Real-World Bug Hunting

Real-World Bug Hunting

A Field Guide to Web Hacking
by Peter Yaworski
June 2019 (estimated), 264 pp.

Order now and get early access to the PDF ebook!
(What's Early Access?)
(Which chapters are available now?)

Get 30% off with the coupon code EARLYBIRD

Real-World Bug Hunting is a field guide to finding software bugs. Ethical hacker Peter Yaworski breaks down common types of bugs, then contextualizes them with real bug bounty reports released by hackers on companies like Twitter, Facebook, Google, Uber, and Starbucks. As you read each report, you'll gain deeper insight into how the vulnerabilities work and how you might find similar ones.

Each chapter begins with an explanation of a vulnerability type, then moves into a series of real bug bounty reports that show how the bugs were found. You'll learn things like how Cross-Site Request Forgery tricks users into unknowingly submitting information to websites they are logged into; how to pass along unsafe JavaScript to execute Cross-Site Scripting; how to access another user's data via Insecure Direct Object References; how to trick websites into disclosing information with Server Side Request Forgeries; and how bugs in application logic can lead to pretty serious vulnerabilities. Yaworski also shares advice on how to write effective vulnerability reports and develop relationships with bug bounty programs, as well as recommends hacking tools that can make the job a little easier.

Author Bio 

Peter Yaworski is a self-taught developer and ethical hacker who began building websites exclusively with Drupal. Since then, he has expanded his interest to Rails, Android app development, and software security, while producing over 100 video tutorials and interviews on YouTube covering ethical hacking, web development, and Android to help teach others what he's learned. Peter continues to be an active bug bounty participant with thanks from Shopify, HackerOne, Salesforce, Twitter, Starbucks and the US Department of Defense among others.

Table of contents 

Now Available in Early Access!


Chapter 1: Background
Chapter 2: Open Redirect Vulnerability (AVAILABLE NOW!)
Chapter 3: HTTP Parameter Pollution (AVAILABLE NOW!)
Chapter 4: Cross-Site Request Forgery (AVAILABLE NOW!)
Chapter 5: HTML Injection and Content Spoofing
Chapter 6: Carriage Return Line Feed Injection (AVAILABLE NOW!)
Chapter 7: Cross-Site Scripting
Chapter 8: Template Injections
Chapter 9: SQL Injection
Chapter 10: Server-Side Request Forgery
Chapter 11: XML External Entity (XXE) Vulnerability
Chapter 12: Remote Code Execution
Chapter 13: Memory Vulnerabilities
Chapter 14: Subdomain Takeover
Chapter 15: Race Conditions
Chapter 16: Insecure Direct Object References
Chapter 17: OAuth
Chapter 18: Application Logic and Configuration Vulnerabilities
Chapter 19: Finding Your Own Bug Bounties
Chapter 20: Vulnerability Reports

Appendix A: Tools
Appendix B: Resources