Warehouse Stock Clearance Sale

Grab a bargain today!


Bug Bounty Bootcamp
By
Rating

Product Description
Product Details

Table of Contents

Introduction

Introduction
Part I: The Industry
Chapter 1: Picking a Bug Bounty Program
Chapter 2: Sustaining Your Success

Part II: Getting Started
Chapter 3: How the Internet Works
Chapter 4: Environmental Setup and Traffic Interception
Chapter 5: Web Hacking Reconnaissance

Part III: Web Vulnerabilities
Chapter 6: Cross-Site Scripting
Chapter 7: Open Redirects
Chapter 8: Clickjacking
Chapter 9: Cross-Site Request Forgery
Chapter 10: Insecure Direct Object Reference
Chapter 11: SQL Injection
Chapter 12: Race Conditions
Chapter 13: Server-Side Request Forgery
Chapter 14: Insecure Deserialization
Chapter 15: XML External Entity Vulnerabilities
Chapter 16: Template Injection
Chapter 17: Application Logic Errors and Broken Access Control
Chapter 18: Remote Code Execution
Chapter 19: Same Origin Policy Issues
Chapter 20: Single Sign-on Issues
Chapter 21: Information Disclosure

Part IV: Expert Techniques
Chapter 22: Conducting Code Reviews
Chapter 23: Hacking Android Apps
Chapter 24: API Hacking
Chapter 25: Automatic Vulnerability Discovery Using Fuzzers

Index

About the Author

Vickie Li is a developer and security researcher experienced in finding and exploiting vulnerabilities in web applications. She has reported vulnerabilities to firms such as Facebook, Yelp and Starbucks and contributes to a number of online training programs and technical blogs.

Reviews

"A really good book for getting started in Bug Bounty, out at a time when something like this was really needed. You can take as many ethical hacking courses as you want, but when it comes to bug bounty, there is so much information and tools it can be imitating to start . . . This really should be the first book read by ANYONE looking to start in the bug bounty game."
—Alex/Muldwych, The Security Noob

"Bug Bounty Bootcamp should be on every hacker's shelf. Vickie Li answers an important question: 'So you found your first flaw, what's next?' By explaining how to write a bug report and interact with clients, she presents a wonderful guide on starting your security career."
—Andrew Orr, Associate Editor, The Mac Observer

"I have enjoyed Bug Bounty Bootcamp over the past few weeks and this is great for bug bounty beginners like myself. Anyone who is interested in learning more about different web vulnerabilities, bug bounty platforms, how the internet works, and how to make money making the web safer this is the book for you. Thanks to Vickie for writing such a great book!"
—The Digital Empress, YouTuber and Blogger

"Bug Bounty Bootcamp by Vickie Li is a thorough and masterful explanation for how to find bugs and responsibly report them. It is written so clearly, and provides such useful step-by-step instructions that as I was reading it, I was tempted to start hunting for bugs myself."
—Cynthia Brumfield, President, DCT-Associates

"Bug Bounty Bootcamp is a great resource for those who want to participate in Bug Bounties because it not only teaches you about the technical aspects, but helps you develop a methodology and sustain your testing. Some technology knowledge is assumed, but it does a solid job of describing the relevant vulnerability types from first principles, so it can be a strong resource for those new to the security space. The writing style is clear and to the point."
—David Tomaschik, Security Engineer at Google, Blogger at System Overlord

"I highly suggest reading Bug Bounty Bootcamp."
—@HolyBugx

"Pure GEM. Learned a lot of things from her book."
—Aakash Choudhary, @LearnerHunter

"Loved the book. Well written, clear, concise, and easy to follow. Everyone from the beginner bug hunter to the seasoned pro will find a nugget, some nuggets or just pure nuggets of amazing information, tips and advice."
—Douglas Campbell, Advanced Reviewer

"The only book you need to get started in bug bounty is @vickieli7's book coming out from @nostarch, Bug Bounty Bootcamp. It's a detailed how-to with lots of technical how-to steps."
—Metacurity, Top Infosec News Destination, @Metacurity

"The new go-to resource for a beginner in web app hacking . . . I recommend this book before anything else for a beginner trying to learn web security. Vickie provides an excellent delivery of breaking down complex concepts that makes it easy to comprehend. Also, the step by step guidance of exploiting a vulnerability is fantastic to refer back to . . . If you are a complete beginner and feel confused or lost in all of the information out there then stop, grab this book, read through it once, then use it as your guide."
—AntiRuse, @AntiRuse, Blogger

"Definitely recommend it!"
—Michael, @DoAbarrel_Troll

"Bug Bounty Bootcamp is *the* book for everyone in Information Technology, not just those interested in bug bounties . . . This easy-to-read guide breaks down complicated topics into a simple progression through technical concepts. From a foundational overview of the industry and how to get started, the reader progresses from Cross Site Scripting all the way through to API hacking and use of Fuzzers. Vickie Li has done a tremendous service to information security by sharing her expert understanding of bug hunting in a highly accessible way. Recommended reading for all IT professionals, new or veteran."
—Jess Vachon, Advanced Reviewer

"Vicki Li’s book took me from knowing nothing about bug bounties, to finding my first bug. Li goes over the process of bug bounties, writing reports, and how to make relationships with companies. Li also has expert techniques that will help your automate your hacking experience and even hacking android apps."
—Anthony Ware, Advanced Reviewer

"For anyone interested in bug detection of web services, this book is for you. It takes an approach that is enjoyable for all levels. It covers the essentials for understanding web servers and why the assortment of vulnerabilities exists with steps in what to look for in approaching those security risks. It’s not going to make you an expert overnight, but it will set you on the path towards success, bypassing the common mistakes where others have fallen."
—Riley A., Advanced Reviewer

"Step-by-step instructions to achieve your first bug bounty and a great book to reference as a security professional. This book will give insight to how bug bounty programs operate and provide resources to learn programming, security tools, and breakdown OWASP top 10 vulnerabilities."
—Jessica W., Advanced Reviewer

"Since reading The Web Application Hacker's Handbook a few years ago, I haven't seen that much web security knowledge organized in one place as in Bug Bounty Bootcamp. Vickie did a fantastic job of covering many different vulnerability classes that are important for offensively testing web applications. Explanations are made so that beginners would understand them but I was also able to find some inspirations each time I looked at the book when testing a specific vulnerability class. I highly recommend Bug Bounty Bootcamp for everyone who wants to learn about web security."
—Bug Bounty Reports Explained, YouTuber and Advanced Reviewer

"A great companion to @yaworsk's earlier book, Real-World Bounty Hunting (also by
@nostarch), and deserves a place on your bookshelf."
—@jub0bs

"An informative and well-written guide that should be of interest to anyone considering a career in API hacking through bug bounty hunting."
—Dana Epp, Security Boulevard

Ask a Question About this Product More...
 
Look for similar items by category
Home » Books » Computers » Web » Web Programming
People also searched for
How Fishpond Works
Fishpond works with suppliers all over the world to bring you a huge selection of products, really great prices, and delivery included on over 25 million products that we sell. We do our best every day to make Fishpond an awesome place for customers to shop and get what they want — all at the best prices online.
About Fishpond
Webmasters, Bloggers & Website Owners
You can earn a 8% commission by selling Bug Bounty Bootcamp: The Guide to Finding and Reporting Web Vulnerabilities on your website. It's easy to get started - we will give you example code. After you're set-up, your website can earn you money while you work, play or even sleep! You should start right now!
Sign up now
Authors / Publishers
Are you the Author or Publisher of a book? Or the manufacturer of one of the millions of products that we sell. You can improve sales and grow your revenue by submitting additional information on this title. The better the information we have about a product, the more we will sell!
Submit Information
Item ships from and is sold by Fishpond.com, Inc.

Back to top