Picture 1 of 1

Stock photo

Bug Bounty Bootcamp: The Guide to Finding and Reporting Web Vulnerabilities: New - Picture 1 of 1

Bug Bounty Bootcamp : The Guide to Finding and Reporting Web Vulnerabilities by Vickie Li (2021, Trade Paperback)

AlibrisBooks (483448)

98.9% positive feedback

Price:

$45.15

Free shipping

Estimated delivery Thu, Oct 23 - Wed, Oct 29

Returns:

30 days returns. Buyer pays for return shipping. If you use an eBay shipping label, it will be deducted from your refund amount.

Condition:

Brand New

New Trade paperback

About this product

Product Identifiers

PublisherNo Starch Press, Incorporated

ISBN-101718501544

ISBN-139781718501546

eBay Product ID (ePID)8050410434

Product Key Features

Number of Pages416 Pages

LanguageEnglish

Publication NameBug Bounty Bootcamp : the Guide to Finding and Reporting Web Vulnerabilities

Publication Year2021

SubjectSoftware Development & Engineering / Quality Assurance & Testing, Engineering (General), Web / Web Programming, Security / Networking

TypeTextbook

AuthorVickie Li

Subject AreaComputers, Technology & Engineering

FormatTrade Paperback

Dimensions

Item Height1 in

Item Weight28.5 Oz

Item Length9.3 in

Item Width7.1 in

Additional Product Features

Intended AudienceTrade

LCCN2021-023153

Dewey Edition23

Reviews"A really good book for getting started in Bug Bounty, out at a time when something like this was really needed. You can take as many ethical hacking courses as you want, but when it comes to bug bounty, there is so much information and tools it can be imitating to start . . . This really should be the first book read by ANYONE looking to start in the bug bounty game." --Alex/Muldwych, The Security Noob " Bug Bounty Bootcamp should be on every hacker''s shelf. Vickie Li answers an important question: ''So you found your first flaw, what''s next?'' By explaining how to write a bug report and interact with clients, she presents a wonderful guide on starting your security career." --Andrew Orr, Associate Editor, The Mac Observer "I have enjoyed Bug Bounty Bootcamp over the past few weeks and this is great for bug bounty beginners like myself. Anyone who is interested in learning more about different web vulnerabilities, bug bounty platforms, how the internet works, and how to make money making the web safer this is the book for you. Thanks to Vickie for writing such a great book!" --The Digital Empress, YouTuber and Blogger " Bug Bounty Bootcamp by Vickie Li is a thorough and masterful explanation for how to find bugs and responsibly report them. It is written so clearly, and provides such useful step-by-step instructions that as I was reading it, I was tempted to start hunting for bugs myself." --Cynthia Brumfield, President, DCT-Associates "I highly suggest reading Bug Bounty Bootcamp ." --@HolyBugx "Pure GEM. Learned a lot of things from her book." --Aakash Choudhary, @LearnerHunter "Loved the book. Well written, clear, concise, and easy to follow. Everyone from the beginner bug hunter to the seasoned pro will find a nugget, some nuggets or just pure nuggets of amazing information, tips and advice." --Douglas Campbell, Advanced Reviewer "The only book you need to get started in bug bounty is @vickieli7''s book coming out from @nostarch, Bug Bounty Bootcamp . It''s a detailed how-to with lots of technical how-to steps." --Metacurity, Top Infosec News Destination, @Metacurity "The new go-to resource for a beginner in web app hacking . . . I recommend this book before anything else for a beginner trying to learn web security. Vickie provides an excellent delivery of breaking down complex concepts that makes it easy to comprehend. Also, the step by step guidance of exploiting a vulnerability is fantastic to refer back to . . . If you are a complete beginner and feel confused or lost in all of the information out there then stop, grab this book, read through it once, then use it as your guide." --AntiRuse, @AntiRuse, Blogger "Definitely recommend it!" --Michael, @DoAbarrel_Troll " Bug Bounty Bootcamp is *the* book for everyone in Information Technology, not just those interested in bug bounties . . . This easy-to-read guide breaks down complicated topics into a simple progression through technical concepts. From a foundational overview of the industry and how to get started, the reader progresses from Cross Site Scripting all the way through to API hacking and use of Fuzzers. Vickie Li has done a tremendous service to information security by sharing her expert understanding of bug hunting in a highly accessible way. Recommended reading for all IT professionals, new or veteran." --Jess Vachon, Advanced Reviewer "Vicki Li''s book took me from knowing nothing about bug bounties, to finding my first bug. Li goes over the process of bug bounties, writing reports, and how to make relationships with companies. Li also has expert techniques that will help your automate your hacking experience and even hacking android apps." --Anthony Ware, Advanced Reviewer, "I highly suggest reading Bug Bounty Bootcamp ." --@HolyBugx "Pure GEM. Learned a lot of things from her book." --Aakash Choudhary, @LearnerHunter

IllustratedYes

Dewey Decimal025.042

Table Of ContentIntroduction Introduction Part I: The Industry Chapter 1: Picking a Bug Bounty Program Chapter 2: Sustaining Your Success Part II: Getting Started Chapter 3: How the Internet Works Chapter 4: Environmental Setup and Traffic Interception Chapter 5: Web Hacking Reconnaissance Part III: Web Vulnerabilities Chapter 6: Cross-Site Scripting Chapter 7: Open Redirects Chapter 8: Clickjacking Chapter 9: Cross-Site Request Forgery Chapter 10: Insecure Direct Object Reference Chapter 11: SQL Injection Chapter 12: Race Conditions Chapter 13: Server-Side Request Forgery Chapter 14: Insecure Deserialization Chapter 15: XML External Entity Vulnerabilities Chapter 16: Template Injection Chapter 17: Application Logic Errors and Broken Access Control Chapter 18: Remote Code Execution Chapter 19: Same Origin Policy Issues Chapter 20: Single Sign-on Issues Chapter 21: Information Disclosure Part IV: Expert Techniques Chapter 22: Conducting Code Reviews Chapter 23: Hacking Android Apps Chapter 24: API Hacking Chapter 25: Automatic Vulnerability Discovery Using Fuzzers Index

SynopsisBug Bounty Bootcamp teaches you how to hack web applications. You will learn how to perform reconnaissance on a target, how to identify vulnerabilities, and how to exploit them. You'll also learn how to navigate bug bounty programs set up by companies to reward security professionals for finding bugs in their web applications. Bug bounty programs are company-sponsored programs that invite researchers to search for vulnerabilities on their applications and reward them for their findings. This book is designed to help beginners with little to no security experience learn web hacking, find bugs, and stay competitive in this booming and lucrative industry. You'll start by learning how to choose a program, write quality bug reports, and maintain professional relationships in the industry. Then you'll learn how to set up a web hacking lab and use a proxy to capture traffic. In Part 3 of the book, you'll explore the mechanisms of common web vulnerabilities, like XSS, SQL injection, and template injection, and receive detailed advice on how to find them and bypass common protections. You'll also learn how to chain multiple bugs to maximize the impact of your vulnerabilities. Finally, the book touches on advanced techniques rarely covered in introductory hacking books but that are crucial to understand to hack web applications. You'll learn how to hack mobile apps, review an application's source code for security issues, find vulnerabilities in APIs, and automate your hacking process. By the end of the book, you'll have learned the tools and techniques necessary to be a competent web hacker and find bugs on a bug bounty program.

LC Classification NumberTK5105.8855.L523