- Hands-On Bug Hunting for Penetration Testers
- Joseph Marshall
- 91字
- 2021-07-16 17:53:07
Questions
- What are some differences between third-party marketplaces such as Bugcrowd and bug bounty programs offered by individual companies?
- Is it worth it to participate in programs that reward vulnerabilities with swag? Why or why not?
- What's a private bug bounty program?
- What are some resources you can use to find programs not covered in this chapter?
- What makes a site more or less attractive as a hunting ground for reward-eligible bugs?
- What is coordinated vulnerability disclosure?
- What steps can you take to minimize your legal liability during a pentesting session?
推薦閱讀
- 信息安全導(dǎo)論(在線實(shí)驗(yàn)+在線自測)
- Enterprise Cloud Security and Governance
- 數(shù)據(jù)安全實(shí)踐指南
- 網(wǎng)絡(luò)安全能力成熟度模型:原理與實(shí)踐
- 信息安全等級(jí)保護(hù)測評(píng)與整改指導(dǎo)手冊(cè)
- 情報(bào)驅(qū)動(dòng)應(yīng)急響應(yīng)
- 先進(jìn)云安全研究與實(shí)踐
- Mastering Python for Networking and Security
- 網(wǎng)絡(luò)空間安全導(dǎo)論
- Android Application Security Essentials
- Manga Studio 5 Beginner's Guide
- 黑客攻防入門
- 一本書讀透金融科技安全
- Real-World SRE
- ATT&CK與威脅獵殺實(shí)戰(zhàn)