer, he has specialized in Python security programming, Linux, and many programming languages that include C#, PHP, Python, Dart, Java, and JavaScript. Sanjib has also won Microsoft's Community Contributor Award in 2011 and he has written Beginning Ethical Hacking with Python, Beginning Ethical Hacking with Kali Linux, and two editions of Beginning Laravel for Apress.

Zusammenfassung
Includes Sender Policy Framework testing and exploitation
Covers Header Injection and URL Redirection in detail
Shows how to inject Unintended XML
Inhaltsverzeichnis
Chapter 1: Introduction to Hunting Bugs.- Chapter 2: Setting up Your Environment.- Chapter 3: How to inject Request Forgery.- Chapter 4: How to exploit through Cross Site Scripting (XSS).- Chapter 5: Header Injection and URL Redirection.- Chapter 6: Malicious Files.- Chapter 7: Poisoning Sender Policy Framework (SPF).- Chapter 8: Injecting Unintended XML.- Chapter 9: Finding Command Injection Vulnerabilities.- Chapter 10: Finding HTML and SQL Injection Vulnerabilities.- Appendix: Further Reading.
Details
Erscheinungsjahr: 2019
Genre: Importe, Informatik
Rubrik: Naturwissenschaften & Technik
Medium: Taschenbuch
Inhalt: xvi
225 S.
140 s/w Illustr.
225 p. 140 illus.
ISBN-13: 9781484253908
ISBN-10: 1484253906
Sprache: Englisch
Ausstattung / Beilage: Paperback
Einband: Kartoniert / Broschiert
Autor: Sinha, Sanjib
Auflage: 1st ed.
Hersteller: APRESS
Verantwortliche Person für die EU: Books on Demand GmbH, In de Tarpen 42, D-22848 Norderstedt, info@bod.de
Maße: 235 x 155 x 14 mm
Von/Mit: Sanjib Sinha
Erscheinungsdatum: 13.11.2019
Gewicht: 0,376 kg
Artikel-ID: 117275338
Über den Autor

Sanjib Sinha is an author and tech writer. Being a certified .NET Windows and web developer, he has specialized in Python security programming, Linux, and many programming languages that include C#, PHP, Python, Dart, Java, and JavaScript. Sanjib has also won Microsoft's Community Contributor Award in 2011 and he has written Beginning Ethical Hacking with Python, Beginning Ethical Hacking with Kali Linux, and two editions of Beginning Laravel for Apress.

Zusammenfassung
Includes Sender Policy Framework testing and exploitation
Covers Header Injection and URL Redirection in detail
Shows how to inject Unintended XML
Inhaltsverzeichnis
Chapter 1: Introduction to Hunting Bugs.- Chapter 2: Setting up Your Environment.- Chapter 3: How to inject Request Forgery.- Chapter 4: How to exploit through Cross Site Scripting (XSS).- Chapter 5: Header Injection and URL Redirection.- Chapter 6: Malicious Files.- Chapter 7: Poisoning Sender Policy Framework (SPF).- Chapter 8: Injecting Unintended XML.- Chapter 9: Finding Command Injection Vulnerabilities.- Chapter 10: Finding HTML and SQL Injection Vulnerabilities.- Appendix: Further Reading.
Details
Erscheinungsjahr: 2019
Genre: Importe, Informatik
Rubrik: Naturwissenschaften & Technik
Medium: Taschenbuch
Inhalt: xvi
225 S.
140 s/w Illustr.
225 p. 140 illus.
ISBN-13: 9781484253908
ISBN-10: 1484253906
Sprache: Englisch
Ausstattung / Beilage: Paperback
Einband: Kartoniert / Broschiert
Autor: Sinha, Sanjib
Auflage: 1st ed.
Hersteller: APRESS
Verantwortliche Person für die EU: Books on Demand GmbH, In de Tarpen 42, D-22848 Norderstedt, info@bod.de
Maße: 235 x 155 x 14 mm
Von/Mit: Sanjib Sinha
Erscheinungsdatum: 13.11.2019
Gewicht: 0,376 kg
Artikel-ID: 117275338
Sicherheitshinweis