Real-world bug hunting: a field guide to web hacking
Gespeichert in:
1. Verfasser: | |
---|---|
Format: | Buch |
Sprache: | English |
Veröffentlicht: |
San Francisco
No Starch Press
[2019]
|
Schlagworte: | |
Online-Zugang: | Inhaltsverzeichnis |
Beschreibung: | Auf der Coverrückseite: "Shelve in: computers / security" |
Beschreibung: | xxv, 235 Seiten Illustrationen |
ISBN: | 9781593278618 1593278616 |
Internformat
MARC
LEADER | 00000nam a2200000 c 4500 | ||
---|---|---|---|
001 | BV046086518 | ||
003 | DE-604 | ||
005 | 20210119 | ||
007 | t | ||
008 | 190805s2019 a||| |||| 00||| eng d | ||
020 | |a 9781593278618 |9 978-1-59327-861-8 | ||
020 | |a 1593278616 |9 1-59327-861-6 | ||
035 | |a (OCoLC)1119011330 | ||
035 | |a (DE-599)GBV1029407738 | ||
040 | |a DE-604 |b ger |e rda | ||
041 | 0 | |a eng | |
049 | |a DE-29T |a DE-573 |a DE-11 |a DE-739 | ||
084 | |a ST 277 |0 (DE-625)143643: |2 rvk | ||
100 | 1 | |a Yaworski, Peter |e Verfasser |0 (DE-588)1217335315 |4 aut | |
245 | 1 | 0 | |a Real-world bug hunting |b a field guide to web hacking |c by Peter Yaworski |
264 | 1 | |a San Francisco |b No Starch Press |c [2019] | |
264 | 4 | |c © 2019 | |
300 | |a xxv, 235 Seiten |b Illustrationen | ||
336 | |b txt |2 rdacontent | ||
337 | |b n |2 rdamedia | ||
338 | |b nc |2 rdacarrier | ||
500 | |a Auf der Coverrückseite: "Shelve in: computers / security" | ||
650 | 0 | 7 | |a World Wide Web |0 (DE-588)4363898-3 |2 gnd |9 rswk-swf |
650 | 0 | 7 | |a Computersicherheit |0 (DE-588)4274324-2 |2 gnd |9 rswk-swf |
650 | 0 | 7 | |a Hacker |0 (DE-588)4113821-1 |2 gnd |9 rswk-swf |
650 | 0 | 7 | |a Datensicherung |0 (DE-588)4011144-1 |2 gnd |9 rswk-swf |
650 | 0 | 7 | |a Penetrationstest |0 (DE-588)4825817-9 |2 gnd |9 rswk-swf |
650 | 0 | 7 | |a Softwareschwachstelle |0 (DE-588)4752508-3 |2 gnd |9 rswk-swf |
689 | 0 | 0 | |a Softwareschwachstelle |0 (DE-588)4752508-3 |D s |
689 | 0 | |5 DE-604 | |
689 | 1 | 0 | |a Hacker |0 (DE-588)4113821-1 |D s |
689 | 1 | 1 | |a Computersicherheit |0 (DE-588)4274324-2 |D s |
689 | 1 | 2 | |a Datensicherung |0 (DE-588)4011144-1 |D s |
689 | 1 | 3 | |a Softwareschwachstelle |0 (DE-588)4752508-3 |D s |
689 | 1 | 4 | |a Penetrationstest |0 (DE-588)4825817-9 |D s |
689 | 1 | |5 DE-604 | |
689 | 2 | 0 | |a World Wide Web |0 (DE-588)4363898-3 |D s |
689 | 2 | 1 | |a Computersicherheit |0 (DE-588)4274324-2 |D s |
689 | 2 | |5 DE-604 | |
776 | 0 | 8 | |i Erscheint auch als |n Online-Ausgabe, EPUB |z 978-1-59327-862-5 |
776 | 0 | 8 | |i Erscheint auch als |n Online-Ausgabe, EPUB |z 1-59327-862-4 |
856 | 4 | 2 | |m Digitalisierung UB Passau - ADAM Catalogue Enrichment |q application/pdf |u http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=031467540&sequence=000001&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA |3 Inhaltsverzeichnis |
999 | |a oai:aleph.bib-bvb.de:BVB01-031467540 |
Datensatz im Suchindex
_version_ | 1804180380977201152 |
---|---|
adam_text | CONTENTS IN DETAIL FOREWORD by Michiel Prins and Jobert Abma xvii ACKNOWLEDGMENTS xix INTRODUCTION xxi Who Should Read This Book......................................................................................................... xxii How to Read This Book................................................................................................................... xxii What s in This Book....................................................................................................................... xxiii A Disclaimer About Hacking......................................................................................................... xxv 1 BUG BOUNTY BASICS 1 Vulnerabilities and Bug Bounties......................................................................................................2 Client and Server................................................................................................................................. 2 What Happens When You Visit a Website.................................................................................... 3 Step 1: Extracting the Domain Name............................................................................... 3 Step 2: Resolving an IP Address...................................................................................... 3 Step 3: Establishing a TCP Connection..........................................................................4 Step 4: Sending an HTTP Request....................................................................................4 Step 5: Server
Response................................................................................................... 5 Step 6: Rendering the Response...................................................................................... 6 HTTP Requests...................................................................................................................................... 7 Request Methods.................................................................................................................. 7 HTTP Is Stateless.................................................................................................................. 8 Summary..............................................................................................................................................9 2 OPEN REDIRECT 11 How Open Redirects Work.......................................................................................................... Shopify Theme Install Open Redirect........................................................................................... 12 13 Takeaways....................................................................................................................... Shopify Login Open Redirect........................................................................................................ Takeaways....................................................................................................................... HackerOne Interstitial Redirect.....................................................................................................
Takeaways....................................................................................................................... Summary........................................................................................................................................ 14 14 15 15 16 17 3 HTTP PARAMETER POLLUTION 19 Server-Side HPP................................................................................................................................. 20 Client-Side HPP................................................................................................................................. 22 HackerOne Social Sharing Buttons.................................................................................................23 Takeaways..........................................................................................................................24
Twitter Unsubscribe Notifications.............................................................................................24 Takeaways.................................................................................................................. 25 Twitter Web Intents.................................................................................................................... 25 Takeaways.................................................................................................................. 27 Summary.................................................................................................................................. 27 4 CROSS-SITE REQUEST FORGERY 29 Authentication........................................................................................................................... 30 CSRF with GET Requests...........................................................................................................31 CSRF with POST Requests........................................................................................................ 32 Defenses Against CSRF Attacks............................................................................................... 34 Shopify Twitter Disconnect........................................................................................................ 3Ó Takeaways.................................................................................................................. 37 Change Users Instacart
Zones................................................................................................. 37 Takeaways..................................................................................................................38 Badoo Full Account Takeover................................................................................................... 38 Takeaways..................................................................................................................40 Summary.................................................................................................................................. 40 5 HTML INJECTION AND CONTENT SPOOFING 41 Coinbase Comment Injection Through Character Encoding.................................................. 42 Takeaways..................................................................................................................44 HackerOne Unintended HTML Inclusion.................................................................................44 Takeaways ................................................................................................................46 HackerOne Unintended HTML Include Fix Bypass................................................................ 46 Takeaways ................................................................................................................47 Within Security Content Spoofing.............................................................................................47
Takeaways.................................................................................................................. 47 Summary...................................................................................................................................48 6 CARRIAGE RETURN LINE FEED INJECTION 49 HTTP Request Smuggling........................................................................................................... 50 v.shopify.com Response Splitting............................................................................................. 51 Takeaways.................................................................................................................. 52 Twitter HTTP Response Splitting............................................................................................... 52 Takeaways.................................................................................................................. 54 Summary................................................................................................................................... 54 7 CROSS-SITE SCRIPTING 55 Types of XSS..............................................................................................................................58 Shopify Wholesale.................................................................................................................... 61 Takeaways.................................................................................................................. 62 Shopify Currency
Formatting....................................................................................................62 Takeaways.................................................................................................................. 63 X Contents in Detail Yahool Mail Stored XSS.............. Takeaways..................... Google Image Search................ Takeaways..................... Google Tag Manager Stored XSS Takeaways..................... United Airlines XSS..................... Takeaways..................... Summary..................................... 8 TEMPLATE INJECTION Server-Side Template Injections . . . Client-Side Template Injections.... Uber AngularJS Template Injection . Takeaways........................ Uber Flask Jinja2 Template Injection Takeaways........................ Rails Dynamic Render..................... Takeaways........................ Unikrn Smarty Template Injection . . Takeaways........................ Summary........................................ 9 SQL INJECTION SQL Databases........................ Countermeasures Against SQLi Yahoo! Sports Blind SQLi Takeaways................ Uber Blind SQLi....................... Takeaways................ Drupal SQLi............................ Takeaways................ Summary................................. 63 65 65 66 66 67 67 70 70 71 72 72 73 74 74 76 76 77 78 80 80 81 82 83 84 87 87 90 90 93 93 10 SERVER-SIDE REQUEST FORGERY 95 Demonstrating the Impact of Server-Side Request Forgery..................................................96 Invoking GET vs. POST
Requests.............................................................................................97 Performing Blind SSRFs............................................................................................................. 97 Attacking Users with SSRF Responses......................................................................................98 ESEA SSRF and Querying AWS Metadata............................................................................ 98 Takeaways............................................................................................................. 100 Google Internal DNS SSRF................................................................................................ 100 Takeaways............................................................................................................. 104 Internal Port Scanning Using Webhooks............................................................................ 104 Takeaways............................................................................................................. 105 Summary............................................................................................................................. 105 Contents in Detail XI
11 Shopify Windsor Subdomain Takeover XML EXTERNAL ENTITY 107 extensible Markup Language............................................................................................... Document Type Definitions................................................................................... XML Entities........................................................... :............................................ How XXE Attacks Work...................................................................................................... Read Access to Google...................................................................................................... Takeaways............................................................................................................. Facebook XXE with Microsoft Word................................................................................... Takeaways............................................................................................................. Wikiloc XXE......................................................................................................................... Takeaways............................................................................................................. Summary.............................................................................................................................. 12 REMOTE CODE EXECUTION Executing Shell Commands................................................................................................. Executing
Functions............................................................................................................. Strategies for Escalating Remote Code Execution.............................................................. Polyvore ImageMagick........................................................................................................ Takeaways............................................................................................................. Algolia RCE on facebooksearch.algolia.com..................................................................... Takeaways............................................................................................................. RCE Through SSH............................................................................................................... Takeaways............................................................................................................. Summary.............................................................................................................................. 13 MEMORY VULNERABILITIES Buffer Overflows.................................................................................................................. Read Out of Bounds............................................................................................................. PHP ftp_genlist() Integer Overflow.....................................................................................
Takeaways............................................................................................................. Python Hotshot Module........................................................................................................ Takeaways............................................................................................................. Libcurl Read Out of Bounds................................................................................................. Takeaways............................................................................................................. Summary.............................................................................................................................. 14 SUBDOMAIN TAKEOVER Understanding Domain Names.......................................................................................... How Subdomain Takeovers Work..................................................................................... Ubiquiti Subdomain Takeover............................................................................................ Takeaways............................................................................................................. Scan.me Pointing to Zendesk............................................................................................... Takeaways............................................................................................................. XII Contents in Detail 107 108 110 Ill 112 112 112 114 115 117 117 119 119 121 122 123 125 125 127 127 128 128 129 130 133
134 134 135 135 136 136 136 139 139 140 141 142 142 142 Takeaways............................ Snapchat Fastly Takeover................... Takeaways............................ Legal Robot Takeover.......................... Takeaways............................ Uber SendGrid Mail Takeover............ Takeaways............................ Summary............................................. 15 RACE CONDITIONS Accepting a HackerOne Invite Multiple Times Takeaways........................................ Exceeding Keybase Invitation Limits.............. Takeaways........................................ HackerOne Payments Race Condition............ Takeaways........................................ Shopify Partners Race Condition................... Takeaways........................................ Summary........................................................ 16 INSECURE DIRECT OBJECT REFERENCES Finding Simple IDORs............................ Finding More Complex IDORs.............. Binary.com Privilege Escalation............ Takeaways............................... Moneybird App Creation..................... Takeaways............................... Twitter Mopub API Token Theft.............. Takeaways............................... ACME Customer Information Disclosure Takeaways............................... Summary............................................... 17 OAUTH VULNERABILITIES The OAuth Workflow...................................... Stealing Slack OAuth Tokens.......................... Takeaways........................................ Passing Authentication with
Default Passwords Takeaways........................................ Stealing Microsoft Login Tokens..................... Takeaways........................................ Swiping Facebook Official Access Tokens. . . Takeaways........................................ Summary......................................................... 142 143 143 144 144 145 145 146 147 149 150 151 152 152 153 154 154 155 156 157 158 158 159 160 160 161 161 163 163 164 165 167 168 171 171 171 172 173 174 174 175 176 Contents in Detail ХІП
18 APPLICATION LOGIC AND CONFIGURATION VULNERABILITIES 177 Bypassing Shopify Administrator Privileges....................................................................... Takeaways............................................................................................................. Bypassing Twitter Account Protections................................................................................. Takeaways.............................................................................................................. HackerOne Signal Manipulation........................................................................................ Takeaways............................................................................................................. HackerOne Incorrect S3 Bucket Permissions..................................................................... Takeaways............................................................................................................. Bypassing GitLab Two-Factor Authentication..................................................................... Takeaways............................................................................................................. Yahoo! PHP Info Disclosure................................................................................................. Takeaways............................................................................................................. HackerOne Hacktivity Voting...............................................................................................
Takeaways.............................................................................................................. Accessing PornHub s Memcache Installation..................................................................... Takeaways............................................................................................................. Summary.............................................................................................................................. 19 FINDING YOUR OWN BUG BOUNTIES 179 179 180 180 180 181 181 183 183 184 184 186 186 187 188 189 189 191 A TOOLS Web Proxies................ Subdomain Enumeration Discovery..................... Screenshotting.............. Port Scanning.............. Reconnaissance ......... Hacking Tools.............. Mobile.......................... Browser Plug-Ins............ в RESOURCES Online Training............ Bug Bounty Platforms . . Recommended Reading Video Resources......... Recommended Blogs . INDEX 209 210 211 212 212 213 213 214 215 216 217 217 219 220 222 222 225 Reconnaissance.................................................................................................................... 192 Subdomain Enumeration..................................................................................... 192 Port Scanning........................................................................................................ 193 Screenshotting...................................................................................................... 194 Content
Discovery................................................................................................. 195 Previous Bugs........................................................................................................ 196 Testing the Application........................................................................................................ 196 The Technology Stack.......................................................................................... 196 Functionality Mapping.......................................................................................... 197 Finding Vulnerabilities.......................................................................................... 198 Going Further......................................................................................................................... 200 Automating Your Work.......................................................................................... 200 Looking at Mobile Apps.......................................................................................... 200 Identifying New Fuctionality................................................................................... 201 Tracking JavaScript Files........................................................................................ 201 Paying for Access to New Functionality................................................................ 201 Learning the Technology........................................................................................201
Summary................................................................................................................................ 202 20 VULNERABILITY REPORTS 203 Read the Policy.......................................................................................................................204 Include Details; Then Include More........................................................................................ 204 Reconfirm the Vulnerability....................................................................................................205 Your Reputation.......................................................................................................................205 Show Respect for the Company.............................................................................................206 Appealing Bounty Rewards....................................................................................................207 Summary................................................................................................................................ 208 XIV Contents in Detail Contents in Detail XV
|
any_adam_object | 1 |
author | Yaworski, Peter |
author_GND | (DE-588)1217335315 |
author_facet | Yaworski, Peter |
author_role | aut |
author_sort | Yaworski, Peter |
author_variant | p y py |
building | Verbundindex |
bvnumber | BV046086518 |
classification_rvk | ST 277 |
ctrlnum | (OCoLC)1119011330 (DE-599)GBV1029407738 |
discipline | Informatik |
format | Book |
fullrecord | <?xml version="1.0" encoding="UTF-8"?><collection xmlns="http://www.loc.gov/MARC21/slim"><record><leader>02307nam a2200541 c 4500</leader><controlfield tag="001">BV046086518</controlfield><controlfield tag="003">DE-604</controlfield><controlfield tag="005">20210119 </controlfield><controlfield tag="007">t</controlfield><controlfield tag="008">190805s2019 a||| |||| 00||| eng d</controlfield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">9781593278618</subfield><subfield code="9">978-1-59327-861-8</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">1593278616</subfield><subfield code="9">1-59327-861-6</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(OCoLC)1119011330</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(DE-599)GBV1029407738</subfield></datafield><datafield tag="040" ind1=" " ind2=" "><subfield code="a">DE-604</subfield><subfield code="b">ger</subfield><subfield code="e">rda</subfield></datafield><datafield tag="041" ind1="0" ind2=" "><subfield code="a">eng</subfield></datafield><datafield tag="049" ind1=" " ind2=" "><subfield code="a">DE-29T</subfield><subfield code="a">DE-573</subfield><subfield code="a">DE-11</subfield><subfield code="a">DE-739</subfield></datafield><datafield tag="084" ind1=" " ind2=" "><subfield code="a">ST 277</subfield><subfield code="0">(DE-625)143643:</subfield><subfield code="2">rvk</subfield></datafield><datafield tag="100" ind1="1" ind2=" "><subfield code="a">Yaworski, Peter</subfield><subfield code="e">Verfasser</subfield><subfield code="0">(DE-588)1217335315</subfield><subfield code="4">aut</subfield></datafield><datafield tag="245" ind1="1" ind2="0"><subfield code="a">Real-world bug hunting</subfield><subfield code="b">a field guide to web hacking</subfield><subfield code="c">by Peter Yaworski</subfield></datafield><datafield tag="264" ind1=" " ind2="1"><subfield code="a">San Francisco</subfield><subfield code="b">No Starch Press</subfield><subfield code="c">[2019]</subfield></datafield><datafield tag="264" ind1=" " ind2="4"><subfield code="c">© 2019</subfield></datafield><datafield tag="300" ind1=" " ind2=" "><subfield code="a">xxv, 235 Seiten</subfield><subfield code="b">Illustrationen</subfield></datafield><datafield tag="336" ind1=" " ind2=" "><subfield code="b">txt</subfield><subfield code="2">rdacontent</subfield></datafield><datafield tag="337" ind1=" " ind2=" "><subfield code="b">n</subfield><subfield code="2">rdamedia</subfield></datafield><datafield tag="338" ind1=" " ind2=" "><subfield code="b">nc</subfield><subfield code="2">rdacarrier</subfield></datafield><datafield tag="500" ind1=" " ind2=" "><subfield code="a">Auf der Coverrückseite: "Shelve in: computers / security"</subfield></datafield><datafield tag="650" ind1="0" ind2="7"><subfield code="a">World Wide Web</subfield><subfield code="0">(DE-588)4363898-3</subfield><subfield code="2">gnd</subfield><subfield code="9">rswk-swf</subfield></datafield><datafield tag="650" ind1="0" ind2="7"><subfield code="a">Computersicherheit</subfield><subfield code="0">(DE-588)4274324-2</subfield><subfield code="2">gnd</subfield><subfield code="9">rswk-swf</subfield></datafield><datafield tag="650" ind1="0" ind2="7"><subfield code="a">Hacker</subfield><subfield code="0">(DE-588)4113821-1</subfield><subfield code="2">gnd</subfield><subfield code="9">rswk-swf</subfield></datafield><datafield tag="650" ind1="0" ind2="7"><subfield code="a">Datensicherung</subfield><subfield code="0">(DE-588)4011144-1</subfield><subfield code="2">gnd</subfield><subfield code="9">rswk-swf</subfield></datafield><datafield tag="650" ind1="0" ind2="7"><subfield code="a">Penetrationstest</subfield><subfield code="0">(DE-588)4825817-9</subfield><subfield code="2">gnd</subfield><subfield code="9">rswk-swf</subfield></datafield><datafield tag="650" ind1="0" ind2="7"><subfield code="a">Softwareschwachstelle</subfield><subfield code="0">(DE-588)4752508-3</subfield><subfield code="2">gnd</subfield><subfield code="9">rswk-swf</subfield></datafield><datafield tag="689" ind1="0" ind2="0"><subfield code="a">Softwareschwachstelle</subfield><subfield code="0">(DE-588)4752508-3</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="0" ind2=" "><subfield code="5">DE-604</subfield></datafield><datafield tag="689" ind1="1" ind2="0"><subfield code="a">Hacker</subfield><subfield code="0">(DE-588)4113821-1</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="1" ind2="1"><subfield code="a">Computersicherheit</subfield><subfield code="0">(DE-588)4274324-2</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="1" ind2="2"><subfield code="a">Datensicherung</subfield><subfield code="0">(DE-588)4011144-1</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="1" ind2="3"><subfield code="a">Softwareschwachstelle</subfield><subfield code="0">(DE-588)4752508-3</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="1" ind2="4"><subfield code="a">Penetrationstest</subfield><subfield code="0">(DE-588)4825817-9</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="1" ind2=" "><subfield code="5">DE-604</subfield></datafield><datafield tag="689" ind1="2" ind2="0"><subfield code="a">World Wide Web</subfield><subfield code="0">(DE-588)4363898-3</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="2" ind2="1"><subfield code="a">Computersicherheit</subfield><subfield code="0">(DE-588)4274324-2</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="2" ind2=" "><subfield code="5">DE-604</subfield></datafield><datafield tag="776" ind1="0" ind2="8"><subfield code="i">Erscheint auch als</subfield><subfield code="n">Online-Ausgabe, EPUB</subfield><subfield code="z">978-1-59327-862-5</subfield></datafield><datafield tag="776" ind1="0" ind2="8"><subfield code="i">Erscheint auch als</subfield><subfield code="n">Online-Ausgabe, EPUB</subfield><subfield code="z">1-59327-862-4</subfield></datafield><datafield tag="856" ind1="4" ind2="2"><subfield code="m">Digitalisierung UB Passau - ADAM Catalogue Enrichment</subfield><subfield code="q">application/pdf</subfield><subfield code="u">http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=031467540&sequence=000001&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA</subfield><subfield code="3">Inhaltsverzeichnis</subfield></datafield><datafield tag="999" ind1=" " ind2=" "><subfield code="a">oai:aleph.bib-bvb.de:BVB01-031467540</subfield></datafield></record></collection> |
id | DE-604.BV046086518 |
illustrated | Illustrated |
indexdate | 2024-07-10T08:34:51Z |
institution | BVB |
isbn | 9781593278618 1593278616 |
language | English |
oai_aleph_id | oai:aleph.bib-bvb.de:BVB01-031467540 |
oclc_num | 1119011330 |
open_access_boolean | |
owner | DE-29T DE-573 DE-11 DE-739 |
owner_facet | DE-29T DE-573 DE-11 DE-739 |
physical | xxv, 235 Seiten Illustrationen |
publishDate | 2019 |
publishDateSearch | 2019 |
publishDateSort | 2019 |
publisher | No Starch Press |
record_format | marc |
spelling | Yaworski, Peter Verfasser (DE-588)1217335315 aut Real-world bug hunting a field guide to web hacking by Peter Yaworski San Francisco No Starch Press [2019] © 2019 xxv, 235 Seiten Illustrationen txt rdacontent n rdamedia nc rdacarrier Auf der Coverrückseite: "Shelve in: computers / security" World Wide Web (DE-588)4363898-3 gnd rswk-swf Computersicherheit (DE-588)4274324-2 gnd rswk-swf Hacker (DE-588)4113821-1 gnd rswk-swf Datensicherung (DE-588)4011144-1 gnd rswk-swf Penetrationstest (DE-588)4825817-9 gnd rswk-swf Softwareschwachstelle (DE-588)4752508-3 gnd rswk-swf Softwareschwachstelle (DE-588)4752508-3 s DE-604 Hacker (DE-588)4113821-1 s Computersicherheit (DE-588)4274324-2 s Datensicherung (DE-588)4011144-1 s Penetrationstest (DE-588)4825817-9 s World Wide Web (DE-588)4363898-3 s Erscheint auch als Online-Ausgabe, EPUB 978-1-59327-862-5 Erscheint auch als Online-Ausgabe, EPUB 1-59327-862-4 Digitalisierung UB Passau - ADAM Catalogue Enrichment application/pdf http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=031467540&sequence=000001&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA Inhaltsverzeichnis |
spellingShingle | Yaworski, Peter Real-world bug hunting a field guide to web hacking World Wide Web (DE-588)4363898-3 gnd Computersicherheit (DE-588)4274324-2 gnd Hacker (DE-588)4113821-1 gnd Datensicherung (DE-588)4011144-1 gnd Penetrationstest (DE-588)4825817-9 gnd Softwareschwachstelle (DE-588)4752508-3 gnd |
subject_GND | (DE-588)4363898-3 (DE-588)4274324-2 (DE-588)4113821-1 (DE-588)4011144-1 (DE-588)4825817-9 (DE-588)4752508-3 |
title | Real-world bug hunting a field guide to web hacking |
title_auth | Real-world bug hunting a field guide to web hacking |
title_exact_search | Real-world bug hunting a field guide to web hacking |
title_full | Real-world bug hunting a field guide to web hacking by Peter Yaworski |
title_fullStr | Real-world bug hunting a field guide to web hacking by Peter Yaworski |
title_full_unstemmed | Real-world bug hunting a field guide to web hacking by Peter Yaworski |
title_short | Real-world bug hunting |
title_sort | real world bug hunting a field guide to web hacking |
title_sub | a field guide to web hacking |
topic | World Wide Web (DE-588)4363898-3 gnd Computersicherheit (DE-588)4274324-2 gnd Hacker (DE-588)4113821-1 gnd Datensicherung (DE-588)4011144-1 gnd Penetrationstest (DE-588)4825817-9 gnd Softwareschwachstelle (DE-588)4752508-3 gnd |
topic_facet | World Wide Web Computersicherheit Hacker Datensicherung Penetrationstest Softwareschwachstelle |
url | http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=031467540&sequence=000001&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA |
work_keys_str_mv | AT yaworskipeter realworldbughuntingafieldguidetowebhacking |