Hi all. I wrote a book introducing the fundamentals of web application penetration testing, expressed in language I hope is friendly to coding hobbyists and beginners. I've written a few walkthroughs for basic vulnerabilities and plan to build it out with more vulnerabilities, tools, and extra resources (scripts, payload lists, etc).
I'd also like to offer all HNers half off. If you're curious and would like to get a taste of some of the content, visit http://bughunting.guide
3 comments
[ 4.4 ms ] story [ 9.8 ms ] threadI'd also like to offer all HNers half off. If you're curious and would like to get a taste of some of the content, visit http://bughunting.guide
Thanks HN!
Have you found bugs for large companies? How many?
:)
Also, is the book specific to the web attack only or does it look at the whole environment (ssh, keys in the git repos etc...?)?
Is it focussed on js only, or holes in other language/framework as well?
Thanks.