- Incomplete reports do not pay much bounty if they are not fully explained; an SQL injection vulnerability is always rewarded and deemed most critical, but this report was not sufficient so it attracted a smaller reward
- SQL injection vulnerabilities are not necessarily hard to find and exploit; it is just a matter of spending time and looking for these vulnerabilities
- Title Page
- Copyright and Credits
- About Packt
- Contributors
- Preface
- Basics of Bug Bounty Hunting
- How to Write a Bug Bounty Report
- SQL Injection Vulnerabilities
- Cross-Site Request Forgery
- Application Logic Vulnerabilities
- Cross-Site Scripting Attacks
- SQL Injection
- Open Redirect Vulnerabilities
- Sub-Domain Takeovers
- XML External Entity Vulnerability
- Template Injection
- Top Bug Bounty Hunting Tools
- Top Learning Resources
- Other Books You May Enjoy
Key learning from this report
-
No Comment
..................Content has been hidden....................
You can't read the all page of ebook, please click here login for view all page.