Become a Readings Member to make your shopping experience even easier. Sign in or sign up for free!

Become a Readings Member. Sign in or sign up for free!

Hello Readings Member! Go to the member centre to view your orders, change your details, or view your lists, or sign out.

Hello Readings Member! Go to the member centre or sign out.

Cart ⚙️
Home / Real-world Bug Hunting: A Field Guide to Web Hacking
Real-world Bug Hunting: A Field Guide to Web Hacking
Paperback

Real-world Bug Hunting: A Field Guide to Web Hacking

Peter Yaworski
$108.99
Add to wishlist
Sign in or become a Readings Member to add this title to your wishlist.

Uses real-world bug reports (vulnerabilities in software or in this case web applications) to teach programmers and InfoSec professionals how to discover and protect vulnerabilities in web applications.

Real-World Web Hacking is a field guide to finding software bugs. Ethical hacker Peter Yaworski breaks down common types of bugs, then contextualizes them with real bug bounty reports released by hackers on companies like Twitter, Facebook, Google, Uber, and Starbucks. As you read each report, you’ll gain deeper insight into how the vulnerabilities work and how you might find similar ones.

Each chapter begins with an explanation of a vulnerability type, then moves into a series of real bug bounty reports that show how the bugs were found. You’ll learn things like how Cross-Site Request Forgery tricks users into unknowingly submitting information to websites they are logged into; how to pass along unsafe JavaScript to execute Cross-Site Scripting; how to access another user’s data via Insecure Direct Object References; how to trick websites into disclosing information with Server Side Request Forgeries; and how bugs in application logic can lead to pretty serious vulnerabilities. Yaworski also shares advice on how to write effective vulnerability reports and develop relationships with bug bounty programs, as well as recommends hacking tools that can make the job a little easier.

Read More
In Shop
Out of stock
Shipping & Delivery

$9.00 standard shipping within Australia
FREE standard shipping within Australia for orders over $100.00
Express & International shipping calculated at checkout

MORE INFO
Format
Paperback
Publisher
No Starch Press,US
Country
United States
Date
9 July 2019
Pages
300
ISBN
9781593278618

Uses real-world bug reports (vulnerabilities in software or in this case web applications) to teach programmers and InfoSec professionals how to discover and protect vulnerabilities in web applications.

Real-World Web Hacking is a field guide to finding software bugs. Ethical hacker Peter Yaworski breaks down common types of bugs, then contextualizes them with real bug bounty reports released by hackers on companies like Twitter, Facebook, Google, Uber, and Starbucks. As you read each report, you’ll gain deeper insight into how the vulnerabilities work and how you might find similar ones.

Each chapter begins with an explanation of a vulnerability type, then moves into a series of real bug bounty reports that show how the bugs were found. You’ll learn things like how Cross-Site Request Forgery tricks users into unknowingly submitting information to websites they are logged into; how to pass along unsafe JavaScript to execute Cross-Site Scripting; how to access another user’s data via Insecure Direct Object References; how to trick websites into disclosing information with Server Side Request Forgeries; and how bugs in application logic can lead to pretty serious vulnerabilities. Yaworski also shares advice on how to write effective vulnerability reports and develop relationships with bug bounty programs, as well as recommends hacking tools that can make the job a little easier.

Read More
Format
Paperback
Publisher
No Starch Press,US
Country
United States
Date
9 July 2019
Pages
300
ISBN
9781593278618

Looking for something in particular?

Search our extensive online catalogue.