Chapter 1: Let the Hunt Begin! Chapter Goal: This chapter will showcase how to implement an offensive approach to hunt bugs. And what type of tools are required? No of pages: 10 Sub -Topics 1. Why hunt bugs? 2. Introducing Burp Suite 3. Introducing other tools Chapter 2: Setting up Your Virtual Lab Chapter Goal: This chapter will guide readers with the goal to set up the virtual labs. No of pages: 10 Sub - Topics 1. Why we need Virtual Box 2. Introduction to Kali Linux - the hacker''s operating system 3.

What type of tools are available in Kali Chapter 3: Injecting Request Forgery Chapter Goal: Readers will learn to create and manage request forgery on any web page. No of pages: 10 Sub - Topics: 1. What is Request Forgery (CSRF) 2. Mission Critical Injection of CSRF 3. How to discover CSRF on any application Chapter 4: Cross Site Scripting (XSS) Exploitation Chapter Goal: This chapter will talk, comprehensively, about one of the most challenging tasks of any web application - to resist Cross Site Scripting or XSS Attacks. No of pages: 15 Sub - Topics: 1. What is XSS 2. How we can exploit through XSS 3.

How we can discover any XSS attack Chapter 5: Header Injection and URL Redirection Chapter Goal: This chapter will discuss header injection, cache poisoning, and URL redirection. No of pages: 15 Sub - Topics: 1. What is header injection and how it is related to URL redirection 2. How Cross Site Scripting is done through Header Injection 3. How to discover header has been injected 4. How to find URL redirection vulnerabilities Chapter 6: Uploading Malicious Files Chapter Goal: Readers will learn about malicious file uploading and take forward bug bounty hunting. No of pages: 10 Sub - Topics: 1. How to upload malicious files to own a system 2.

What is defacement? 3. How to automate this attack? Chapter 7: Poisoning Sender Policy Framework (SPF) Chapter Goal: This chapter will cover basic and advanced technique to test SPF and exploit it. No of pages: 10 Sub - Topics: 1. Is there insufficient SPF records 2. How to exploit SPF 3. How to find the vulnerabilities and test it Chapter 8: Injecting Unintended XML Chapter Goal: Readers will learn about injecting unintended XML into any application. No of pages: 10 Sub - Topics: 1. What is XML injection 2.

How to perform XML injection in Virtual Lab 3. How to fetch System Configuration Files Chapter 9: Command Injection Chapter Goal: Readers will learn how an operating system falls prey to injected command and how attackers feed on those vulnerabilities. No of pages: 10 Sub - Topics: 1. What is command injection 2. How to inject malicious commands 3. How to exploit command injection Chapter 10: Exploiting HTML and SQL Injection Chapter Goal: This chapter will teach readers the different attack vectors used to exploit HTML and SQL injection. No of pages: 20 Sub - Topics: 1. What are HTML and SQL injection 2.

How to find and exploit HTML injection 3. What are the header and cookie-based SQL injection 4. How to bypass authentication by SQLI 5. How to automate SQLI Appendix: Further Reading Chapter Goal: This section will show readers additional new features of bug hunting and how to exploit them. No of pages: 10 Sub - Topics: 1. What tools can be used alongside Burp Suite 2. How source code disclosure helps information gathering 3. What could be the next challenges to hunt bugs.