BookShared
  • MEMBER AREA    
  • Real-World Bug Hunting: A Field Guide to Web Hacking

    (By Peter Yaworski)

    Book Cover Watermark PDF Icon Read Ebook
    ×
    Size 21 MB (21,080 KB)
    Format PDF
    Downloaded 584 times
    Last checked 8 Hour ago!
    Author Peter Yaworski
    “Book Descriptions: Uses real-world bug reports (vulnerabilities in software or in this case web applications) to teach programmers and InfoSec professionals how to discover and protect vulnerabilities in web applications.

    Real-World Web Hacking is a field guide to finding software bugs. Ethical hacker Peter Yaworski breaks down common types of bugs, then contextualizes them with real bug bounty reports released by hackers on companies like Twitter, Facebook, Google, Uber, and Starbucks. As you read each report, you'll gain deeper insight into how the vulnerabilities work and how you might find similar ones.

    Each chapter begins with an explanation of a vulnerability type, then moves into a series of real bug bounty reports that show how the bugs were found. You'll learn things like how Cross-Site Request Forgery tricks users into unknowingly submitting information to websites they are logged into; how to pass along unsafe JavaScript to execute Cross-Site Scripting; how to access another user's data via Insecure Direct Object References; how to trick websites into disclosing information with Server Side Request Forgeries; and how bugs in application logic can lead to pretty serious vulnerabilities. Yaworski also shares advice on how to write effective vulnerability reports and develop relationships with bug bounty programs, as well as recommends hacking tools that can make the job a little easier.”

    Google Drive Logo DRIVE
    Book 1

    Bug Bounty Bootcamp

    ★★★★★

    Vickie Li

    Book 1

    Hacking APIs: Breaking Web Application Programming Interfaces

    ★★★★★

    Corey J Ball

    Book 1

    Clean Architecture

    ★★★★★

    Robert C. Martin

    Book 1

    Black Hat Python: Python Programming for Hackers and Pentesters

    ★★★★★

    Justin Seitz

    Book 1

    Practical Social Engineering: A Primer for the Ethical Hacker

    ★★★★★

    Joe Gray

    Book 1

    Practical IoT Hacking: The Definitive Guide to Attacking the Internet of Things

    ★★★★★

    Fotios Chantzis

    Book 1

    Bug Bounty Playbook

    ★★★★★

    Alex O. Thomasex

    Book 1

    The Selfish Gene

    ★★★★★

    Richard Dawkins

    Book 1

    Permanent Record

    ★★★★★

    Edward Snowden

    Book 1

    The 48 Laws of Power

    ★★★★★

    Robert Greene

    Book 1

    The Art of War

    ★★★★★

    Thomas Cleary

    Book 1

    Designing Data-Intensive Applications

    ★★★★★

    Martin Kleppmann