Web Hacking 101

$9.99

Minimum price

$24.99

Suggested price

Web Hacking 101

How to Make Money Hacking Ethically

3,668
Readers
255
Pages
69,453
Words
45 days
guarantee
English
PDF
EPUB
MOBI
WEB

About the Book

With a Foreword written by HackerOne Co-Founders Michiel Prins and Jobert Abma, Web Hacking 101 is about the ethical exploration of software for security issues but learning to hack isn't always easy. With few exceptions, existing books are overly technical, only dedicate a single chapter to website vulnerabilies or don't include any real world examples. This book is different.

Using publicly disclosed vulnerabilities, Web Hacking 101 explains common web vulnerabilities and will show you how to start finding vulnerabilities and collecting bounties. With over 30 examples, the book covers topics like:

HTML Injection
Cross site scripting (XSS)
Cross site request forgery (CSRF)
Open Redirects
Remote Code Execution (RCE)
Application Logic
and more...

Each example includes a classification of the attack, a report link, the bounty paid, easy to understand description and key takeaways. After reading this book, your eyes will be opened to the wide array of vulnerabilities that exist and you'll likely never look at a website or API the same way.

Share this book
Translations
Feedback
Email the Author(s)

Peter Yaworski

Peter Yaworski is a self-taught developer who started off "developing" websites with Drupal. As he slowly started picking things up, he published YouTube video tutorials to give back to others.

He has since moved on to Rails and Android before developing a keen interest in software security. Right now, he is focused on developing Dailylearns.com, where he is the Lead Developer, and continuing to learn about software development best practices.

You can find his site at www.TorontoWebsiteDeveloper.com or message him on Twitter.

Danil Gribkov

@danilgribkov

I highly recommend Web Hacking 101. The $10 I paid was more than worth it when I got a $500 bounty from PayPal using examples Pete provided. Combined with the constant updates he provides, which I have access to for life, it's a great buy.

Jason Haddix

Father, hacker, Director of Technical Operations @Bugcrowd, blogger, & nerd

I support Bounty Hunters, #reading Web Hacking 101: How to Make Money Hacking Ethically by @yaworsk #bugbounty - leanpub.com/web-hacking-101 --Twitter

Michiel Prins

Co-Found of HackerOne

Want to explore the art and skill of hacking? Try the latest release of @yaworsk's book! --Twitter

Jobert Abma

Co-Founder of HackerOne

Anyone who's interested in web hacking and making money with it, I'd recommend reading this book: leanpub.com/web-hacking-101! #bugbounty --Twitter

Leo Niemelä

CSO at LocalTapiola Group

Worth to read (just bought my copy): How to Make Money Hacking Ethically by @yaworsk leanpub.com/web-hacking-101 #bugbounty --Twitter

Ben Sadeghipour

Bug Bounty participant. Blogger. Gamer.

Awesome book written by @yaworsk. If for some reason you haven't read it yet make sure you do! --Twitter

Jonathan Avery

Hacker

Real-world case studies that helped me score a $600 "Hack The Pentagon" bounty. This book also gave me the confidence boost I needed to land a high paying job as a security engineer at a top aerospace defense company.

@brutelogic

Security researcher @sucurisecurity

Superb work by @yaworsk in leanpub.com/web-hacking-101 I couldn't recommend it more, awesome writing style, you definitely should get it! --Twitter

Ebrietas

Pseudo hacker, information security lover, and bug bounty participant

Web hacking 101 is an amazing beginners guide to breaking web applications as a bug bounty hunter. All sections of the book are backed up by references from actual publicly disclosed vulnerabilities. The focus on the unique findings for each category will more than likely teach some new tricks. It is well worth double the asking price.

Andy Grunwald

Software Engineer (Site Reliability and Platform Engineering) at @trivago. I solve problems and put things into production.

I recommend "Web Hacking 101" about bug bounties and web security. Great book. Thank you @yaworsk leanpub.com/web-hacking-101 #bugbounty --Twitter

1. Foreword
2. Introduction
- - How It All Started
  - Just 30 Examples and My First Sale
  - Who This Book Is Written For
  - Chapter Overview
  - Word of Warning and a Favour
3. Background
4. Open Redirect Vulnerabilities
- Description
- Examples
  - 1. Shopify Theme Install Open Redirect
  - 2. Shopify Login Open Redirect
  - 3. HackerOne Interstitial Redirect
- Summary
5. HTTP Parameter Pollution
- Description
- Examples
  - 1. HackerOne Social Sharing Buttons
  - 2. Twitter Unsubscribe Notifications
  - 3. Twitter Web Intents
- Summary
6. Cross-Site Request Forgery
- Description
- Examples
  - 1. Shopify Twitter Disconnect
  - 2. Change Users Instacart Zones
  - 3. Badoo Full Account Takeover
- Summary
7. HTML Injection
- Description
- Examples
  - 1. Coinbase Comments
  - 2. HackerOne Unintended HTML Inclusion
  - 3. Within Security Content Spoofing
- Summary
8. CRLF Injection
- Description
  - 1. Twitter HTTP Response Splitting
  - 2. v.shopify.com Response Splitting
- Summary
9. Cross-Site Scripting
- Description
- Examples
  - 1. Shopify Wholesale
  - 2. Shopify Giftcard Cart
  - 3. Shopify Currency Formatting
  - 4. Yahoo Mail Stored XSS
  - 5. Google Image Search
  - 6. Google Tagmanager Stored XSS
  - 7. United Airlines XSS
- Summary
10. Template Injection
- Description
  - Server Side Template Injections
  - Client Side Template Injections
- Examples
  - 1. Uber Angular Template Injection
  - 2. Uber Template Injection
  - 3. Rails Dynamic Render
- Summary
11. SQL Injection
- Description
  - SQL Databases
  - Countermeasures Against SQLi
- Examples
  - 1. Drupal SQL Injection
  - 2. Yahoo Sports Blind SQL
  - 3. Uber Blind SQLi
- Summary
12. Server Side Request Forgery
- Description
  - HTTP Request Location
  - Invoking GET Versus POST Requests
  - Blind SSRFs
  - Leveraging SSRF
- Examples
  - 1. ESEA SSRF and Querying AWS Metadata
  - 2. Google Internal DNS SSRF
  - 3. Internal Port Scanning
- Summary
13. XML External Entity Vulnerability
- Description
- Examples
  - 1. Read Access to Google
  - 2. Facebook XXE with Word
  - 3. Wikiloc XXE
- Summary
14. Remote Code Execution
- Description
- Examples
  - 1. Polyvore ImageMagick
  - 2. Algolia RCE on facebooksearch.algolia.com
  - 3. Foobar Smarty Template Injection RCE
- Summary
15. Memory
- Description
  - Buffer Overflow
  - Read out of Bounds
  - Memory Corruption
- Examples
  - 1. PHP ftp_genlist()
  - 2. Python Hotshot Module
  - 3. Libcurl Read Out of Bounds
  - 4. PHP Memory Corruption
- Summary
16. Sub Domain Takeover
- Description
- Examples
  - 1. Ubiquiti Sub Domain Takeover
  - 2. Scan.me Pointing to Zendesk
  - 3. Shopify Windsor Sub Domain Takeover
  - 4. Snapchat Fastly Takeover
  - 5. api.legalrobot.com
  - 6. Uber SendGrid Mail Takeover
- Summary
17. Race Conditions
- Description
- Examples
  - 1. Starbucks Race Conditions
  - 2. Accepting HackerOne Invites Multiple Times
  - 3. Exceeding Keybase Invitation Limits
  - 4. HackerOne Payments
- Summary
18. Insecure Direct Object References
- Description
- Examples
  - 1. Binary.com Privilege Escalation
  - 2. Moneybird App Creation
  - 3. Twitter Mopub API Token Stealing
- Summary
19. OAuth
- Description
- Examples
  - 1. Swiping Facebook Official Access Tokens
  - 2. Stealing Slack OAuth Tokens
  - 3. Stealing Google Drive Spreadsheets
- Summary
20. Application Logic Vulnerabilities
- Description
- Examples
  - 1. Shopify Administrator Privilege Bypass
  - 2. HackerOne Signal Manipulation
  - 3. Shopify S3 Buckets Open
  - 4. HackerOne S3 Buckets Open
  - 5. Bypassing GitLab Two Factor Authentication
  - 6. Yahoo PHP Info Disclosure
  - 7. HackerOne Hacktivity Voting
  - 8. Accessing PornHub’s Memcache Installation
  - 9. Bypassing Twitter Account Protections
- Summary
21. Getting Started
- Reconnaissance
  - Subdomain Enumeration
  - Port Scanning
  - Screenshotting
  - Content Discovery
  - Previous Bugs
- Testing the Application
  - The Technology Stack
  - Functionality Mapping
  - Finding Vulnerabilities
- Going Further
- Summary
22. Vulnerability Reports
- Read the disclosure guidelines.
- Include Details. Then Include More.
- Confirm the Vulnerability
- Show Respect for the Company
- Bounties
- Don’t Shout Hello Before Crossing the Pond
- Parting Words
23. Tools
- Burp Suite
- ZAP Proxy
- Knockpy
- HostileSubBruteforcer
- Sublist3r
- crt.sh
- IPV4info.com
- SecLists
- XSSHunter
- sqlmap
- Nmap
- Eyewitness
- Gowitness
- Gobuster
- Meg
- Shodan
- Censys
- What CMS
- BuiltWith
- Nikto
- Recon-ng
- GitRob
- CyberChef
- OnlineHashCrack.com
- idb
- Wireshark
- Bucket Finder
- Race the Web
- Google Dorks
- JD GUI
- Mobile Security Framework
- Ysoserial
- Firefox Plugins
  - FoxyProxy
  - User Agent Switcher
  - Firebug
  - Hackbar
  - Websecurify
  - Cookie Manager+
  - XSS Me
  - Offsec Exploit-db Search
  - Wappalyzer
24. Resources
- Online Training
  - Web Application Exploits and Defenses
  - The Exploit Database
  - Udacity
- Bug Bounty Platforms
  - Hackerone.com
  - Bugcrowd.com
  - Synack.com
  - Cobalt.io
  - Video Tutorials
  - youtube.com/yaworsk1
  - Seccasts.com
  - How to Shot Web
- Further Reading
  - OWASP.com
  - Hackerone.com/hacktivity
  - https://bugzilla.mozilla.org
  - Twitter #infosec and #bugbounty
  - Twitter @disclosedh1
  - Web Application Hackers Handbook
  - Bug Hunters Methodology
- Recommended Blogs
  - philippeharewood.com
  - Philippe’s Facebook Page - www.facebook.com/phwd-113702895386410
  - fin1te.net
  - NahamSec.com
  - blog.it-securityguard.com
  - blog.innerht.ml
  - blog.orange.tw
  - Portswigger Blog
  - Nvisium Blog
  - blog.zsec.uk
  - brutelogic.com.br
  - lcamtuf.blogspot.ca
  - Bug Crowd Blog
  - HackerOne Blog
- Cheatsheets
25. Glossary
- - Black Hat Hacker
  - Buffer Overflow
  - Bug Bounty Program
  - Bug Report
  - CRLF Injection
  - Cross Site Request Forgery
  - Cross Site Scripting
  - HTML Injection
  - HTTP Parameter Pollution
  - HTTP Response Splitting
  - Memory Corruption
  - Open Redirect
  - Penetration Testing
  - Researchers
  - Response Team
  - Responsible Disclosure
  - Vulnerability
  - Vulnerability Coordination
  - Vulnerability Disclosure
  - White Hat Hacker
26. Appendix A - Take Aways
- Open Redirects
- HTTP Parameter Pollution
- Cross Site Request Forgery
- HTML Injection
- CRLF Injections
- Cross-Site Scripting
- SSTI
- SQL Injection
- Server Side Request Forgery
- XML External Entity Vulnerability
- Remote Code Execution
- Memory
- Sub Domain Takeover
- Race Conditions
- Insecure Direct Object References
- OAuth
- Application Logic Vulnerabilities
27. Appendix B - Web Hacking 101 Changelog

The Leanpub 45-day 100% Happiness Guarantee

Within 45 days of purchase you can get a 100% refund on any Leanpub purchase, in two clicks.

See full terms

Do Well. Do Good.

Authors have earned$11,020,212writing, publishing and selling on Leanpub, earning 80% royalties while saving up to 25 million pounds of CO2 and up to 46,000 trees.

Learn more about writing on Leanpub

Free Updates. DRM Free.

If you buy a Leanpub book, you get free updates for as long as the author updates the book! Many authors use Leanpub to publish their books in-progress, while they are writing them. All readers get free updates, regardless of when they bought the book or how much they paid (including free).

Most Leanpub books are available in PDF (for computers), EPUB (for phones and tablets) and MOBI (for Kindle). The formats that a book includes are shown at the top right corner of this page.

Finally, Leanpub books don't have any DRM copy-protection nonsense, so you can easily read them on any supported device.

Learn more about Leanpub's ebook formats and where to read them

Write and Publish on Leanpub

You can use Leanpub to easily write, publish and sell in-progress and completed ebooks and online courses!

Leanpub is a powerful platform for serious authors, combining a simple, elegant writing and publishing workflow with a store focused on selling in-progress ebooks.

Leanpub is a magical typewriter for authors: just write in plain text, and to publish your ebook, just click a button. (Or, if you are producing your ebook your own way, you can even upload your own PDF, EPUB and/or MOBI files and then publish with one click!) It really is that easy.

Learn more about writing on Leanpub

Top Books

#1
Retrocomputing with Clash
Gergő Érdi
Haskell for FPGA Hardware Design: Use abstractions like monads and lenses to implement 1970's retro-computing devices like arcade machines and home computers.
#2
Aprendiendo Git
Miguel Angel Durán García
Git no es complicado... ¡Si lo entiendes! 😜

¿Sientes que sabes usarlo porque has memorizado todos los comandos que necesitas? ¡Pero no entiendes qué hace cada cosa y por qué! Así es normal que, cuando exista un problema, te cueste resolverlo.

¡Con este libro vas a entender de una vez por todas todo lo que es Git y cómo sacarle provecho!
#3
Ansible for DevOps
Jeff Geerling
Ansible is a simple, but powerful, server and configuration management tool. Learn to use Ansible effectively, whether you manage one server—or thousands.
#4
Jetpack Compose internals
Jorge Castillo
Jetpack Compose is the future of Android UI. Master how it works internally and become a more efficient developer with it. You'll also find it valuable if you are not an Android dev. This book provides all the details to understand how the Compose compiler & runtime work, and how to create a client library using them.
#5
Atomic Kotlin
Bruce Eckel and Svetlana Isakova
For both beginning and experienced programmers! From the author of the multi-award-winning Thinking in C++ and Thinking in Java and a Kotlin team member comes a book that breaks concepts into small, easy-to-digest "atoms," along with exercises supported by hints and solutions directly inside IntelliJ IDEA! Full support at www.AtomicKotlin.com.
#6
Stratospheric
Tom Hombergs, Björn Wilmsmann, and Philip Riecks
From Zero to Production with Spring Boot and AWS. All you need to know to get a Spring Boot application into production with AWS. No previous AWS knowledge required.

Go to stratospheric.dev for a tour of the contents.
#7
Functional Programming Made Easier
Charles Scalfani
A Functional Programming book from beginner to advanced without skipping a single step along the way.

In my 40 years of programming, I've felt that programming books always let me down, especially Functional Programming books. So, I wrote the book I wish I had 5 years ago.

Functional Programming will never be easy, but it can be easier.
#8
C++20 - The Complete Guide
Nicolai M. Josuttis
All the new language and library features of C++20 (for those who know previous versions).

The book presents all new language and library features of C++20. Learn how this impacts day-to-day programming, to benefit in practice, to combine new features, and to avoid all new traps.

Buy early, pay less, free updates.
Other books:
C++17
C++ Move Semantics
#9
Cloud Strategy
Gregor Hohpe
“Strategy is the difference between making a wish and making it come true.” A successful migration to the cloud can transform your organization, but it shouldn’t be driven by wishes. This book tells you how to develop a sound strategy guided by frameworks and decision models without being overly abstract nor getting lost in product details.
#10
Continuous Delivery Pipelines
Dave Farley
This practical handbook provides a step-by-step guide for you to get the best continuous delivery pipeline for your software.

Web Hacking 101

Web Hacking 101

How to Make Money Hacking Ethically

About the Book

Share this book

Translations

Feedback

Danil Gribkov

Jason Haddix

Michiel Prins

Jobert Abma

Leo Niemelä

Ben Sadeghipour

Jonathan Avery

@brutelogic

Ebrietas

Andy Grunwald

The Leanpub 45-day 100% Happiness Guarantee

Do Well. Do Good.

Authors have earned$11,020,212writing, publishing and selling on Leanpub, earning 80% royalties while saving up to 25 million pounds of CO2 and up to 46,000 trees.Learn more about writing on Leanpub

Free Updates. DRM Free.

Write and Publish on Leanpub

Top Books

Retrocomputing with Clash

Aprendiendo Git

Ansible for DevOps

Jetpack Compose internals

Atomic Kotlin

Stratospheric

Functional Programming Made Easier

C++20 - The Complete Guide

Cloud Strategy

Continuous Delivery Pipelines

Top Bundles

CCIE Service Provider Ultimate Study Bundle

CCIE Service Provider Ultimate Study Bundle

Practical FP in Scala + Functional event-driven architecture

Practical FP in Scala + Functional event-driven architecture

Experiential Learning Bundle

Experiential Learning Bundle

Linux Administration Complet

Linux Administration Complet

Software Architecture for Developers: Volumes 1 & 2 - Technical leadership and communication

Software Architecture for Developers: Volumes 1 & 2 - Technical leadership and communication

Cisco CCNA 200-301 Complet

Cisco CCNA 200-301 Complet

Retromat eBook Bundle for Agile Retrospectives

Retromat eBook Bundle for Agile Retrospectives

CCDE Practical Studies (All labs)

CCDE Practical Studies (All labs)

Pattern-Oriented Memory Forensics and Malware Detection

Pattern-Oriented Memory Forensics and Malware Detection

Books on problem-solving using Agile, Lean, Complexity, and more

Books on problem-solving using Agile, Lean, Complexity, and more

Publish Early, Publish Often

Path

READERS

Newsletters

Store

Support

FRONTMATTER PODCAST

COMPANY

About

Essays

More

AUTHORS

Write and Publish on Leanpub

Author Newsletter

Author Support

Developer Support

Companies

Universities

LEGAL

Authors have earned$11,020,212writing, publishing and selling on Leanpub, earning 80% royalties while saving up to 25 million pounds of CO2 and up to 46,000 trees.

Learn more about writing on Leanpub