Web Hacking 101
This book is 98% complete
Last updated on 2017-03-13
About the Book
With a Foreword written by HackerOne Co-Founders Michiel Prins and Jobert Abma, Web Hacking 101 is about the ethical exploration of software for security issues but learning to hack isn't always easy. With few exceptions, existing books are overly technical, only dedicate a single chapter to website vulnerabilies or don't include any real world examples. This book is different.
Using publicly disclosed vulnerabilities, Web Hacking 101 explains common web vulnerabilities and will show you how to start finding vulnerabilities and collecting bounties. With over 30 examples, the book covers topics like:
- HTML Injection
- Cross site scripting (XSS)
- Cross site request forgery (CSRF)
- Open Redirects
- Remote Code Execution (RCE)
- Application Logic
- and more...
Each example includes a classification of the attack, a report link, the bounty paid, easy to understand description and key takeaways. After reading this book, your eyes will be opened to the wide array of vulnerabilities that exist and you'll likely never look at a website or API the same way.
I highly recommend Web Hacking 101. The $10 I paid was more than worth it when I got a $500 bounty from PayPal using examples Pete provided. Combined with the constant updates he provides, which I have access to for life, it's a great buy.
Father, hacker, Director of Technical Operations @Bugcrowd, blogger, & nerd
I support Bounty Hunters, #reading Web Hacking 101: How to Make Money Hacking Ethically by @yaworsk #bugbounty - leanpub.com/web-hacking-101 --Twitter
Co-Found of HackerOne
Want to explore the art and skill of hacking? Try the latest release of @yaworsk's book! --Twitter
Co-Founder of HackerOne
Anyone who's interested in web hacking and making money with it, I'd recommend reading this book: leanpub.com/web-hacking-101! #bugbounty --Twitter
CSO at LocalTapiola Group
Worth to read (just bought my copy): How to Make Money Hacking Ethically by @yaworsk leanpub.com/web-hacking-101 #bugbounty --Twitter
Bug Bounty participant. Blogger. Gamer.
Awesome book written by @yaworsk. If for some reason you haven't read it yet make sure you do! --Twitter
Real-world case studies that helped me score a $600 "Hack The Pentagon" bounty. This book also gave me the confidence boost I needed to land a high paying job as a security engineer at a top aerospace defense company.
Security researcher @sucurisecurity
Superb work by @yaworsk in leanpub.com/web-hacking-101 I couldn't recommend it more, awesome writing style, you definitely should get it! --Twitter
Pseudo hacker, information security lover, and bug bounty participant
Web hacking 101 is an amazing beginners guide to breaking web applications as a bug bounty hunter. All sections of the book are backed up by references from actual publicly disclosed vulnerabilities. The focus on the unique findings for each category will more than likely teach some new tricks. It is well worth double the asking price.
Software Engineer (Site Reliability and Platform Engineering) at @trivago. I solve problems and put things into production.
I recommend "Web Hacking 101" about bug bounties and web security. Great book. Thank you @yaworsk leanpub.com/web-hacking-101 #bugbounty --Twitter
The Leanpub Unconditional, No Risk, 100% Happiness Guarantee
Within 45 days of purchase you can get a 100% refund on any Leanpub purchase, in two clicks.
See full terms