HSPLS site
Login
My List - 0
Help
Search
My Account
Databases
HI Newspaper
eBooks/Audiobooks
Learning
PC Reservation
Reading Program
Basic
Advanced
Power
History
Search:
Title Browse
Author Browse
Subject Browse
Best Seller Browse
Music Title Browse
Video/DVD Title Browse
Journal/Newspaper Title Browse
Serial Title Browse
Series Browse (includes Bestseller List)
General Keyword
Title Keyword
Author Keyword
Subject Keyword
Name Keyword
Series Keyword
Score Title Browse
Talking Book Title Browse
Awards Note Browse
Bib No.
Barcode
Refine Search
> You're searching:
HAWAII STATE PUBLIC LIBRARY SYSTEM
Item Information
Holdings
Summary
More Content
More by this author
Yaworski, Peter, author.
Subjects
Debugging in computer science.
Penetration testing (Computer security)
Web sites -- Testing.
Browse Catalog
by author:
Yaworski, Peter, author.
by title:
Real-world bug hunti...
MARC Display
Real-world bug hunting : a field guide to web hacking / by Peter Yaworski.
by
Yaworski, Peter, author.
San Francisco : No Starch Press, [2019]
Subjects
Debugging in computer science.
Penetration testing (Computer security)
Web sites -- Testing.
ISBN:
9781593278618 (paperback) :
1593278616 (paperback)
Description:
xxv, 235 pages : illustrations ; 24 cm
Requests:
0
Summary:
"Uses real-world bug reports (vulnerabilities in software or in this case web applications) to teach programmers and InfoSec professionals how to discover and protect vulnerabilities in web applications. Real-World Bug Hunting is a field guide to finding software bugs. Ethical hacker Peter Yaworski breaks down common types of bugs, then contextualizes them with real bug bounty reports released by hackers on companies like Twitter, Facebook, Google, Uber, and Starbucks. As you read each report, you'll gain deeper insight into how the vulnerabilities work and how you might find similar ones. Each chapter begins with an explanation of a vulnerability type, then moves into a series of real bug bounty reports that show how the bugs were found. You'll learn things like how Cross-Site Request Forgery tricks users into unknowingly submitting information to websites they are logged into; how to pass along unsafe JavaScript to execute Cross-Site Scripting; how to access another user's data via Insecure Direct Object References; how to trick websites into disclosing information with Server Side Request Forgeries; and how bugs in application logic can lead to pretty serious vulnerabilities. Yaworski also shares advice on how to write effective vulnerability reports and develop relationships with bug bounty programs, as well as recommends hacking tools that can make the job a little easier"--
Copy/Holding information
Location
Collection
Call No.
Status
Hawaii State Library
Business, Science & Technology
004.24 Ya
Checked In
Add Copy to MyList
Horizon Information Portal 3.0
© 2001-2013
SirsiDynix
All rights reserved.