Book Image

Bug Bounty Hunting Essentials

By : Carlos A. Lozano, Shahmeer Amir
Book Image

Bug Bounty Hunting Essentials

By: Carlos A. Lozano, Shahmeer Amir

Overview of this book

Bug bounty programs are the deals offered by prominent companies where-in any white-hat hacker can find bugs in the applications and they will have a recognition for the same. The number of prominent organizations having this program has increased gradually leading to a lot of opportunity for Ethical Hackers. This book will initially start with introducing you to the concept of Bug Bounty hunting. Then we will dig deeper into concepts of vulnerabilities and analysis such as HTML injection, CRLF injection and so on. Towards the end of the book, we will get hands-on experience working with different tools used for bug hunting and various blogs and communities to be followed. This book will get you started with bug bounty hunting and its fundamentals.

Related Content you might be interested in

Current Title:

Small book image
Bug Bounty Hunting Essentials
Carlos A. Lozano | Shahmeer Amir
Nov, 2018 | 270 pages
Small book image
Hands-On Application Penetration Testing with Burp Suite
Carlos A Lozano | Riyaz Ahemed Walikar | Dhruv Shah
Feb, 2019 | 366 pages
Small book image
Hands-On Bug Hunting for Penetration Testers
Joe Marshall
Sep, 2018 | 250 pages
Small book image
Kali Linux Web Penetration Testing Cookbook
Gilberto NajeraGutierrez
Aug, 2018 | 404 pages
Table of Contents (20 chapters)
Title Page
Title Page
Copyright and Credits
Copyright and Credits
About Packt
About Packt
Contributors
Contributors
Preface
Preface
Free Chapter
1
Basics of Bug Bounty Hunting
Basics of Bug Bounty Hunting
Bug bounty hunting platforms
Types of bug bounty program
Bug bounty hunter statistics
Bug bounty hunting methodology
How to become a bug bounty hunter
Rules of bug bounty hunting
Summary
2
How to Write a Bug Bounty Report
How to Write a Bug Bounty Report
Prerequisites of writing a bug bounty report
Salient features of a bug bounty report
Format of a bug bounty report
Responding to the queries of the team
Summary
3
SQL Injection Vulnerabilities
SQL Injection Vulnerabilities
SQL injection
Types of SQL injection vulnerability
Goals of an SQL injection attack for bug bounty hunters
Uber SQL injection
Grab taxi SQL Injection
Zomato SQL injection
LocalTapiola SQL injection
Summary
4
Cross-Site Request Forgery
Cross-Site Request Forgery
Protecting the cookies
Why does the CSRF exist?
Detecting and exploiting CSRF
XSS – CSRF's best friend
Cross-domain policies
CSRF in the wild
Summary
5
Application Logic Vulnerabilities
Application Logic Vulnerabilities
Origins
Following the flow
Application logic vulnerabilities in the wild
Summary
6
Cross-Site Scripting Attacks
Cross-Site Scripting Attacks
Types of cross-site scripting
How do we detect XSS bugs?
Workflow of an XSS attack
Real bug bounty examples
Summary
7
SQL Injection
SQL Injection
Origin
Example
Automation
SQL injection in Drupal
Summary
8
Open Redirect Vulnerabilities
Open Redirect Vulnerabilities
Redirecting to another URL
Constructing URLs
Executing code
URL shorteners
Why do open redirects work?
Detecting and exploiting open redirections
Exploitation
Impact
Black and white lists
Open redirects in the wild
Summary
9
Sub-Domain Takeovers
Sub-Domain Takeovers
The sub-domain takeover
Internet-wide scans
Exploitation
Mitigation
Sub-domain takeovers in the wild
Summary
10
XML External Entity Vulnerability
XML External Entity Vulnerability
How XML works
How is an XXE produced?
Detecting and exploiting an XXE
Templates
XXEs in the wild
Summary
11
Template Injection
Template Injection
What's the problem?
Detection
Exploitation
Mitigation
SSTI in the wild
Summary
12
Top Bug Bounty Hunting Tools
Top Bug Bounty Hunting Tools
HTTP proxies, requests, responses, and traffic analyzers
Automated vulnerability discovery and exploitation
Recognize
Extensions
Summary
13
Top Learning Resources
Top Learning Resources
Training
Books and resources
CTFs and wargames
YouTube channels
Social networks and blogs
Meetings and networking
Conferences
Podcasts
Summary
Other Books You May Enjoy
Other Books You May Enjoy
Leave a review - let other readers know what you think
Index
Index

Chapter 11. Template Injection

Templates engines allow developers to use static template files in applications that are independent of the backend layer. At runtime, the template engine replaces whatever needs to be replaced and generates an HTML file to present it to the client. This model is useful for designing HTML sites.

For example, you just define a template like this:

app.set('view engine', 'pug') 
 
html 
  head 
    title= title 
  body 
    h1= message

You will get the following:

app.get('/', function (req, res) { 
  res.render('index', { title: 'Hey', message: 'Hello there!' }) 
})

When a user accesses the application asking for the website, the template engine will translate this file, parsing the information provided by the user, and will create the HTML code to display to the user.

In this chapter, we'll cover the following topics:

  • Detection
  • Exploitation
  • Mitigation

 

Previous Section
End of Section 1
Next Section