國立高雄大學圖資館 |

語系: 繁體中文

說明(常見問題)

圖資館首頁

登入

回首頁

切換: 標籤 | MARC模式 | ISBD

Bug bounty hunting for web securityf...

Sinha, Sanjib.

Bug bounty hunting for web securityfind and exploit vulnerabilities in web sites and applications /

紀錄類型:	書目-電子資源 : Monograph/item
正題名/作者:	Bug bounty hunting for web securityby Sanjib Sinha.
其他題名:	find and exploit vulnerabilities in web sites and applications /
作者:	Sinha, Sanjib.
出版者:	Berkeley, CA :Apress :2019.
面頁冊數:	xvi, 225 p. :ill., digital ;24 cm.
Contained By:	Springer eBooks
標題:	Web sitesSecurity measures.
電子資源:	https://doi.org/10.1007/978-1-4842-5391-5
ISBN:	9781484253915$q(electronic bk.)

Bug bounty hunting for web securityfind and exploit vulnerabilities in web sites and applications /
Sinha, Sanjib.

Bug bounty hunting for web securityfind and exploit vulnerabilities in web sites and applications /[electronic resource] :by Sanjib Sinha. - Berkeley, CA :Apress :2019. - xvi, 225 p. :ill., digital ;24 cm.

Chapter 1: Introduction to Hunting Bugs -- Chapter 2: Setting up Your Environment -- Chapter 3: How to inject Request Forgery -- Chapter 4: How to exploit through Cross Site Scripting (XSS) -- Chapter 5: Header Injection and URL Redirection -- Chapter 6: Malicious Files -- Chapter 7: Poisoning Sender Policy Framework (SPF) -- Chapter 8: Injecting Unintended XML -- Chapter 9: Finding Command Injection Vulnerabilities -- Chapter 10: Finding HTML and SQL Injection Vulnerabilities -- Appendix: Further Reading.

Start with the basics of bug hunting and learn more about implementing an offensive approach by finding vulnerabilities in web applications. Getting an introduction to Kali Linux, you will take a close look at the types of tools available to you and move on to set up your virtual lab. You will then discover how request forgery injection works on web pages and applications in a mission-critical setup. Moving on to the most challenging task for any web application, you will take a look at how cross-site scripting works and find out about effective ways to exploit it. You will then learn about header injection and URL redirection along with key tips to find vulnerabilities in them. Keeping in mind how attackers can deface your website, you will work with malicious files and automate your approach to defend against these attacks. Moving on to Sender Policy Framework (SPF),you will see tips to find vulnerabilities in it and exploit them. Following this, you will get to know how unintended XML injection and command injection work to keep attackers at bay. Finally, you will examine different attack vectors used to exploit HTML and SQL injection. Overall, Bug Bounty Hunting for Web Security will help you become a better penetration tester and at the same time it will teach you how to earn bounty by hunting bugs in web applications. You will: Implement an offensive approach to bug hunting Create and manage request forgery on web pages Poison Sender Policy Framework and exploit it Defend against cross-site scripting (XSS) attacks Inject headers and test URL redirection Work with malicious files and command injection Resist strongly unintended XML attacks.

ISBN: 9781484253915$q(electronic bk.)

Standard No.: 10.1007/978-1-4842-5391-5doiSubjects--Topical Terms:

231025
Web sites
--Security measures.

LC Class. No.: TK5105.59 / .S55 2019

Dewey Class. No.: 005.8

Bug bounty hunting for web securityfind and exploit vulnerabilities in web sites and applications /
LDR:03217nmm a2200325 a 4500 001 569742
003 DE-He213
005 20191112160941.0
006 m d
007 cr nn 008maaau
008 200723s2019 cau s 0 eng d
020 $a 9781484253915$q(electronic bk.)
020 $a 9781484253908$q(paper)
024 7 $a 10.1007/978-1-4842-5391-5 $2 doi
035 $a 978-1-4842-5391-5
040 $a GP $c GP
041 0 $a eng
050 4 $a TK5105.59 $b .S55 2019
072 7 $a UR $2 bicssc
072 7 $a COM053000 $2 bisacsh
072 7 $a UR $2 thema
082 0 4 $a 005.8 $2 23
090 $a TK5105.59 $b .S617 2019
100 1 $a Sinha, Sanjib. $3 772582
245 1 0 $a Bug bounty hunting for web security $h [electronic resource] : $b find and exploit vulnerabilities in web sites and applications / $c by Sanjib Sinha.
260 $a Berkeley, CA : $b Apress : $b Imprint: Apress, $c 2019.
300 $a xvi, 225 p. : $b ill., digital ; $c 24 cm.
505 0 $a Chapter 1: Introduction to Hunting Bugs -- Chapter 2: Setting up Your Environment -- Chapter 3: How to inject Request Forgery -- Chapter 4: How to exploit through Cross Site Scripting (XSS) -- Chapter 5: Header Injection and URL Redirection -- Chapter 6: Malicious Files -- Chapter 7: Poisoning Sender Policy Framework (SPF) -- Chapter 8: Injecting Unintended XML -- Chapter 9: Finding Command Injection Vulnerabilities -- Chapter 10: Finding HTML and SQL Injection Vulnerabilities -- Appendix: Further Reading.
520 $a Start with the basics of bug hunting and learn more about implementing an offensive approach by finding vulnerabilities in web applications. Getting an introduction to Kali Linux, you will take a close look at the types of tools available to you and move on to set up your virtual lab. You will then discover how request forgery injection works on web pages and applications in a mission-critical setup. Moving on to the most challenging task for any web application, you will take a look at how cross-site scripting works and find out about effective ways to exploit it. You will then learn about header injection and URL redirection along with key tips to find vulnerabilities in them. Keeping in mind how attackers can deface your website, you will work with malicious files and automate your approach to defend against these attacks. Moving on to Sender Policy Framework (SPF),you will see tips to find vulnerabilities in it and exploit them. Following this, you will get to know how unintended XML injection and command injection work to keep attackers at bay. Finally, you will examine different attack vectors used to exploit HTML and SQL injection. Overall, Bug Bounty Hunting for Web Security will help you become a better penetration tester and at the same time it will teach you how to earn bounty by hunting bugs in web applications. You will: Implement an offensive approach to bug hunting Create and manage request forgery on web pages Poison Sender Policy Framework and exploit it Defend against cross-site scripting (XSS) attacks Inject headers and test URL redirection Work with malicious files and command injection Resist strongly unintended XML attacks.
650 0 $a Web sites $x Security measures. $3 231025
650 0 $a Web applications $x Security measures. $3 667914
650 0 $a Computer networks $x Security measures. $3 185597
650 1 4 $a Security. $3 760527
650 2 4 $a Open Source. $3 758930
650 2 4 $a Enterprise Architecture. $3 724747
710 2 $a SpringerLink (Online service) $3 273601
773 0 $t Springer eBooks
856 4 0 $u https://doi.org/10.1007/978-1-4842-5391-5
950 $a Professional and Applied Computing (Springer-12059)