Overview of this course:
Website Hacking/Penetration Testing & Bug Bounty Hunting is one of the most popular courses on Udemy for bounty hunting and website penetration. The course is developed by Mr. AYUSH SHUKLA, Ethical Hacker, and Cybersecurity Expert. The bug bounty hunting course teaches learners on the various concepts and hacking tools in a highly practical manner.
Even those who have no prior knowledge on ethical hacking can enrol this course, and learn enough fundamentals by the end of the course to hack & discover bugs in websites, and secure them like security experts.
The course is split into a number of segments; each segment comprises topics such as discovering, exploiting and preventing common web application vulnerabilities. Students then receive advanced techniques to bypass security, escalate privileges, access the database, and even utilise the hacked websites to penetrate other websites on the same server. All of the vulnerabilities included in the course are very prevalent in bug bounty programs and are included in OWASP Top 10.
✅You will get to know about the Bug Bounty Hunting rewards such as Hall of Fame, Reward Money, Reputation, and Appreciation.
✅Understanding a web application and its working process.
✅Learn to find vulnerabilities in a website and its exploitation.
✅Documenting the bug and reporting it to the website.
✅You’ll be able to participate in bug bounty programs for ethical hackers.
✅Live POCs of websites are included.
1.Introduction to Bug Bounty
What is a Bug Bounty Program?
Popular Bug Bounty Platforms
Benefits of Bug Bounty
Brief About Common Vulnerabilities
2.Information Gathering basics
What is Information Gathering?
Concept of Digital Footprinting
What Information to gather?
What is Whois Information
Information gathering about People & Organization
Gathering Information about Websites
Google Dorking & GHDB
3.Setting up labs
DVWA Introduction & Configuration
bWAPP Introduction & Configuration
4.Introduction to Burp suite
Introduction to Burp Suite
Steps to Configure (Demo)
Introduction to SQL
Writing Basic SQL Query
Different types of comments used in SQL
SQLi Introduction & Impact
Union Based SQLi (Demo)
Boolean Based SQli
Time Based SQLi
6.Web Applications Attacks
Validation Bypass (Client and Server)
IDOR on bWAPP
Rate Limiting Flaw
File Upload Vulnerability
File Upload on DVWA
Live IDOR POC
Live Rate Limiting Flaw POC
7.Cross Site Script
What Is Cross Site Scripting(XSS)?
Stored XSS (DVWA)
Reflected XSS (DVWA)
DOM based XSS
Live XSS POC
8.Header injection & URL Redirection.
Host Header Injection methods & URL redirection
Live Host Header Injection POC
Live URL Redirection POC
9. Client side attack
Understanding Session, Cookies & Session Fixation
Cross Site Request Forgery Introduction
Personally Identifiable Information (PII) Leakage
Sensitive Information Disclosure
Live CSRF POC
Live Sensitive Information POC
Live Session Fixation POC
10. Brute forcing
Brief about Brute Force
Brute Force (DVWA)
Live OTP Brute Force POC
11. Security Misconfigurations & improper File Handling
Security Misconfigurations & Improper File Handling
Guessing Weak Passwords
Live SPF Record Missing POC
Concept about CORS
Local File Inclusion
Remote File Inclusion
File Inclusion (DVWA)
Live LFI POC
14.server-site request forgery
What is SSRF?
Brief about Insecure Captcha
Live Captcha Bypass POC
16.Automating VAPT & Advanced information gathering
Introduction to Automated VAPT & Advance Level Information Gathering
17.Documenting & Reporting vulnerability
Introduction to VAPT Reporting
Conclusion of Bug Bounty
LESSION 1.What is a Bug Bounty Program?
LESSION 2.Popular Bug Bounty Platforms
LESSION 3.Bugcrowd (Demo)
LESSION 5.Benefits of Bug Bounty
LESSION 6.Brief About Common Vulnerabilities
LESSION 7.Hacking Terminologies
LESSION 8.What is Information Gathering?
LESSION 9.Concept of Digital Footprinting
LESSION 10.What Information to gather?
LESSION 11.What is Whois Information
LESSION 12.Information gathering about People & Organization
LESSION 13.Gathering Information about Websites
LESSION 14.Google Dorking & GHDB
LESSION 15.DVWA Introduction & Configuration
LESSION 16.bWAPP Introduction & Configuration
LESSION 17.Introduction to Burp Suite
LESSION 18.Steps to Configure (Demo)
LESSION 19.Introduction to SQL
LESSION 20.Writing Basic SQL Query
LESSION 21.Different types of comments used in SQL
LESSION 22.SQLi Introduction & Impact
LESSION 23.Union Based SQLi (Demo)
LESSION 24.Boolean Based SQli
LESSION 25.Time Based SQLi
LESSION 26.Validation Bypass (Client and Server)
LESSION 27.IDOR Vulnerability
LESSION 28.IDOR on bWAPP
LESSION 29.Rate Limiting Flaw
LESSION 30.File Upload Vulnerability
LESSION 31.File Upload on DVWA
LESSION 32.Live IDOR POC
LESSION 33.Live Rate Limiting Flaw POC
LESSION 34.What Is Cross Site Scripting(XSS)?
LESSION 35.Stored XSS
LESSION 36.Stored XSS (DVWA)
LESSION 37.Reflected XSS
LESSION 38.Reflected XSS (DVWA)
LESSION 39.DOM based XSS
LESSION 40.Blind XSS
LESSION 41.Live XSS POC
LESSION 42.Host Header Injection methods & URL redirection
LESSION 43.Live Host Header Injection POC
LESSION 44.Live URL Redirection POC
LESSION 45.Understanding Session, Cookies & Session Fixation
LESSION 46.Forced Browsing
LESSION 47.Cross Site Request Forgery Introduction
LESSION 48.CSRF Attack(DVWA)
LESSION 49.Open Redirections
LESSION 50.Personally Identifiable Information (PII) Leakage
LESSION 51.Sensitive Information Disclosure
LESSION 52.Live CSRF POC
LESSION 53.Live Sensitive Information POC
LESSION 54.Live Session Fixation POC
LESSION 55.Brief about Brute Force
LESSION 56.Brute Force (DVWA)
LESSION 57.Live OTP Brute Force POC
LESSION 58.Security Misconfigurations & Improper File Handling
LESSION 59.Guessing Weak Passwords
LESSION 60.Live SPF Record Missing POC
LESSION 61.Concept about CORS
LESSION 62.Local File Inclusion
LESSION 63.Remote File Inclusion
LESSION 64.File Inclusion (DVWA)
LESSION 65.Live LFI POC
LESSION 66.What is SSRF?
LESSION 67.Brief about Insecure Captcha
LESSION 68.Live Captcha Bypass POC
LESSION 69.Introduction to Automated VAPT & Advance Level Information Gathering
LESSION 70.Introduction to VAPT Reporting
LESSION 71.Conclusion of Bug Bounty
"Live Webinars helped me to shine a light into the dark corners of my knowledge gaps. I can now develop apps more confidently with the new knowledge I gained here."
" This Webinars offers in person training with ample online support and continuing educational tools. The instructors are very seasoned with a lot of depth of knowledge and experience. "