更新时间:2021-07-16 17:54:01
封面
Title Page
Copyright and Credits
Hands-On Bug Hunting for Penetration Testers
Dedication
Packt Upsell
Why subscribe?
Packt.com
Contributors
About the author
About the reviewers
Packt is searching for authors like you
Preface
Who this book is for
What this book covers
To get the most out of this book
Download the example code files
Conventions used
Get in touch
Reviews
Joining the Hunt
Technical Requirements
The Benefits of Bug Bounty Programs
What You Should Already Know – Pentesting Background
Setting Up Your Environment – Tools To Know
What You Will Learn – Next Steps
How (Not) To Use This Book – A Warning
Summary
Questions
Further Reading
Choosing Your Hunting Ground
An Overview of Bug Bounty Communities – Where to Start Your Search
Third-Party Marketplaces
Bugcrowd
HackerOne
Vulnerability Lab
BountyFactory
Synack
Company-Sponsored Initiatives
Google
Facebook
Amazon
GitHub
Microsoft
Finding Other Programs
Money Versus Swag Rewards
The Internet Bug Bounty Program
ZeroDisclo and Coordinated Vulnerability Disclosures
The Vulnerability of Web Applications – What You Should Target
Evaluating Rules of Engagement – How to Protect Yourself
Preparing for an Engagement
Tools
Using Burp
Attack Surface Reconnaisance – Strategies and the Value of Standardization
Sitemaps
Scanning and Target Reconaissance
Brute-forcing Web Content
Spidering and Other Data-Collection Techniques
Burp Spider
Striker
Scrapy and Custom Pipelines
Manual Walkthroughs
Source Code
Building a Process
Formatting the JS Report
Downloading the JavaScript
Putting It All Together
The Value Behind the Structure
Unsanitized Data – An XSS Case Study
A Quick Overview of XSS – The Many Varieties of XSS
Testing for XSS – Where to Find It How to Verify It
Burp Suite and XSS Validator
Payload Sets
Payload Options
Payload Processing
XSS – An End-To-End Example
XSS in Google Gruyere
Gathering Report Information
Category
Timestamps
URL
Payload
Methodology
Instructions to Reproduce
Attack Scenario
SQL Code Injection and Scanners
SQLi and Other Code Injection Attacks – Accepting Unvalidated Data
