{"product_id":"bug-bounty-hunting-for-web-security-find-and-exploit-vulnerabilities-in-web-sites-and-applications-paperback","title":"Bug Bounty Hunting for Web Security: Find and Exploit Vulnerabilities in Web Sites and Applications - Paperback","description":"\u003cp\u003eby \u003cb\u003eSanjib Sinha\u003c\/b\u003e (Author)\u003c\/p\u003e\u003cp\u003eIncludes Sender Policy Framework testing and exploitationCovers Header Injection and URL Redirection in detailShows how to inject Unintended XML\u003c\/p\u003e\u003ch3\u003eBack Jacket\u003c\/h3\u003e\u003cp\u003e\u003c\/p\u003e\u003cp\u003eStart with the basics of bug hunting and learn more about implementing an offensive approach by finding vulnerabilities in web applications. Getting an introduction to Kali Linux, you will take a close look at the types of tools available to you and move on to set up your virtual lab. You will then discover how request forgery injection works on web pages and applications in a mission-critical setup. Moving on to the most challenging task for any web application, you will take a look at how cross-site scripting works and find out about effective ways to exploit it. \u003c\/p\u003e\u003cp\u003e \u003c\/p\u003e\u003cp\u003eYou will then learn about header injection and URL redirection along with key tips to find vulnerabilities in them. Keeping in mind how attackers can deface your website, you will work with malicious files and automate your approach to defend against these attacks. Moving on to Sender Policy Framework (SPF), you will see tips to find vulnerabilities in it and exploit them. Following this, you will get to know how unintended XML injection and command injection work to keep attackers at bay. Finally, you will examine different attack vectors used to exploit HTML and SQL injection. Overall, \u003ci\u003eBug Bounty Hunting for Web Security\u003c\/i\u003e will help you become a better penetration tester and at the same time it will teach you how to earn bounty by hunting bugs in web applications.\u003c\/p\u003e\u003cp\u003e \u003c\/p\u003e\u003cp\u003eYou will: \u003c\/p\u003e\u003cul\u003e\n\u003cli\u003eImplement an offensive approach to bug hunting\u003c\/li\u003e\n\u003cli\u003eCreate and manage request forgery on web pages\u003c\/li\u003e\n\u003cli\u003ePoison Sender Policy Framework and exploit it\u003c\/li\u003e\n\u003cli\u003eDefend against cross-site scripting (XSS) attacks \u003c\/li\u003e\n\u003cli\u003eInject headers and test URL redirection\u003c\/li\u003e\n\u003cli\u003eWork with malicious files and command injection\u003c\/li\u003e\n\u003cli\u003eResist strongly unintended XML attacks \u003c\/li\u003e\n\u003c\/ul\u003e\u003ch3\u003eAuthor Biography\u003c\/h3\u003e\u003cp\u003e\u003c\/p\u003e\u003cp\u003eSanjib Sinha is an author and tech writer. Being a certified .NET Windows and web developer, he has specialized in Python security programming, Linux, and many programming languages that include C#, PHP, Python, Dart, Java, and JavaScript. Sanjib has also won Microsoft's Community Contributor Award in 2011 and he has written \u003ci\u003eBeginning Ethical Hacking with Python\u003c\/i\u003e, \u003ci\u003eBeginning Ethical Hacking with Kali Linux\u003c\/i\u003e, and two editions of \u003ci\u003eBeginning Laravel\u003c\/i\u003e for Apress.\u003c\/p\u003e\u003cdiv\u003e\n\u003cstrong\u003eNumber of Pages:\u003c\/strong\u003e 225\u003c\/div\u003e\u003cdiv\u003e\n\u003cstrong\u003eDimensions:\u003c\/strong\u003e 0.51 x 9.21 x 6.14 IN\u003c\/div\u003e\u003cdiv\u003e\n\u003cstrong\u003eIllustrated:\u003c\/strong\u003e Yes\u003c\/div\u003e\u003cdiv\u003e\n\u003cstrong\u003ePublication Date:\u003c\/strong\u003e November 13, 2019\u003c\/div\u003e","brand":"Books by splitShops","offers":[{"title":"Default Title","offer_id":42105089196167,"sku":"9781484253908","price":59.38,"currency_code":"USD","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0601\/2623\/2711\/files\/db3ccc85e02bec0b9de06868f5857fe1.webp?v=1732431069","url":"https:\/\/booksby.splitshops.com\/products\/bug-bounty-hunting-for-web-security-find-and-exploit-vulnerabilities-in-web-sites-and-applications-paperback","provider":"Books by splitShops","version":"1.0","type":"link"}