Browse Library
Sign In Start Free Trial
Close icon Search icon
Account
Browse Library Sign In Start Free Trial

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Book Overview & Buying Bug Bounty Hunting Essentials
  • Table Of Contents Toc
Bug Bounty Hunting Essentials

Bug Bounty Hunting Essentials

By : Shahmeer Amir , Carlos A. Lozano
3.3 (3)
Buy this Book
close
close
Bug Bounty Hunting Essentials

Bug Bounty Hunting Essentials

3.3 (3)
By: Shahmeer Amir , Carlos A. Lozano
Buy this Book

Overview of this book

Bug bounty programs are the deals offered by prominent companies where-in any white-hat hacker can find bugs in the applications and they will have a recognition for the same. The number of prominent organizations having this program has increased gradually leading to a lot of opportunity for Ethical Hackers. This book will initially start with introducing you to the concept of Bug Bounty hunting. Then we will dig deeper into concepts of vulnerabilities and analysis such as HTML injection, CRLF injection and so on. Towards the end of the book, we will get hands-on experience working with different tools used for bug hunting and various blogs and communities to be followed. This book will get you started with bug bounty hunting and its fundamentals.
Table of Contents (15 chapters)
close
close
close
Preface
Icon
Preface
Icon
Who this book is for
Icon
What this book covers
Icon
Get in touch
Icon
Disclaimer
Lock Free Chapter
1
Basics of Bug Bounty Hunting
chevron up
Icon
Basics of Bug Bounty Hunting
Icon
Bug bounty hunting platforms
Icon
Types of bug bounty program
Icon
Bug bounty hunter statistics
Icon
Bug bounty hunting methodology
Icon
How to become a bug bounty hunter
Icon
Rules of bug bounty hunting
Icon
Summary
2
How to Write a Bug Bounty Report
Icon
How to Write a Bug Bounty Report
Icon
Prerequisites of writing a bug bounty report
Icon
Salient features of a bug bounty report
Icon
Format of a bug bounty report
Icon
Responding to the queries of the team
Icon
Summary
3
SQL Injection Vulnerabilities
Icon
SQL Injection Vulnerabilities
Icon
SQL injection
Icon
Types of SQL injection vulnerability
Icon
Goals of an SQL injection attack for bug bounty hunters
Icon
Uber SQL injection
Icon
Grab taxi SQL Injection
Icon
Zomato SQL injection
Icon
LocalTapiola SQL injection
Icon
Summary
4
Cross-Site Request Forgery
Icon
Cross-Site Request Forgery
Icon
Protecting the cookies
Icon
Why does the CSRF exist?
Icon
Detecting and exploiting CSRF
Icon
XSS – CSRF's best friend
Icon
Cross-domain policies
Icon
CSRF in the wild
Icon
Summary
5
Application Logic Vulnerabilities
Icon
Application Logic Vulnerabilities
Icon
Origins
Icon
Following the flow
Icon
Application logic vulnerabilities in the wild
Icon
Summary
6
Cross-Site Scripting Attacks
Icon
Cross-Site Scripting Attacks
Icon
Types of cross-site scripting
Icon
How do we detect XSS bugs?
Icon
Workflow of an XSS attack
Icon
Real bug bounty examples
Icon
Summary
7
SQL Injection
Icon
SQL Injection
Icon
Origin
Icon
Example
Icon
Automation
Icon
SQL injection in Drupal
Icon
Summary
8
Open Redirect Vulnerabilities
Icon
Open Redirect Vulnerabilities
Icon
Redirecting to another URL
Icon
Constructing URLs
Icon
Executing code
Icon
URL shorteners
Icon
Why do open redirects work?
Icon
Detecting and exploiting open redirections
Icon
Exploitation
Icon
Impact
Icon
Black and white lists
Icon
Open redirects in the wild
Icon
Summary
9
Sub-Domain Takeovers
Icon
Sub-Domain Takeovers
Icon
The sub-domain takeover
Icon
Internet-wide scans
Icon
Exploitation
Icon
Mitigation
Icon
Sub-domain takeovers in the wild
Icon
Summary
10
XML External Entity Vulnerability
Icon
XML External Entity Vulnerability
Icon
How XML works
Icon
How is an XXE produced?
Icon
Detecting and exploiting an XXE
Icon
Templates
Icon
XXEs in the wild
Icon
Summary
11
Template Injection
Icon
Template Injection
Icon
What's the problem?
Icon
Detection
Icon
Exploitation
Icon
Mitigation
Icon
SSTI in the wild
Icon
Summary
12
Top Bug Bounty Hunting Tools
Icon
Top Bug Bounty Hunting Tools
Icon
HTTP proxies, requests, responses, and traffic analyzers
Icon
Automated vulnerability discovery and exploitation
Icon
Recognize
Icon
Extensions
Icon
Summary
13
Top Learning Resources
Icon
Top Learning Resources
Icon
Training
Icon
Books and resources
Icon
CTFs and wargames
Icon
YouTube channels
Icon
Social networks and blogs
Icon
Meetings and networking
Icon
Conferences
Icon
Podcasts
Icon
Summary
14
Other Books You May Enjoy
Icon
Other Books You May Enjoy
Icon
Leave a review - let other readers know what you think

Bug bounty hunting platforms

A few years ago, if someone found a vulnerability in a website, it was not easy to find the right method to contact the web application owners and then too after contacting them it was not guaranteed that they would respond in time or even at all. Then there was also the factor of the web application owners threatening to sue the reporter. All of these problems were solved by vulnerability co-ordination platforms or bug bounty platforms. A bug bounty platform is a platform that manages programs for different companies. The management includes:

  • Reports
  • Communication
  • Reward payments

There are a number of different bug bounty platforms being used by companies nowadays. The top six platforms are explained in the following sections.

HackerOne

HackerOne is a vulnerability collaboration and bug bounty hunting platform that connects companies with hackers. It was one of the first start-ups to commercialize and utilize crowd-sourced security and hackers as a part of its business model, and is the biggest cybersecurity firm of its kind.

Bugcrowd

Bugcrowd Inc. is a company that develops a coordination platform that connects businesses with researchers so as to test their applications. It offers testing solutions for web, mobile, source code, and client-side applications.

Cobalt

Cobalt's Penetration Testing as a Service (PTaaS) platform converts broken pentest models into a data-driven vulnerability co-ordination engine. Cobalt's crowdsourced SaaS platform delivers results that help agile teams to pinpoint, track, and remediate vulnerabilities.

Synack

Synack is an American technology company based in Redwood City, California. Synack's business includes a vulnerability intelligence platform that automates the discovery of exploitable vulnerabilities for reconnaissance and turns them over to the company's freelance hackers to create vulnerability reports for clients.

CONTINUE READING
83
Tech Concepts
36
Programming languages
73
Tech Tools
Icon Unlimited access to the largest independent learning library in tech of over 8,000 expert-authored tech books and videos.
Icon Innovative learning tools, including AI book assistants, code context explainers, and text-to-speech.
Icon 50+ new titles added per month and exclusive early access to books as they are being written.
Bug Bounty Hunting Essentials
End of Section 1
Next Section
notes
bookmark Notes and Bookmarks search Search in title playlist Add to playlist font-size Font size

Change the font size

margin-width Margin width

Change margin width

day-mode Day/Sepia/Night Modes

Change background colour

Close icon Search
Country selected
Close icon Your notes and bookmarks

Confirmation

Modal Close icon
claim successful
Order Page Read Now

Buy this book with your credits?

Modal Close icon
Are you sure you want to buy this book with one of your credits?
Close
YES, BUY

Submit Your Feedback

Modal Close icon
Modal Close icon
Modal Close icon