Alguien me puede guiar en sobre como comenzar bien en eso para poder ganar dinero? Osea me pueden guiar en que es lo mas recomendable para comenzar y poder ganar dinero encontrando mi primer bug? Porfavor se los agradeceria bastante
Guiar en qué sentido. Primero has de descubrir el bug para tener algo que reportar. Las empresas conocidas tienen un programa de recompensa busca en Google si la empresa que estás evaluando aplica porque la inmensa mayoría de los bugs reportados acaban con palmadita en la espalda y sin recibir nada a cambio.
Libros:
-The Art of Software Security Assessment Identifying and Preventing Software Vulnerabilities.
-MySQL Cookbook Solutions for Database Developers and Administrators.
https://leanpub.com/ltr101-breaking-into-infosec
-HandsOn Bug Hunting for Penetration Testers.
-Security for Web Developers Using javascript, HTML, and CSS.
-Haking Workshops Web Application Hacking Advanced SQL Injection and Data Store Attacks.
-Web for Pentester By Louis Nyffenegger.
-Java Platform, Security Developer's Guide.
-Cryptography and Network Security Principles and Practices.
-Introduction to Modern Cryptography.
-Anonymity, Hacking and Cloud Computing Forensic Challenges.
-Computer Hacking, Security Testing, Penetration Testing and Basic Security.
-Google Hacking for Penetration Testers.
-Gray Hat Hacking.
-Hacking The Art of Exploitation.
-Hacking The Art of Exploitation second edition.
-Mastering Kali Linux for Advanced Penetration Testing.
-Metasploit Penetration Testing Cookbook second edition.
-The Web Application Hacker's Handbook: Discovering and Exploiting Security Flaws
-Penetration Testing a hands on introduction to hacking.
Bug Bounty Hunting Essentials: Quick-paced Guide to Help White-hat Hackers Get Through Bug Bounty Programs
-The Shellcoders Handbook. second edition.
-Wireshark Network Analysis.
- https://leanpub.com/web-hacking-101
https://www.owasp.org/index.php/OWASP_Testing_Guide_v4_Table_of_Contents
Herramientas:
http://netcat.sourceforge.net/
https://www.wireshark.org/docs/
https://fwhibbit.es/burp-suite-i-la-navaja-suiza-del-pentester
https://www.metasploit.com/
https://nmap.org/
https://github.com/subfinder/subfinder
http://blog.ironwasp.org/
https://github.com/guelfoweb/knock
https://github.com/OWASP/Amass
https://github.com/aboul3la/Sublist3r
https://github.com/michenriksen/aquatone
https://github.com/techgaun/github-dorks
https://github.com/techgaun/github-dorks/blob/master/github-dorks.txt
Links:
https://www.cvedetails.com
http://elladodelmal.blogspot.com/2009/03/serialized-sql-injection-parte-i-de-vi.html
https://www.attackflow.com/KnowledgeBase/
https://brutelogic.com.br/
https://github.com/s0md3v/MyPapers/blob/master/Bypassing-XSS-detection-mechanisms/README.md
https://www.pentestpartners.com/security-blog/lan-surfing-how-to-use-javascript-to-execute-arbitrary-code-on-routers/
https://44con.com/44con-training/code-injections-from-beginner-to-advanced-for-defenders-and-attackers/
https://www.upguard.com/articles/top-20-owasp-vulnerabilities-and-how-to-fix-them?hs_amp=true
http://www.elladodelmal.com/2010/02/robotstxt-sitemapxml.html
https://portswigger.net/web-security/xxe
https://www.netsparker.com/blog/web-security/crlf-http-header
Laboratorios, wargames y similares:
- https://xss-game.appspot.com
- https://xss-quiz.int21h.jp/
- warzone.elhacker.net
- hackthissite
Sitios para bug hunting:
https://www.bugcrowd.com/
https://www.hackerone.com/
https://www.zerocopter.com/
https://www.synack.com/
https://cobalt.io/
https://www.yeswehack.com/
https://www.intigriti.com/
https://www.vulnerability-lab.com/
Buscando la responsible disclosure policy de un sitio.
https://bugbountyguide.com/hunters/proof-of-concepts.html
Cita de: string Manolo en 6 Septiembre 2019, 16:01 PM
Libros:
-The Art of Software Security Assessment Identifying and Preventing Software Vulnerabilities.
-MySQL Cookbook Solutions for Database Developers and Administrators.
https://leanpub.com/ltr101-breaking-into-infosec
-HandsOn Bug Hunting for Penetration Testers.
-Security for Web Developers Using javascript, HTML, and CSS.
-Haking Workshops Web Application Hacking Advanced SQL Injection and Data Store Attacks.
-Web for Pentester By Louis Nyffenegger.
-Java Platform, Security Developer's Guide.
-Cryptography and Network Security Principles and Practices.
-Introduction to Modern Cryptography.
-Anonymity, Hacking and Cloud Computing Forensic Challenges.
-Computer Hacking, Security Testing, Penetration Testing and Basic Security.
-Google Hacking for Penetration Testers.
-Gray Hat Hacking.
-Hacking The Art of Exploitation.
-Hacking The Art of Exploitation second edition.
-Mastering Kali Linux for Advanced Penetration Testing.
-Metasploit Penetration Testing Cookbook second edition.
-The Web Application Hacker's Handbook: Discovering and Exploiting Security Flaws
-Penetration Testing a hands on introduction to hacking.
Bug Bounty Hunting Essentials: Quick-paced Guide to Help White-hat Hackers Get Through Bug Bounty Programs
-The Shellcoders Handbook. second edition.
-Wireshark Network Analysis.
- https://leanpub.com/web-hacking-101
https://www.owasp.org/index.php/OWASP_Testing_Guide_v4_Table_of_Contents
Herramientas:
http://netcat.sourceforge.net/
https://www.wireshark.org/docs/
https://fwhibbit.es/burp-suite-i-la-navaja-suiza-del-pentester
https://www.metasploit.com/
https://nmap.org/
https://github.com/subfinder/subfinder
http://blog.ironwasp.org/
https://github.com/guelfoweb/knock
https://github.com/OWASP/Amass
https://github.com/aboul3la/Sublist3r
https://github.com/michenriksen/aquatone
https://github.com/techgaun/github-dorks
https://github.com/techgaun/github-dorks/blob/master/github-dorks.txt
Links:
https://www.cvedetails.com
http://elladodelmal.blogspot.com/2009/03/serialized-sql-injection-parte-i-de-vi.html
https://www.attackflow.com/KnowledgeBase/
https://brutelogic.com.br/
https://github.com/s0md3v/MyPapers/blob/master/Bypassing-XSS-detection-mechanisms/README.md
https://www.pentestpartners.com/security-blog/lan-surfing-how-to-use-javascript-to-execute-arbitrary-code-on-routers/
https://44con.com/44con-training/code-injections-from-beginner-to-advanced-for-defenders-and-attackers/
https://www.upguard.com/articles/top-20-owasp-vulnerabilities-and-how-to-fix-them?hs_amp=true
http://www.elladodelmal.com/2010/02/robotstxt-sitemapxml.html
https://portswigger.net/web-security/xxe
https://www.netsparker.com/blog/web-security/crlf-http-header
Laboratorios, wargames y similares:
- https://xss-game.appspot.com
- https://xss-quiz.int21h.jp/
- warzone.elhacker.net
- hackthissite
Sitios para bug hunting:
https://www.bugcrowd.com/
https://www.hackerone.com/
https://www.zerocopter.com/
https://www.synack.com/
https://cobalt.io/
https://www.yeswehack.com/
https://www.intigriti.com/
https://www.vulnerability-lab.com/
Buscando la responsible disclosure policy de un sitio.
https://bugbountyguide.com/hunters/proof-of-concepts.html
Gracias, sos un angel de Dios, voy a leerlo todo
Cita de: kub0x en 6 Septiembre 2019, 10:47 AM
Guiar en qué sentido. Primero has de descubrir el bug para tener algo que reportar. Las empresas conocidas tienen un programa de recompensa busca en Google si la empresa que estás evaluando aplica porque la inmensa mayoría de los bugs reportados acaban con palmadita en la espalda y sin recibir nada a cambio.
Las empresas que salen en hackerone te pagan por eso
Cita de: Lino Romero en 6 Septiembre 2019, 19:31 PM
Las empresas que salen en hackerone te pagan por eso
As of July 2018, HackerOne's network consisted of approximately 200,000 researchers, had resolved 72,000 vulnerabilities across over 1,000 customer programs, and had paid $31 million in bounties.
Depende del bug que reportes. Yo reporté varios y nunca me dieron nada. Por los que se paga suele ser solo por los de seguridad. Yo por ejemplo encontré muchos bugs en juegos con los cuales me ponía en el leaderboard pero como no comprometían la seguridad de los usuarios de ninguna forma...