- Hands-On Bug Hunting for Penetration Testers
- Joseph Marshall
- 91字
- 2021-07-16 17:53:07
Questions
- What are some differences between third-party marketplaces such as Bugcrowd and bug bounty programs offered by individual companies?
- Is it worth it to participate in programs that reward vulnerabilities with swag? Why or why not?
- What's a private bug bounty program?
- What are some resources you can use to find programs not covered in this chapter?
- What makes a site more or less attractive as a hunting ground for reward-eligible bugs?
- What is coordinated vulnerability disclosure?
- What steps can you take to minimize your legal liability during a pentesting session?
推薦閱讀
- Enterprise Cloud Security and Governance
- 模糊測試:強制發掘安全漏洞的利器
- Learning Devise for Rails
- 網絡空間安全實驗
- Advanced Penetration Testing for Highly:Secured Environments(Second Edition)
- Instant Java Password and Authentication Security
- End to End GUI Development with Qt5
- 網絡安全大數據分析與實戰
- Mastering Linux Security and Hardening
- Mastering Python for Networking and Security
- 云計算安全:關鍵技術、原理及應用
- 網絡空間安全實戰基礎
- 從實踐中學習Nmap滲透測試
- Real-World SRE
- 動態賦能網絡空間防御