- Bug Bounty Hunting Essentials
- Carlos A. Lozano Shahmeer Amir
- 81字
- 2021-06-10 18:35:30
Clarity
The report should be clear and should not misguide the reader into thinking that the researcher is being pushy. The following is an example of a report that sounds unclear:
"I would like to report a very critical using which you can takeover user accounts and should be fixed ASAP."
However, a clear description may contain the following sentence:
"This report contains technical details about a vulnerability in the password reset function which can allow users to take over accounts."
推薦閱讀
- 為你護航:網(wǎng)絡(luò)空間安全科普讀本(第2版)
- Rootkit和Bootkit:現(xiàn)代惡意軟件逆向分析和下一代威脅
- 等級保護測評理論及應(yīng)用
- Mastering Kali Linux for Advanced Penetration Testing
- Preventing Digital Extortion
- 計算機病毒原理與防范(第2版)
- 模糊測試:強制發(fā)掘安全漏洞的利器
- CTF競賽權(quán)威指南(Pwn篇)
- 從實踐中學習Kali Linux滲透測試
- 實用黑客攻防技術(shù)
- Mastering Linux Security and Hardening
- 聯(lián)邦學習原理與算法
- 一本書讀透金融科技安全
- 數(shù)據(jù)恢復(fù)技術(shù)深度揭秘
- 互聯(lián)網(wǎng)域名國際化與安全技術(shù)導(dǎo)論