Clique em uma foto para ir ao Google Livros
Carregando... Real-world bug hunting : a field guide to web hackingde Peter Yaworski
Nenhum(a) Carregando...
Registre-se no LibraryThing tpara descobrir se gostará deste livro. Ainda não há conversas na Discussão sobre este livro. Sem resenhas sem resenhas | adicionar uma resenha
Real-World Bug Hunting is a field guide to finding software bugs. Ethical hacker Peter Yaworski breaks down common types of bugs, then contextualizes them with real bug bounty reports released by hackers on companies like Twitter, Facebook, Google, Uber, and Starbucks. As you read each report, you'll gain deeper insight into how the vulnerabilities work and how you might find similar ones. Each chapter begins with an explanation of a vulnerability type, then moves into a series of real bug bounty reports that show how the bugs were found. You'll learn things like how Cross-Site Request Forgery tricks users into unknowingly submitting information to websites they are logged into; how to pass along unsafe JavaScript to execute Cross-Site Scripting; how to access another user's data via Insecure Direct Object References; how to trick websites into disclosing information with Server Side Request Forgeries; and how bugs in application logic can lead to pretty serious vulnerabilities. Yaworski also shares advice on how to write effective vulnerability reports and develop relationships with bug bounty programs, as well as recommends hacking tools that can make the job a little easier. Não foram encontradas descrições de bibliotecas. |
Current DiscussionsNenhum(a)
Google Books — Carregando... GênerosClassificação decimal de Dewey (CDD)004.24Information Computing and Information Computer science Computer ArchitecturesClassificação da Biblioteca do Congresso dos E.U.A. (LCC)AvaliaçãoMédia:
É você?Torne-se um autor do LibraryThing. |