Learn how people break websites and how you can too. Real-World Bug Hunting is the premier
field guide to finding software bugs. Whether you're a cyber-security beginner who wants to
make the internet safer or a seasoned developer who wants to write secure code ethical hacker
Peter Yaworski will show you how it's done. You'll learn about the most common types of bugs
like cross-site scripting insecure direct object references and server-side request forgery.
Using real-life case studies of rewarded vulnerabilities from applications like Twitter
Facebook Google and Uber you'll see how hackers manage to invoke race conditions while
transferring money use URL parameter to cause users to like unintended tweets and more. Each
chapter introduces a vulnerability type accompanied by a series of actual reported bug
bounties. The book's collection of tales from the field will teach you how attackers trick
users into giving away their sensitive information and how sites may reveal their
vulnerabilities to savvy users. You'll even learn how you could turn your challenging new hobby
into a successful career. You'll learn: • How the internet works and basic web hacking concepts
• How attackers compromise websites • How to identify functionality commonly associated with
vulnerabilities • How to find bug bounty programs and submit effective vulnerability reports
Real-World Bug Hunting is a fascinating soup-to-nuts primer on web security vulnerabilities
filled with stories from the trenches and practical wisdom. With your new understanding of site
security and weaknesses you can help make the web a safer place--and profit while you're at
it.
