Corporate Cybersecurity. John Jackson
Чтение книги онлайн.
Читать онлайн книгу Corporate Cybersecurity - John Jackson страница 3
1 Chapter 6Figure 6.1 Bugcrowd “Start now” button.Figure 6.2 Bugcrowd: selection “Bug Bounty Program”.Figure 6.3 Selecting the program name on Bugcrowd.Figure 6.4 Adding targets to test on Bugcrowd.Figure 6.5 Adding a target to Bugcrowd.Figure 6.6 Adding reward ranges by severity on Bugcrowd.Figure 6.7 Identify goals and concerns on Bugcrowd.Figure 6.8 Select researcher activities, environments,...Figure 6.9 Upload your company’s logo and create a...Figure 6.10 Vulnerability tasking tabs.Figure 6.11 Bugcrowd documentation.Figure 6.12 Program dropdown menu.Figure 6.13 Crowd control navbar.Figure 6.14 Vulnerability submissions panel.Figure 6.15 Program participants tab.Figure 6.16 Program invitations tab.Figure 6.17 Program rewards dashboard.Figure 6.18 Insights dashboard: technical severity chart.Figure 6.19 Insights dashboard: target breakdown.Figure 6.20 Insights dashboard: performance.Figure 6.21 Program brief settings.Figure 6.22 Scope details.0Figure 6.23 Profile dropdown menu.Figure 6.24 Targets tab.Figure 6.25 Program dropdown menu.Figure 6.26 Add group” button.Figure 6.27 Description of an asset group.Figure 6.28 Target groups.Figure 6.29 Target group rewards.Figure 6.30 Target group listings.Figure 6.31 Integrating various tools to help with report management.Figure 6.32 Announcements option.Figure 6.33 New announcement option.Figure 6.34 Manage team option.Figure 6.35 Invite a team member option.Figure 6.36 Data fields option.Figure 6.37 CVSS v3 option.Figure 6.38 Remediation advice option.Figure 6.39 Retesting option.Figure 6.40 Markdown embedded attachments option.Figure 6.41 Profile and enterprise sidebar.Figure 6.42 Profile option.Figure 6.43 Security option.Figure 6.44 Events option.Figure 6.45 Two-factor authentication option.Figure 6.46 Notifications settings option.Figure 6.47 API credentials option.Figure 6.48 Single sign-on option.Figure 6.49 Unverified domains option.Figure 6.50 Activity summary.Figure 6.51 Submit deposit request option.Figure 6.52 Transfer funds option.Figure 6.53 Program balances option.Figure 6.54 Program settings option.Figure 6.55 Miscellaneous program options.Figure 6.56 Security page function.Figure 6.57 HackerOne product editions.Figure 6.58 Single sign-on with SAML.Figure 6.59 Domain verification example.Figure 6.60 Credential management tab.Figure 6.61 Group management options.Figure 6.62 Group management options.Figure 6.63 Adding users option.Figure 6.64 Audit log option.Figure 6.65 Overview of bounties and fees.Figure 6.66 Adding assets.Figure 6.67 The CIA triad.Figure 6.68 Submit report form option.Figure 6.69 Customizing the report form.Figure 6.70 Response targets option.Figure 6.71 Metrics display option.Figure 6.72 Setting email notifications.Figure 6.73 Inbox views option.Figure 6.74 Disclosure option.Figure 6.75 Invitations option.Figure 6.76 Public launch option.Figure 6.77 Submission requirements option.Figure 6.78 Messaging hackers option.Figure 6.79 Email forwarding function.Figure 6.80 Embedded submission configuration.Figure 6.81 Bounties option.Figure 6.82 Common reponses option.Figure 6.83 Add common response option.Figure 6.84 Edit common response option.Figure 6.85 Default common responses option.Figure 6.86 Create triggers option.Figure 6.87 Hackbot settings option.Figure 6.88 Export reports option.Figure 6.89 Reporting inbox vulnerabilities.Figure 6.90 Example report.Figure 6.91 Timeline option.
2 Chapter 11Figure 11.1 Shodan Browser Search.Figure 11.2 Shodan Search Bar.Figure 11.3 Generating Results.Figure 11.4 Shodan Asset Analysis.Figure 11.5 Shodan Services Analysis.Figure 11.6 Google Search Results.Figure 11.7 Amass Scanning for Subdomains.Figure 11.8 Subdomains in Nano.Figure 11.9 Subdomain Enumeration with crt.sh.Figure 11.10 nmapAutomator Scanning Information.Figure 11.11 nmapAutomator Performing Full Scan of Asset.Figure 11.12 nmapAutomator Results.Figure 11.13 Sn1per Running Metasploit Modules.Figure 11.14 Sn1per Running Nmap Scripts.Figure 11.15 Setting up an Automated Scan in OWASP ZAP.Figure 11.16 OWASP ZAP Scan Results.Figure 11.17 OWASP ZAP Potential Vulnerability Result.Figure 11.18 XSS Attack Performed.Figure 11.19 Dalfox Available Command.Figure 11.20 Dalfox Identifying an XSS Instance.Figure 11.21 XSS Attack.Figure 11.22 Dirsearch Finding Folders.
Guide
1 Cover
4 Table of Contents
5 Foreword
8 Index
Pages
1 i
2 ii
3 iii
4 iv
5 v
6 vi
7 vii
8 viii
9 ix
10 x
11 xi
12 xii
13 xiii
14 xiv
15 xv
16 1
17 2
18 3
19 4
20
5