Buy new:

$27.35

List Price: $39.95

Save: $12.60 (32%)

$3.99 delivery December 19 - 27. Details

May arrive after Christmas. Need a gift sooner? Send an Amazon Gift Card instantly by email or text message.

Select delivery location

In stock
Usually ships within 3 to 4 days.

$$27.35 () Includes selected options. Includes initial monthly payment and selected options. Details

Ships from

allnewbooks

Ships from

allnewbooks

Sold by

allnewbooks

Sold by

allnewbooks

Returns

Returnable until Jan 31, 2024

Returns

Returnable until Jan 31, 2024

For the 2023 holiday season, eligible items purchased between November 1 and December 31, 2023 can be returned until January 31, 2024

Read full return policy

Payment

Secure transaction

Payment

Secure transaction

We work hard to protect your security and privacy. Our payment security system encrypts your information during transmission. We don’t share your credit card details with third-party sellers, and we don’t sell your information to others. Learn more

Details

Other Sellers on Amazon

Added

Not added

$28.57
FREE Shipping on orders over $35.00 shipped by Amazon.

Sold by: Amazon.com

Added

Not added

$26.71
+ $4.00 shipping

Sold by: V-King

Added

Not added

$37.28
& FREE Shipping

Sold by: GrandEagleRetail

Follow the author

Peter Yaworski

Follow

Real-World Bug Hunting: A Field Guide to Web Hacking Paperback – July 9, 2019

by Peter Yaworski (Author)

4.7 214 ratings

See all formats and editions

Price

New from

Used from

Kindle

"Please retry"

$23.99

—

Paperback

"Please retry"

$27.35

$24.55

$16.91

Kindle
$23.99 Read with our free app
Paperback
$27.35

16 Used from $16.91 26 New from $24.55

{"desktop_buybox_group_1":[{"displayPrice":"$27.35","priceAmount":27.35,"currencySymbol":"$","integerValue":"27","decimalSeparator":".","fractionalValue":"35","symbolPosition":"left","hasSpace":false,"showFractionalPartIfEmpty":true,"offerListingId":"H49rdumv%2BUICARnAQUw30hpb9adcXebEUYX9%2BQ0uhzyxPqtzEIojCdZ%2FPQBjP2ykdigFmO1aNPx6NUcAH1NKxHb4%2Ff0vH3mEm%2BupLMICROC1ejxrNSnjcZ3015elStW1xBpEbyxLFnTqhhnvahL1Q21RV9MQSezYco6bflIUnyxKdrWn1FFIZg%3D%3D","locale":"en-US","buyingOptionType":"NEW","aapiBuyingOptionIndex":0}]}

Purchase options and add-ons

Learn how people break websites and how you can, too.

Real-World Bug Hunting is the premier field guide to finding software bugs. Whether you're a cyber-security beginner who wants to make the internet safer or a seasoned developer who wants to write secure code, ethical hacker Peter Yaworski will show you how it's done.

You'll learn about the most common types of bugs like cross-site scripting, insecure direct object references, and server-side request forgery. Using real-life case studies of rewarded vulnerabilities from applications like Twitter, Facebook, Google, and Uber, you'll see how hackers manage to invoke race conditions while transferring money, use URL parameter to cause users to like unintended tweets, and more.

Each chapter introduces a vulnerability type accompanied by a series of actual reported bug bounties. The book's collection of tales from the field will teach you how attackers trick users into giving away their sensitive information and how sites may reveal their vulnerabilities to savvy users. You'll even learn how you could turn your challenging new hobby into a successful career. You'll learn:

How the internet works and basic web hacking concepts
How attackers compromise websites
How to identify functionality commonly associated with vulnerabilities
How to find bug bounty programs and submit effective vulnerability reports

Real-World Bug Hunting is a fascinating soup-to-nuts primer on web security vulnerabilities, filled with stories from the trenches and practical wisdom. With your new understanding of site security and weaknesses, you can help make the web a safer place--and profit while you're at it.

Length

264
Pages
Language

EN
English
Publisher

No Starch Press
Publication date

2019
July 9
Dimensions

7.0 x 0.7 x 9.1
inches
ISBN-10

1593278616
ISBN-13

978-1593278618
See all details

Frequently bought together

Real-World Bug Hunting: A Field Guide to Web Hacking

$27.35

Get it Dec 19 - 27

In stock

Usually ships within 3 to 4 days.

Ships from and sold by allnewbooks.

+

Bug Bounty Bootcamp: The Guide to Finding and Reporting Web Vulnerabilities

$35.16

Get it as soon as Thursday, Dec 14

In Stock

Ships from and sold by Amazon.com.

+

The Web Application Hacker's Handbook: Finding and Exploiting Security Flaws

$32.46

Get it as soon as Friday, Dec 15

Only 8 left in stock (more on the way).

Ships from and sold by Amazon.com.

Total price:

To see our price, add these items to your cart.

Try again!

Details

Added to Cart

Some of these items ship sooner than the others.

Show details Hide details

Choose items to buy together.

Vickie Li
194
Paperback
in Computer Programming Debugging
1 offer from $35.16
Dafydd Stuttard
977
Paperback
1 offer from $32.46
Jon Erickson
1,388
Paperback
71 offers from $10.00
OccupyTheWeb
2,132
Paperback
40 offers from $15.47
Daniel G. Graham
151
Paperback
29 offers from $30.41
Master OccupytheWeb
169
Paperback
5 offers from $40.62

Editorial Reviews

Review

"I am quite sure that [this book is] going to be one of the most recommended books for web app pen-testing. If it is not already."
—Sudo Realm

"A brilliant resource for anyone who aspires to be a professional bug hunter."
—Dana Epp, Security Boulevard

About the Author

Peter Yaworski is a self-taught developer and ethical hacker who began building websites exclusively with Drupal. Since then, he has expanded his interest to Rails, Android app development, and software security, while producing over 100 video tutorials and interviews on YouTube covering ethical hacking, web development, and Android to help teach others what he's learned. Peter continues to be an active bug bounty participant with thanks from Shopify, HackerOne, Salesforce, Twitter, Starbucks and the US Department of Defense among others.

Product details

Publisher ‏ : ‎ No Starch Press; Illustrated edition (July 9, 2019)
Language ‏ : ‎ English
Paperback ‏ : ‎ 264 pages
ISBN-10 ‏ : ‎ 1593278616
ISBN-13 ‏ : ‎ 978-1593278618
Item Weight ‏ : ‎ 1.15 pounds
Dimensions ‏ : ‎ 7 x 0.7 x 9.1 inches

Best Sellers Rank: #407,825 in Books (See Top 100 in Books)
- #6 in Computer Programming Debugging
- #234 in Computer Hacking
- #245 in Computer Network Security

Customer Reviews:
4.7 214 ratings

Brief content visible, double tap to read full content.

Full content visible, double tap to read brief content.

Videos

Help others learn more about this product by uploading a video!

Upload your video

Important information

To report an issue with this product, click here.

About the author

Follow authors to get new release updates, plus improved recommendations.

Peter Yaworski

Brief content visible, double tap to read full content.

Full content visible, double tap to read brief content.

...

Customer reviews

4.7 out of 5

214 global ratings

How customer reviews and ratings work

Reviews with images

See all photos

Sort reviews by

Top reviews from the United States

There was a problem filtering reviews right now. Please try again later.

none ya

Unleashing the Bug Hunting Adventure: Your Field Guide to Real-World Web Hacking

Reviewed in the United States on July 8, 2023

Verified Purchase

Embark on an exhilarating bug hunting adventure with this immersive field guide. Discover the secrets of real-world web hacking as you navigate the dynamic landscape of cybersecurity. From identifying vulnerabilities to exploiting security flaws, this book equips you with the skills and knowledge needed to become a proficient bug hunter. Prepare to delve into the depths of the digital realm and uncover the hidden vulnerabilities that lurk beneath the surface. Join the ranks of elite ethical hackers with Real-World Bug Hunting as your trusted guide.

Reviewed in the United States on July 30, 2019

Verified Purchase

I have read Peter's Web Hacking 101 book and was amazed at the level of detail found within. As soon as I saw this book was announced, I pre-ordered and have been nothing but happy. Peter has a great way of breaking down each bug into a level of understanding that is good for beginners, but also deep enough to where intermediate bug hunters can still pick up different concepts and skills. Overall, I would highly recommend this to anyone just starting in bug bounty hunting / web app pentesting or wanting to expand on existing knowledge in web app pentesting and bounty hunting. Thanks for your hard work and for another great book, Peter!

9 people found this helpful

Helpful

Dani

Worth it

Reviewed in the United States on September 26, 2019

Verified Purchase

Excellent book for beginners. Although I was looking for a more advanced book, this one was recommended by a couple of colleagues. Definitely worth the read if you’re a beginner to bug bounty / security research.

2 people found this helpful

Helpful

Mesho

one if not the only best new web-hacking book

Reviewed in the United States on July 23, 2019

Verified Purchase

I have been looked at many new web-hacking books recently which cover the assessment of web application and the bug-class types related to web application, most of the books are not well organized or missing critical information, this book with a short page numbers explain it well with a real-world examples without any non-useful additional unneeded information, will for sure recommend to anyone looking to be a bug-hunter or want to study the recent attacks against web application

5 people found this helpful

Helpful

B.A

Love it, good quality, No Starch Press is the best

Reviewed in the United States on July 14, 2019

Verified Purchase

The book showed up in perfect condition, not a single scratch/bent corner/creased page. Simply PERFECT. The knowledge contained in this book is ESSENTIAL. I recommend this text for everyone from people with zero knowledge of Cybersecurity, to script kiddies, all the way up to well-versed professionals.

7 people found this helpful

Helpful

Abdallah El.Damiry

Amazing Book go and get it

Reviewed in the United States on February 26, 2020

Verified Purchase

Actually I liked the whole book . It’s like treasure of knowledge and I have to admit it, I have learned a-lot from you Mr Peter Yaworski (Special thanks from Abdallah El Damiry)

Helpful

Antonio Aguilar

A solid book full of real world examples

Reviewed in the United States on March 11, 2020

Verified Purchase

This was the book I was looking for to build my web application penetration testing skills. This book is filled with real world examples and the technical explanations behind them.

3 people found this helpful

Helpful

Chevon P.

BEST BUG BOUNTY BOOK FOR 2019

Reviewed in the United States on August 23, 2019

Verified Purchase

All I have to say is wow. Very straight to the point. Great job on this book. And keep up the good work.

4 people found this helpful

Helpful

Top reviews from other countries

Tanishq Shah

This is actually great

Reviewed in India on July 18, 2023

Verified Purchase

Must read

Brent

Amazing

Reviewed in Canada on May 31, 2022

Verified Purchase

Great book to help find security flaws.

Dip Mondal

One of the first book for beginners

Reviewed in India on July 26, 2022

Verified Purchase

Book quality is very good 👍
It's really suitable for beginners.
It explains most of the vulnerability in very easy way.
And at the Last of every vulnerability it gives a takeaway, that's really makes a difference.

but one pro tip
read the web hacking 101 it's the same type of book written by the same author peter yaworski. and it's free.

One person found this helpful

Amazon Customer

Amazing Book

Reviewed in the United Kingdom on December 6, 2019

Verified Purchase

Amazing book. Totally recommend it for beginners in Bug Hunting, and also security in general. An experienced specialist can also benefit from reading this book.

One person found this helpful

C. Braam

Not very practical

Reviewed in the United Kingdom on September 15, 2021

Verified Purchase

A bit disappointed, this ebook is full of the stories, but none of the exercise detail I was looking for. It's not a learning resource at all, it assumes you are already hacking. It also lacks any setting up detail to allow someone to simulate/practice the basic techniques described. Educational, sure, loads of theory gets covered, and terminology is very easy to grasp as you go. And yes, there is a lot of security language to learn.

See more reviews

Buy new:

$27.35

Other Sellers on Amazon

Image Unavailable

Follow the author

Real-World Bug Hunting: A Field Guide to Web Hacking Paperback – July 9, 2019

Purchase options and add-ons

Frequently bought together

Similar items that may ship from close to you

Editorial Reviews

Review

About the Author

Product details

Videos

Important information

About the author

Peter Yaworski

Customer reviews

Reviews with images

Sorry, there was an error

Top reviews from the United States

There was a problem filtering reviews right now. Please try again later.

Top reviews from other countries

Buy new: $27.35

Other Sellers on Amazon

Follow the author

Real-World Bug Hunting: A Field Guide to Web Hacking Paperback – July 9, 2019

Purchase options and add-ons

Frequently bought together

Similar items that may ship from close to you

Editorial Reviews

Review

About the Author

Product details

Videos

Important information

About the author

Peter Yaworski

Customer reviews

Reviews with images

Submit a report

Sorry, there was an error

Top reviews from the United States

There was a problem filtering reviews right now. Please try again later.

Top reviews from other countries

Buy new:

$27.35