Book Image

Bug Bounty Hunting Essentials

By : Carlos A. Lozano, Shahmeer Amir
Book Image

Bug Bounty Hunting Essentials

By: Carlos A. Lozano, Shahmeer Amir

Overview of this book

Bug bounty programs are the deals offered by prominent companies where-in any white-hat hacker can find bugs in the applications and they will have a recognition for the same. The number of prominent organizations having this program has increased gradually leading to a lot of opportunity for Ethical Hackers. This book will initially start with introducing you to the concept of Bug Bounty hunting. Then we will dig deeper into concepts of vulnerabilities and analysis such as HTML injection, CRLF injection and so on. Towards the end of the book, we will get hands-on experience working with different tools used for bug hunting and various blogs and communities to be followed. This book will get you started with bug bounty hunting and its fundamentals.
Table of Contents (20 chapters)
Title Page
Copyright and Credits
About Packt
Contributors
Preface
Index

Conferences


It is difficult to list all the conferences around the world because there are a lot, but I will try to list the most relevant, bearing in mind where security vulnerabilities are disclosed first and the impact on the community.

DEFCON

Without a doubt, DEFCON (https://www.defcon.org/) is the most important hacker conference in the world. It has been going for more than 25 years in Las Vegas, USA. Here, you can find talks or workshops, but it is also a great place for the community to show off its latest research. It is very important for agencies such as the NSA or CIA to attend and sponsor the event.

BlackHat

BlackHat (https://www.blackhat.com/) is more corporate than DEFCON, and usually, it is organized one or two days before DEFCON, in Las Vegas. It has editions in England, Japan, and Dubai, where security professionals from the main vendors and security companies offer keynotes and workshops. Most of the face-to-face training we discussed before is offered here.

BugCON

BugCON (http...