Page 14 - Hands-On Bug Hunting for Penetration Testers
P. 14
Table of Contents
Rate-Limiting 195
Summary 195
Questions 195
Further Reading 196
Chapter 13: Going Further 197
Blogs 197
The SANS Institute 197
Bugcrowd 198
Darknet 198
HighOn.Coffee 198
Zero Day Blog 198
SANS AppSec Blog 199
Courses 199
Penetration Testing With Kali Linux 199
The Infosec Institute Coursework 199
Udemy Penetration Testing Classes 200
Terminology 200
Attack Scenario 200
Attack Surface 200
Black Box Testing 201
Bugs 201
Bug Bounty Programs 201
CORS 201
Data Exfiltration 202
Data Sanitation 202
Data Leakage 202
Exploit 202
Fingerprinting 203
Fuzzing 203
Google Dorks 203
Known Component Vulnerabilities 203
OSINT 203
Passive Versus Active Scanning 204
Payload 204
Proof-of-Concept (PoC) 204
Rules of Engagement (RoE) 204
Red Team 204
Remote Code Execution (RCE) 205
Safe Harbor 205
Scope 205
Security Posture 205
Single-Origin Policy 206
Submission Report 206
Vulnerability 206
White Box Testing 206
[ vii ]
