The vulnerability researcher's handbook the comprehensive guide for discovering, reporting, and publishing security vulnerabilities
Learn the right way to discover, report, and publish security vulnerabilities to prevent exploitation of user systems and reap the rewards of receiving credit for your work Key Features Build successful strategies for planning and executing zero-day vulnerability research Find the best ways to discl...
| Otros Autores: | |
|---|---|
| Formato: | Libro electrónico |
| Idioma: | Inglés |
| Publicado: |
Birmingham ; Mumbai :
Packt Publishing
[2023]
|
| Edición: | 1st ed |
| Materias: | |
| Ver en Biblioteca Universitat Ramon Llull: | https://discovery.url.edu/permalink/34CSUC_URL/1im36ta/alma991009720740206719 |
Tabla de Contenidos:
- Cover
- Title Page
- Copyright and Credits
- Dedication
- Contributors
- Disclaimer
- Table of Contents
- Preface
- Part 1- Vulnerability Research Fundamentals
- Chapter 1: An Introduction to Vulnerabilities
- Introducing software vulnerabilities
- The CIA Triad
- Organizing impacts
- Getting familiar with software vulnerability scanners
- Common vulnerability scanning tools
- Exploring common types of software vulnerabilities
- Web applications
- Client-server applications
- Inspecting the software vulnerability life cycle
- Inception
- Discovery
- Exploitation and remediation
- Deprecation
- Summary
- Further reading
- Chapter 2: Exploring Real-World Impacts of Zero-Days
- Zero-days - what are they?
- Zero-day vulnerability
- Zero-day attack
- An analogy of zero-day terminology
- Exploring zero-day case studies
- Pulse - CVE-2019-11510
- Confluence - CVE-2021-26084
- Microsoft .NET CVE-2017-8759
- Citrix - CVE-2019-19781
- Considering zero-day ethics
- Researcher responsibility
- Vendor responsibility
- Summary
- Further reading
- Chapter 3: Vulnerability Research - Getting Started with Successful Strategies
- Technical requirements
- What is vulnerability research?
- Conducting research
- Selecting research targets
- Finding targets that interest you
- Likely vulnerable and downloadable software
- Exploring vulnerabilities with test cases
- Test cases - a primer
- Building effective test suites
- Writing your own test cases
- Introducing common research tools
- Note-taking, screenshot, and screen recording tools
- Hypervisors and virtual machines
- Web application proxies
- Debuggers and decompilers
- Summary
- Further reading
- Part 2 - Vulnerability Disclosure, Publishing, and Reporting
- Chapter 4: Vulnerability Disclosure - Communicating Security Findings.
- Vulnerability disclosure - what and why
- What is vulnerability disclosure?
- Why is vulnerability disclosure important?
- Different types of disclosures
- Bug bounties and coordinated disclosure
- Initiating disclosure
- What happens after disclosure?
- Sample disclosure template
- Approaching common challenges
- Duplication of efforts
- Unresponsive vendors
- Uncooperative vendors
- Failed vendors
- Hostile vendors
- Summary
- Further reading
- Chapter 5: Vulnerability Publishing -Getting Your Work Published in Databases
- Demystifying vulnerability publishing
- Why publish vulnerabilities?
- What are some of the risks involved in vulnerability publishing?
- Selecting the right vulnerability publishing method
- CVE
- CVE CNA intermediates
- Ineligible application publication options
- Exploitation databases
- Practical vulnerability publishing examples
- A CNA-sponsored CVE
- A CNA-LR-sponsored CVE
- CNA intermediate sponsored CVE
- Summary
- Further reading
- Chapter 6: Vulnerability Mediation - When Things Go Wrong and Who Can Help
- The basics of vulnerability mediation
- What is vulnerability mediation?
- Types of mediators
- When to consider mediation services
- Benefits of vulnerability mediation
- Resolving disputes through vulnerability mediation
- The vulnerability mediation process
- Mediator resources
- The CERT/CC
- The US-CERT
- The Industrial Control Systems Cyber Emergency Response Team (ICS-CERT)
- Other CERT organizations
- Bug bounty programs
- Legal support
- Other mediation options
- Summary
- Chapter 7: Independent Vulnerability Publishing
- Independent disclosures and their place in a vulnerability life cycle
- The benefits of independent publishing
- Risks of independent publishing
- How to independently publish while avoiding risks.
- Avoiding the common risks in publishing
- How to independently publish a vulnerability
- A before-you-publish checklist
- Summary
- Additional reading
- Part 3 - Case Studies, Researcher Resources, and Vendor Resources
- Chapter 8: Real-World Case Studies - Digging into Successful (and Unsuccessful) Research Reporting
- Case study 1 - are we there yet?
- Lessons learned
- Possible improvements
- Case study 2 - contract clause
- Lessons learned
- Possible improvements
- Case study 3 - tough customers
- Lessons learned
- Possible improvements
- Case study 4 - large corporations and you
- Lessons learned
- Possible improvements
- Case study 5 - I'd like to speak to your manager
- Lessons learned
- Possible improvements
- Summary
- Chapter 9: Working with Security Researchers - A Vendor's Guide
- What is a security researcher?
- The characteristics of a researcher
- The skillset of a researcher
- The motivations of a researcher
- Harnessing researcher resources
- Building trust and collaboration with researchers
- Avoiding common relationship missteps
- Building positive vendor-researcher relations
- Crafting a responsible disclosure policy
- An example policy - Acme Logistics' responsible disclosure policy
- Summary
- Chapter 10: Templates, Resources, and Final Guidance
- Research test case templates
- Vendor communication email templates
- An introduction email for a company with no security disclosure policy
- Sample disclosure template with security policy
- Attempting to reinitialize communication
- Notification of pending publication with an unresponsive vendor
- CVE templates
- CVE reservation template
- CVE disclosure template
- Organizational templates
- Workspace
- Research to disclosure
- Summary and final words
- Further reading
- Index
- About Packt
- Other Books You May Enjoy.
