One of the good things about Defcon is that there is a No Starch Press store at the vendors area.
So I bought it for the flight, but it took a bit longer until I was through the book.
The book has 20 chapters, starting with Bug Bounty Basics. The next 17 chapters go through different classes of vulnerabitlites like XSS, SQLi, memory corruption, CSRF and so on.
After an explanation of the vulnerabilty itself, real reports are also included with further hints. At the end of each chapter the reader can find useful takeaways.
The last two chapters are not about bugs, one is about finding bugs in general, including some descriptions for tactics and tools. The last chapter is about writing a good report, communication to the companies and how to deal with the different programmes, which seems very useful to me.
Real-World Bug Hunting is helping to maximaize payouts and finding more bugs. It shows up lots of attack vectors and creative way for exploing them.
Real-World Bug Hunting: A Field Guide to Web Hacking Author: Peter Yaworski Content: A very practical guide to bug hunting and bug bounties Career: Penetration Tester, Bug Bounty Level: Beginner, Intermediate
The Hacker Playbook 3 Authors: Peter Kim Content: Main focus is on Red Teaming Career: Penetration Tester Level: Intermediate, Expert
This week I did read the great book The Hacker Playbook 3 by Peter Kim. The focus of the book lies on Red Teaming, it makes sense to read also the first two books if you do not have prior knowledge to penetration testing.
Difference between pentesting and red teaming
MITRE ATT&CK framework
optional lab setup & exercises
about web attacks like node.js, nosql injections, deserializiation attacks and more
hacking the (windows) network for example with responder, password spraying
privilege escalation with misconfigured services, exploit suggester and more
mimikatz magic of course
attacks on macs with empire
bloodhound and sharphound
lateral movement using different techniques
social engineering campaings & physical attacks
recompile meterpreter dlls for avoiding detection
write your own droppers
I highly recommend this book, especially if you are into Red Teaming it is a good resource. Maybe a report about owing the Cyber Space Kittens lab would have been nice, since reporting in Red Teaming is a non trivial task.
Hands-On Bug Hunting for Penetration Testers Author: Joseph Marshall Content: Go through common bugs in Webapps and introduction to bug bounties Career: Penetration Tester, Bug Bounty Level: Beginner
The main audience of Bug Hunting for Penetration Testers are coders and penetration testers interested in bug bounties. The book goes through bug bounty programs, penetration testing and the usual web security vulnerabilites like XSS, SQL injections, XEE and so on.
As the title sais, the book was written for people with prior knowledge in penetration testing. So the vulnerabtilies are not explained in depth, but nevertheless it is suitable also for beginners if they are willing to go deeper later and using other sources, after each chapter there are some recommendations for it.
For me the perspective as a bug hunter is pretty interesting, and the book is going into automatisation of some tasks and which vulnerabilites are usually interesting for bug bounty programs and how to report them. For getting an impression about the coding have a look here, unfortunatelly the code base is for python 2.7 and not python 3. The books is also informing about information gathering and bug bounty strategies. What I also like are the end-to-end examples, from finding and exploiting a vulnerability to a short example report. Later reporting is explained into more detail.
If you are interested in Bug Bounty programs you should have a look into this book.