{"product_id":"9781484253908","title":"Bug Bounty Hunting for Web Security: Find and Exploit Vulnerabilities in Web sites and Applications","description":"\u003ch1\u003eBug Bounty Hunting for Web Security: Find and Exploit Vulnerabilities in Web sites and Applications\u003c\/h1\u003e \u003ch2\u003eSinha, Sanjib\u003c\/h2\u003e \u003cp\u003e\u003c\/p\u003e\u003cdiv\u003e\n\u003cp\u003eStart with the basics of bug hunting and learn more about implementing an offensive approach by finding vulnerabilities in web applications. Getting an introduction to Kali Linux, you will take a close look at the types of tools available to you and move on to set up your virtual lab. You will then discover how request forgery injection works on web pages and applications in a mission-critical setup. Moving on to the most challenging task for any web application, you will take a look at how cross-site scripting works and find out about effective ways to exploit it. \u003c\/p\u003e\n\n\u003cp\u003e \u003c\/p\u003e\n\n\u003cp\u003eYou will then learn about header injection and URL redirection along with key tips to find vulnerabilities in them. Keeping in mind how attackers can deface your website, you will work with malicious files and automate your approach to defend against these attacks. Moving on to Sender Policy Framework (SPF), you will see tips to find vulnerabilities in it and exploit them. Following this,you will get to know how unintended XML injection and command injection work to keep attackers at bay. Finally, you will examine different attack vectors used to exploit HTML and SQL injection. Overall, \u003ci\u003eBug Bounty Hunting for Web Security\u003c\/i\u003e will help you become a better penetration tester and at the same time it will teach you how to earn bounty by hunting bugs in web applications.\u003c\/p\u003e\n\n\u003cp\u003e \u003c\/p\u003e\n\n\u003cp\u003e\u003cb\u003eWhat You Will Learn\u003c\/b\u003e\u003c\/p\u003e\n\n\u003cul\u003e  \u003cli\u003eImplement      an offensive approach to bug hunting\u003c\/li\u003e  Create      and manage request forgery on web pages  \u003cli\u003ePoison Sender Policy Framework and exploit it\u003c\/li\u003e  Defend      against cross-site scripting (XSS) attacks   \u003cli\u003eInject headers and test URL redirection\u003c\/li\u003e  Work      with malicious files and command injection\u003cli\u003eResist strongly unintended XML attacks \u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003cdiv\u003e\u003cbr\u003e\u003c\/div\u003e\n\u003cdiv\u003e\u003cb\u003eWho This Book Is For\u003c\/b\u003e\u003c\/div\u003e\n\u003cdiv\u003e\u003cbr\u003e\u003c\/div\u003e\n\u003cdiv\u003eWhite-hat hacking enthusiasts who are new to bug hunting and are interested in understanding the core concepts.\u003c\/div\u003e\n\u003c\/div\u003e \u003ch3\u003eDetails\u003c\/h3\u003e \u003cp\u003ePublished by: Apress\u003c\/p\u003e \u003cp\u003ePublication Date: 2019-11-13\u003c\/p\u003e \u003cp\u003eFormat: Paperback\u003c\/p\u003e \u003cp\u003eISBN-13: 9781484253908\u003c\/p\u003e \u003cp\u003eDOI: 10.1007\/978-1-4842-5391-5\u003c\/p\u003e \u003cp\u003eDimensions: 235cm x155cm\u003c\/p\u003e \u003cp\u003ePages: 225\u003c\/p\u003e ","brand":"Apress","offers":[{"title":"Default Title","offer_id":47527950614668,"sku":"9781484253908","price":49.49,"currency_code":"USD","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0710\/9545\/1788\/files\/9781484253908.jpg?v=1776040724","url":"https:\/\/fh90cf-fv.myshopify.com\/products\/9781484253908","provider":"Late Knight Books and Services, LLC","version":"1.0","type":"link"}