Peter Yaworski is a self-taught hacker thanks to the generous knowledgesharing of so many hackers who came before him, including thosereferenced in this book. He is also a successful bug bounty hunter withthanks from Salesforce, Twitter, Airbnb, Verizon Media, and the UnitedStates Department of Defense, among others. He currently works atShopify as an Application Security Engineer, helping to makecommerce more secure.
“Filled with rich, real-world examples ofsecurity vulnerability reports, along withhelpful analysis”— Michiel Prins and Jobert Abma, co-founders of HackerOne.
Learn how people break websites and how you can, too. Real-WorldBugHunting is the premier field guide to finding software bugs. Whetheryou’re a cyber-security beginner who wants to make the internet saferor a seasoned developer who wants to write secure code, ethical hackerPeter Yaworski will show you how it’s done.
You’ll learn about the most common types of bugs, like cross-sitescripting, insecure direct object references, and server-side requestforgery. Using real-life case studies of rewarded vulnerabilities fromapplications like Twitter, Facebook, Google, and Uber, you’ll see howhackers manage to invoke race conditions while transferring money, useURL parameters to cause users to like unintended tweets, and more.
Each chapter introduces a vulnerability type accompanied by a series ofactual reported bug bounties. The book’s collection of tales from thefield will teach you how attackers trick users into giving away theirsensitive information and how sites may reveal their vulnerabilities tosavvy users. You’ll even learn how you could turn your challenging newhobby into a successful career.
You’ll learn:
- How the internet works and basic web hacking concepts
- How attackers compromise websites
- How to identify functionality commonly associated with vulnerabilities
- Where to start when hunting bugs
- How to find bug bounty programs and submit effective vulnerability reports.
Real-WorldBugHunting is a fascinating soup-to-nuts primer on websecurity vulnerabilities, filled with stories from the trenches andpractical wisdom. With your new understanding of site security andvulnerabilities, you can help make the web a safer place—and profitwhile you’re at it.
![[ PDF ] The Hacker Playbook 3: Practical Guide To Penetration Testing](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgxYrj43mgSBBYzBitQJDRD6B78JUKd6t62NZMxwYpscjMuvGo2LI-2q5nWmsHlvF2mPnSOApxccvWBoTvOjaeJz205yHo4irEYEoK7mcw42PC6NxMPjTe6eWLgflZn4ZCKyVqL4tI3FuM/w150/2521484.jpg "[ PDF ] The Hacker Playbook 3: Practical Guide To Penetration Testing")
