The Guide to Finding and Reporting Web Vulnerabilities
About the Author
About the Tech Reviewer
Foreword
Introduction
Who This Book Is For
What Is In This Book
Happy Hacking!
1 Picking a Bug Bounty Program
- The State of the Industry
- Asset Types
- Bug Bounty Platforms
- Scope, Payouts, and Response Times
- Private Programs
- Choosing the Right Program
- A Quick Comparison of Popular Programs
2 Sustaining Your Success
- Writing a Good Report
- Building a Relationship with the Development Team
- Understanding Why You’re Failing
- What to Do When You’re Stuck
- Lastly, a Few Words of Experience
3 How the Internet Works
- The Client-Server Model
- The Domain Name System
- Internet Ports
- HTTP Requests and Responses
- Internet Security Controls
- Learn to Program
4 Environmental Setup and Traffic Interception
- Choosing an Operating System
- Setting Up the Essentials: A Browser and a Proxy
- Using Burp
- A Final Note on . . . Taking Notes
5 Web Hacking Reconnaissance
- Manually Walking Through the Target
- Google Dorking
- Scope Discovery
- Other Sneaky OSINT Techniques
- Tech Stack Fingerprinting
- Writing Your Own Recon Scripts
- A Note on Recon APIs
- Start Hacking!
- Tools Mentioned in This Chapter
6 Cross-Site Scripting
- Mechanisms
- Types of XSS
- Prevention
- Hunting for XSS
- Bypassing XSS Protection
- Escalating the Attack
- Automating XSS Hunting
- Finding Your First XSS!
7 Open Redirects
- Mechanisms
- Prevention
- Hunting for Open Redirects
- Bypassing Open-Redirect Protection
- Escalating the Attack
- Finding Your First Open Redirect!
8 Clickjacking
- Mechanisms
- Prevention
- Hunting for Clickjacking
- Bypassing Protections
- Escalating the Attack
- A Note on Delivering the Clickjacking Payload
- Finding Your First Clickjacking Vulnerability!
9 Cross-Site Request Forgery
- Mechanisms
- Prevention
- Hunting for CSRFs
- Bypassing CSRF Protection
- Escalating the Attack
- Delivering the CSRF Payload
- Finding Your First CSRF!
10 Insecure Direct Object References
- Mechanisms
- Prevention
- Hunting for IDORs
- Bypassing IDOR Protection
- Escalating the Attack
- Automating the Attack
- Finding Your First IDOR!
11 SQL Injection
- Mechanisms
- Prevention
- Hunting for SQL Injections
- Escalating the Attack
- Automating SQL Injections
- Finding Your First SQL Injection!
12 Race Conditions
- Mechanisms
- When a Race Condition Becomes a Vulnerability
- Prevention
- Hunting for Race Conditions
- Escalating Race Conditions
- Finding Your First Race Condition!
13 Server-Side Request Forgery
- Mechanisms
- Prevention
- Hunting for SSRFs
- Bypassing SSRF Protection
- Escalating the Attack
- Finding Your First SSRF!
14 Insecure Deserialization
- Mechanisms
- Prevention
- Hunting for Insecure Deserialization
- Escalating the Attack
- Finding Your First Insecure Deserialization!
15 XML External Entity
- Mechanisms
- Prevention
- Hunting for XXEs
- Escalating the Attack
- More About Data Exfiltration Using XXEs
- Finding Your First XXE!
16 Template Injection
- Mechanisms
- Prevention
- Hunting for Template Injection
- Escalating the Attack
- Automating Template Injection
- Finding Your First Template Injection!
17 Application Logic Errors and Broken Access Control
- Application Logic Errors
- Broken Access Control
- Prevention
- Hunting for Application Logic Errors and Broken Access Control
- Escalating the Attack
- Finding Your First Application Logic Error or Broken Access Control!
18 Remote Code Execution
- Mechanisms
- Prevention
- Hunting for RCEs
- Escalating the Attack
- Bypassing RCE Protection
- Finding Your First RCE!
19 Same-Origin Policy Vulnerabilities
- Mechanisms
- Hunting for SOP Bypasses
- Escalating the Attack
- Finding Your First SOP Bypass Vulnerability!
20 Single-Sign-On Security Issues
- Mechanisms
- Note
- Hunting for Subdomain Takeovers
- Monitoring for Subdomain Takeovers
- Hunting for SAML Vulnerabilities
- Hunting for OAuth Token Theft
- Escalating the Attack
- Finding Your First SSO Bypass!
21 Information Disclosure
- Mechanisms
- Prevention
- Hunting for Information Disclosure
- Escalating the Attack
- Finding Your First Information Disclosure!
22 Conducting Code Reviews
- Note
- White-Box vs. Black-Box Testing
- The Fast Approach: grep Is Your Best Friend
- The Detailed Approach
- Exercise: Spot the Vulnerabilities
23 Hacking Android Apps
- Note
- Setting Up Your Mobile Proxy
- Bypassing Certificate Pinning
- Anatomy of an APK
- Tools to Use
- Hunting for Vulnerabilities
24 API Hacking
- What Are APIs?
- Hunting for API Vulnerabilities
25 Automatic Vulnerability Discovery Using Fuzzers
- What Is Fuzzing?
- How a Web Fuzzer Works
- The Fuzzing Process
- Fuzzing with Wfuzz
- Fuzzing vs. Static Analysis
- Pitfalls of Fuzzing
- Adding to Your Automated Testing Toolkit

文江博客开发文档 Bug Bounty Bootcamp 中文版文章详情

文章来源于网络收集而来，版权归原创者所有，如有侵权请及时联系！

Finding Your First Information Disclosure!

发布于 2024-10-11 20:34:05 字数 1151 浏览 0 评论 0 收藏 0

Now that you understand the common types of information leaks and how to find them, follow the steps discussed in this chapter to find your first information disclosure:

既然你了解了信息泄漏的常见类型和如何找到它们，请按照本章中讨论的步骤查找您的第一个信息披露：

Look for software version numbers and configuration information by using the recon techniques presented in Chapter 5 .
Start searching for exposed configuration files, database files, and other sensitive files uploaded to the production server that aren’t protected properly. Techniques you can use include path traversal, scraping the Wayback Machine or paste dump sites, and looking for files in exposed .git directories.
Find information in the application’s public files, such as its HTML and JavaScript source code, by grep ping the file with keywords.
Consider the impact of the information you find before reporting it, and explore ways to escalate its impact.
Draft your first information disclosure report and send it over to the bug bounty program!

收藏 0

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

列表为空，暂无数据

我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的隐私政策了解更多相关信息。单击 接受 或继续使用网站，即表示您同意使用 Cookies 和您的相关数据。

原文