Bug Bounty Hunting for Web Security

Includes Sender Policy Framework testing and exploitationCovers Header Injection and URL Redirection in detailShows how to inject Unintended XML

Shows how to earn Bounty by hunting bugs in web application Explains how learning to find vulnerabilities in websites will help you become a better penetration tester Covers the two most powerful security tools of penetration testing: Burp Suite and OWASP ZAP

Autorentext

Sanjib Sinha is an author and tech writer. Being a certified .NET Windows and web developer, he has specialized in Python security programming, Linux, and many programming languages that include C#, PHP, Python, Dart, Java, and JavaScript. Sanjib has also won Microsoft's Community Contributor Award in 2011 and he has written Beginning Ethical Hacking with Python, Beginning Ethical Hacking with Kali Linux, and two editions of Beginning Laravel for Apress.

Inhalt
Chapter 1: Introduction to Hunting Bugs.- Chapter 2: Setting up Your Environment.- Chapter 3: How to inject Request Forgery.- Chapter 4: How to exploit through Cross Site Scripting (XSS).- Chapter 5: Header Injection and URL Redirection.- Chapter 6: Malicious Files.- Chapter 7: Poisoning Sender Policy Framework (SPF).- Chapter 8: Injecting Unintended XML.- Chapter 9: Finding Command Injection Vulnerabilities.- Chapter 10: Finding HTML and SQL Injection Vulnerabilities.- Appendix: Further Reading.