Bug Bounty Master Class

Learn Bug Hunting methods with the Perspective of a Bug Bounty Hunter

Bug bounty programs are moving from the domain of oddity towards turning out to be best practice. They give a chance to level the digital protection battleground, fortifying the security of items just as developing a commonly remunerating relationship with the security specialist local area. While bug abundance programs have been utilized for more than 20 years, far and wide appropriation by big business associations have recently started to take off inside the last not many. Organizations are presently burning through million dollars on bug bounty programs.

There is the least abundance of certain organizations recorded beneath:

Facebook pays $500

Google pays $100

An individual won $33500 for detailing a bug on Facebook. What’s more, there is a lot of individuals who got tycoon simply by bug bounties.

So In this, you will realize how to discover bugs on-site, what are things you need to glance at in a site when you are trying it for certain bugs.

We will begin from rudiments – Recon Skills the best and initial move towards bug chasing is to assemble the data

At that point, we will find out about bugs, what are they, and how to discover them in web applications

The benefit isn’t just getting cash even you can get popularity ( HOF ) and a few organizations may welcome you to their occasions too.

In this course, you will discover What is a bug and how to discover them in a web application, similar to which measure you need to follow to discover them in a Web App. With all the testing approaches.

Introduction

1
Introduction

Getting Familiar with Burp Suite

1
Configuring Burp Suite with Browser
2
Taget, Proxy and Spider Tabs of Burp Suite
3
Scanner, Intruder and Repeater Tabs of Burp Suite
4
Wrapping up Burp Suite

Reconnaissance

1
Getting The Juicy Information from the Headers
2
Information Gathering using google Dorks
3
Google Dorks ( Demo )
4
Analyzing Files on Website for Juicy Endpoints
5
Downloading the Source of a Website
6
The Dirbuster
7
Gathering Information using WhatWeb
8
Enemurating Subdomains
9
Using The Harvester for finding Public Info
10
The Way Back Machine
11
Vhost Discovery

Using Nmap for Information Gathering Purposes

1
Getting Familiar with NMap
2
Different Type of Nmap scans
3
Nmap scans ( Demo )
4
Banner Grabbing

Getting Starting in Finding bugs

1
Installing Your Testing Environment
2
Testing for HTTP Strict Transport Security
3
Robots.txt ( Demo )
4
HTML Injection

Testing For Session Management Issues

1
Session Management
2
Cross Site Request Forgery

Authentication Testing

1
Broken Authentication

Authorization Testing

1
IDOR
2
Directory Traversal

Client Side Testing

1
Clickjacking
2
Exploiting CORS (Cross Origin Resource Sharing)

Testing For Input Validaton

1
HTTP Parameter Pollution
2
Cross Site Scripting ( XSS )
3
Sql Injection ( SqlI )

Unvalidated Redirect and Forwards

1
Unvalidated Redirect and Forwards

File Upload Vulnerabilities

1
Unrestricted file Upload

Command Injection

1
Command Injection

Be the first to add a review.

Please, login to leave a review
Add to Wishlist
Lectures: 37

Review

Click edit button to change this text. Lorem ipsum dolor sit amet, consectetur adipiscing elit. Ut elit tellus, luctus nec ullamcorper mattis, pulvinar dapibus leo.

Mike Stuart

Support

Click edit button to change this text. Lorem ipsum dolor sit amet, consectetur adipiscing elit. Ut elit tellus, luctus nec ullamcorper mattis, pulvinar dapibus leo.

Mila Kunis

Manager

Click edit button to change this text. Lorem ipsum dolor sit amet, consectetur adipiscing elit. Ut elit tellus, luctus nec ullamcorper mattis, pulvinar dapibus leo.

Adam Sendler

Designer

Social Network

Bug Bounty Master Class
Price:
$169