Page 224 - Hands-On Bug Hunting for Penetration Testers
P. 224
Assessment
Chapter 1
1. A growing number of companies are crowdsourcing their security auditsbboth
to cut costs internally and benefit from the greater variety of researchers,
strategies, and technologies.
2. Participating in bug bounty programs gives you valuable, practical security
experience against real production targets. It also earns you money.
3. You'll need some basic web tech skills, but also a general curiosity and
investigative desire to break things.
4. Some tool, such as Burp Suite, are workhorses that integrate multiple functions
(proxying, scanning, mapping) for maximum effect, while some are for a more
specific outcome (TRQNBQ for SQLi discovery, XGV[[ for Brute Force file
discovery, and so on) along with the single-purpose, one-off scripts that we
assemble to add extra features or glue together workflows.
5. Adding EPDVNFOU MPDBUJPO PSJHJO can ensure that we are targeting an in-
scope domain. This information also gives us a valuable insight to the developers
patching the bug.
6. Considering the impact of a vulnerability is essential to writing a compelling
attack scenario. Writing code to actually harm the application, a user, or a third-
party service is absolutely out of bounds, even if done to prove the exploit.
7. The Computer Fraud and Abuse Act governs domestic cybersecurity law as an
extension of the earlier computer fraud law. The bill was passed in no small part
to the sobering effect of the 1983 hit starring Matthew Broderick, Wargames,
which the House Committee report on the law described as "a realistic
representation of the automatic dialing and access capabilities of the personal
computer."
