Introduction
Part I: The Industry
Chapter 1: Picking a Bug Bounty Program
Chapter 2: Sustaining Your Success
Part II: Getting Started
Chapter 3: How the Internet Works
Chapter 4: Environmental Setup and Traffic Interception
Chapter 5: Web Hacking Reconnaissance
Part III: Web Vulnerabilities
Chapter 6: Cross-Site Scripting
Chapter 7: Open Redirects
Chapter 8: Clickjacking
Chapter 9: Cross-Site Request Forgery
Chapter 10: Insecure Direct Object References
Chapter 11: SQL Injection
Chapter 12: Race Conditions
Chapter 13: Server-Side Request Forgery
Chapter 14: Insecure Deserialization
Chapter 15: XML External Entity Vulnerabilities
Chapter 16: Template Injection
Chapter 17: Application Logic Errors and Broken Access Control
Chapter 18: Remote Code Execution
Chapter 19: Same Origin Policy Vulnerabilities
Chapter 20: Single-Sign-On Issues
Chapter 21: Information Disclosure
Part IV: Expert Techniques
Chapter 22: Conducting Code Reviews
Chapter 23: Hacking Android Apps
Chapter 24: API Hacking
Chapter 25: Automatic Vulnerability Discovery Using Fuzzers
View the Copyright page
View the detailed Table of Contents
View the Index