عنوان
پدید آورنده
موضوع
رده
TK5105.59
TK5105
.
59
کتابخانه
محل استقرار
INTERNATIONAL STANDARD BOOK NUMBER
(Number (ISBN
1484253906
(Number (ISBN
1484253914
(Number (ISBN
9781484253908
(Number (ISBN
9781484253915
Erroneous ISBN
9781484253908
TITLE AND STATEMENT OF RESPONSIBILITY
Title Proper
Bug bounty hunting for web security :
General Material Designation
[Book]
Other Title Information
find and exploit vulnerabilities in web sites and applications /
First Statement of Responsibility
Sanjib Sinha.
.PUBLICATION, DISTRIBUTION, ETC
Place of Publication, Distribution, etc.
Berkeley, CA :
Name of Publisher, Distributor, etc.
Apress,
Date of Publication, Distribution, etc.
2019.
PHYSICAL DESCRIPTION
Specific Material Designation and Extent of Item
1 online resource (xvi, 225 pages . 140 illustrations)
GENERAL NOTES
Text of Note
Includes index.
CONTENTS NOTE
Text of Note
Chapter 1: Introduction to Hunting Bugs -- Chapter 2: Setting up Your Environment -- Chapter 3: How to inject Request Forgery -- Chapter 4: How to exploit through Cross Site Scripting (XSS) -- Chapter 5: Header Injection and URL Redirection -- Chapter 6: Malicious Files -- Chapter 7: Poisoning Sender Policy Framework (SPF) -- Chapter 8: Injecting Unintended XML -- Chapter 9: Finding Command Injection Vulnerabilities -- Chapter 10: Finding HTML and SQL Injection Vulnerabilities -- Appendix: Further Reading.
0
SUMMARY OR ABSTRACT
Text of Note
Start with the basics of bug hunting and learn more about implementing an offensive approach by finding vulnerabilities in web applications. Getting an introduction to Kali Linux, you will take a close look at the types of tools available to you and move on to set up your virtual lab. You will then discover how request forgery injection works on web pages and applications in a mission-critical setup. Moving on to the most challenging task for any web application, you will take a look at how cross-site scripting works and find out about effective ways to exploit it. You will then learn about header injection and URL redirection along with key tips to find vulnerabilities in them. Keeping in mind how attackers can deface your website, you will work with malicious files and automate your approach to defend against these attacks. Moving on to Sender Policy Framework (SPF), you will see tips to find vulnerabilities in it and exploit them. Following this, you will get to know how unintended XML injection and command injection work to keep attackers at bay. Finally, you will examine different attack vectors used to exploit HTML and SQL injection. Overall, Bug Bounty Hunting for Web Security will help you become a better penetration tester and at the same time it will teach you how to earn bounty by hunting bugs in web applications. You will: Implement an offensive approach to bug hunting Create and manage request forgery on web pages Poison Sender Policy Framework and exploit it Defend against cross-site scripting (XSS) attacks Inject headers and test URL redirection Work with malicious files and command injection Resist strongly unintended XML attacks.
ACQUISITION INFORMATION NOTE
Source for Acquisition/Subscription Address
OverDrive, Inc.
Stock Number
92ACB48B-66A6-4C0A-BDE0-FE3BFC6B325D
OTHER EDITION IN ANOTHER MEDIUM
Title
Bug Bounty Hunting for Web Security : Find and Exploit Vulnerabilities in Web Sites and Applications.
International Standard Book Number
9781484253908
TOPICAL NAME USED AS SUBJECT
Computer networks-- Security measures.
Web applications-- Security measures.
Web sites-- Security measures.
Computer networks-- Security measures.
Web sites-- Security measures.
(SUBJECT CATEGORY (Provisional
COM053000
UR
UR
DEWEY DECIMAL CLASSIFICATION
Number
005
.
8
Edition
23
LIBRARY OF CONGRESS CLASSIFICATION
Class number
TK5105
.
59
PERSONAL NAME - PRIMARY RESPONSIBILITY
Sinha, Sanjib.
ORIGINATING SOURCE
Date of Transaction
20200823032853.0
Cataloguing Rules (Descriptive Conventions))
pn
ELECTRONIC LOCATION AND ACCESS
Electronic name
مطالعه متن کتاب [Book]
Y
