Home / Training / Online Training
Online Training
Bug Bounty Hunting - Offensive Approach to Hunt Bugs
Description
Welcome to Bug Bounty Hunting - Offensive Approach to Hunt Bugs. this course will cover most of the vulnerabilities of OWASP TOP 10 & Web Application Penetration Testing. you will start as a beginner with no hands-on experience on bug bounty hunting and Penetration testing, after this course you will emerge as a stealth Bug Bounty Hunter. Bug bounty hunting is the act of finding security vulnerabilities or bugs in a website and responsibly disclosing it to that company’s security team in an ethical way. Bug bounties, also known as responsible disclosure programs, are set up by companies to encourage people to report potential issues discovered on their sites. Some companies choose to reward a researcher with bounty, swag, or an entry in their hall-of-fame list. If you are interested in web application security then they have a great place of honing your skills, with the potential of earning some bounty and credibility at the same time.
Cource Details: Bug Bounty Hunting
- Fees: 10 USD
- Duration: 30 Hours
Course Content
1. About Instructor
09:01
2. Course Introduction and Overview
03:21
3. Why you should take this ?
01:12
4. Teaser of Offensive Approach to Hunt Bugs
47:27
5. Information Gathering
12:45
6. Steps to Configure Burpsuite with Firefox
05:05
7. How to Use Burpsuite - Spider | Repeater | Intruder
05:07
8. Background Concept about XSS
07:07
9. Basic XSS
13:15
10. Basic XSS on Lab
17:30
11. Manual Building XSS Vector
17:59
12. XSS through Filter Bypassed XSS payloads On Lab
10:54
13. XSS On Live Websites
16:59
14. XSS Hunting Live Part 1
08:32
15. XSS Hunting Live Part 2
12:54
16. XSS Hunting Live Part 3
06:40
17. XSS Through Header Parameter
03:40
18. Reflected XSS Vs Stored XSS
03:35
19. Exploitation of XSS : - 1. URL Redirection
01:38
20. Exploitation of XSS : - 2. Phishing Through XSS
02:48
21. Exploitation of XSS : - 3. Cookie Stealing
06:41
22. XSS Through File Uploading
03:40
23. XSS Through Remote File Inclusion
01:33
24. Convert Self XSS to Reflected XSS
02:46
25. POC - 1 XSS Attack Discovered by Shubham Maheshwari
01:44
26. POC - 2 XSS Attack Discovered by Shubham Maheshwari
00:58
27. POC - 3 XSS Attack Discovered by Shubham Maheshwari
01:09
28. POC 4 XSS Attack Discovered by Ankit Singh
01:12
29. POC 5 XSS Attack Discovered by Ankit Singh
01:31
30. POC 6 XSS Attack Discovered by Ankit Singh
02:45
31. POC 7 XSS Attack Discovered by Ankit Singh
00:57
32. POC 8 XSS Attack Discovered by Ankit Singh
02:03
33. Overview of Host Header Injection
01:53
34. Host Header Attack 1. Open Redirection
06:59
35. Host Header Attack 2. Cache Poisoning
01:38
36. Host Header Attack 3. Password Reset Poisoning
03:49
37. Host Header Attack 4. XSS Through Host Header
02:42
38. POC - 1 Host Header attack by Shubham Maheshwari
00:50
39. POC - 2 Host Header Attack Discovered by Shubham Maheshwari
00:55
40. POC - 3 Host Header Attack Discovered by Shubham Maheshwari
00:53
41. POC -4 Host Header Attack Discovered by Shubham Maheshwari
00:51
42. POC - 5 Host Header Attack Discovered by Shubham Maheshwari
01:02
43. POC - 6 Host Header Attack Discovered by Shubham Maheshwari
01:20
44. POC - 7 Host Header Attack Discovered by Shubham Maheshwari
00:38
45. Background Concept about URL Redirection
01:36
46. URL Redirection Through Get Parameter
09:50
47. URL Redirection Through Path Fragments
06:42
48. POC of URL Redirection 1
00:20
49. POC of URL Redirection 2
50. POC 3 Open Redirection Vulnerability Discovered by Shubham Maheshwari
00:27
51. POC 4 Open Redirection Vulnerability Discovered by Shubham Maheshwari
00:40
52. POC 5 Open Redirection Vulnerability Discovered by Shubham Maheshwari
01:01
53. POC 6 Open Redirection Vulnerability Discovered by Dawood Ansar
01:18
54. Background Concept about Parameter Tampering
03:07
55. Parameter Tampering - Example 1
03:56
56. Parameter Tampering - Example 2
02:58
57. Parameter Tampering - Example 3
03:18
58. Parameter Tampering - Example 4
04:32
59. Parameter Tampering - Example 5
04:21
60. Background Concept about HTML Injection
01:44
61. HTML Injection Finding - Example1
03:55
62. HTML Injection Finding - Example2
05:47
63. HTML Injection Finding - Example3
04:56
64. Exploitation of HTML Injection
65. Background Concept about File Inclusion
03:03
66. LFI Vs RFI
04:44
67. LFI Hunting Part 1
02:45
68. LFI Hunting Part 2
04:00
69. Exploitation of LFI
02:31
70. RFI Hunting
04:15
71. Background Concept about Missing / insufficient SPF record
02:16
72. Testing SPF
03:08
73. Exploitation of SPF
05:21
74. POC 1 SPF
01:31
75. POC 2 - SPF Vulnerability Discovered by Shubham Maheshwari
01:17
76. POC 3 - SPF Vulnerability Discovered by Shubham Maheshwari
01:28
77. POC 4 - SPF Vulnerability Discovered by Shubham Maheshwari
01:48
78. POC 5 - SPF Vulnerability Discovered by Shubham Maheshwari
01:15
79. Background Concept about CORS
03:03
80. Insecure CORS by Checking Response Header
06:05
81. Insecure CORS through Request Header
06:55
82. Exploitation of Insecure CORS
11:20
83. POC Insecure CORS
84. Background Concept about SSRF
03:16
85. SSRF Testing on Lab
09:10
86. SSRF on Live web
04:11
87. Exploitation of SSRF attack
09:30
88. Background Concept about Critical File Found
02:38
89. Critical File Found on Live web 1
07:03
90. Critical File Found on Live web 2
11:55
91. Background Concept about Source Code Disclosure
01:23
92. Source Code Disclosure on Lab
03:49
93. Source Code Disclosure on Live Web
02:09
94. Background Concept about CSRF
02:38
95. Injection Point for CSRF
01:37
96. CSRF on Logout Page
01:50
97. CSRF Live
03:18
98. CSRF page on some critical Business Logic Page
03:59
99. CSRF POC -1 Discovered by Ankit Singh
01:46
100. CSRF POC 2 Discovered by Ankit Singh
02:52
101. CSRF POC -3 Discovered by Ankit Singh
02:25
102. Background Concept about Hostile Subdomain Takeover
06:35
103. Hostile Subdomain Takeover on Live web 1
07:34
104. Hostile Subdomain Takeover on Live web 2
05:15
105. Background Concept about SQL injection
03:29
106. SQL Injection Lab Setup
06:07
107. Injection Point for SQL Injection
05:23
108. Learn SQL Query Fixing
10:27
109. SQLI GET Based Part 1
10:37
110. SQLI GET Based Part 2
05:20
111. SQLI GET Based Part 3
09:55
112. Exploitation of GET Based SQLI
19:23
113. SQLI POST Based Part 1
09:16
114. SQLI POST Based Part 2
00:00
115. Exploitation of POST Based SQLI
11:22
116. SQLI Header Based
04:15
117. Exploitation of Header Based SQLI
02:22
118. SQLI Cookie Based
03:53
119. Exploitation of Cookie Based SQLI
03:21
120. WAF Bypassing for SQLI
08:56
121. Authentication Bypassing through SQLI
05:52
122. Automation of SQLI GET Based
12:10
123. Automation of SQLI Post Based | Header Based and Cookie Based
09:21
124. Automation of SQLI Part 3 With WAF Bypassing
06:45
125. SQLI on Live Web 1
03:36
126. SQLI Live Bug Bounty Website
12:51
127. SQL Injection Live Website
04:08
128. Background Concept about Command Injection
03:18
129. Command Injection on Lab Part 1
04:50
130. Command Injection on Live Web 1
04:34
131. Command Injection on Live Web 2
03:13
132. Exploitation of Command Injection
03:45
133. Background Concept about File Uploading
01:17
134. File Uploading Part 1
05:15
135. File Uploading Part 2
03:48
136. File Uploading Part 3
03:38
137. File Uploading on Live Part 2
01:27
138. Background Concept about XXE Injection
01:58
139. XXE on Lab
02:03
140. Thank you message from Vikash Chaudhary
00:28
Assignment 0
Unpublished Lecture: SQL Injection Through Path Fragment Live
08:29
Offensive Bug Bounty - Hunter 2.0
Description
Welcome to Offensive Bug Bounty - Hunter 2.0 This course will cover Most of the Critical Vulnerabilities in Web Application & Mobile Application. You have to first Complete Offensive Approach to Hunt Bugs, after this course, you will emerge as a stealth Bug Bounty Hunter. Bug bounty Hunting is the act of finding security vulnerabilities or bugs in a website and responsibly disclosing it to that company’s security team in an ethical way. Bug bounties, also known as responsible disclosure programs, are set up by companies to encourage people to report potential issues discovered on their sites. Some companies choose to reward a researcher with bounty, swag, or an entry in their hall-of-fame list. If you are interested in web application security, then they have a great place of honing your skills, with the potential of earning some bounty and credibility at the same time.
Cource Details: Offensive Bug Bounty - Hunter 2.0
- Fees: 100 USD
- Duration: 50 Hours
Course Content
1. About Hunter 2.0
00:00
2. About Author
00:00
3. What you should know before taking this course
00:00
4. Subdomains Of Domain
00:00
5. Find Subdomains of Subdomains
00:00
6. Filter All the Live Subdomains for Hunting
00:00
7. GET - Error based - strip comments
00:00
8. POST- Second Oder Injections *Real treat ...
00:00
9. GET - Error based - All your OR & AND be ...
00:00
10. GET - Blind Based - All your OR & AND be ...
00:00
11. GET - Error based - All your SPACES and ...
00:00
12. GET - Blind Based - All your SPACES and ...
00:00
13. GET - Error Based- All your UNION & SELE ...
00:00
14. GET - Blind Based- All your UNION & SELE ...
00:00
15. GET - Error Based- All your UNION & SELE ...
00:00
16. GET - Blind Based- All your UNION & SELE ...
00:00
17. GET -Error based- IMPIDENCE MISMATCH- Ha ...
00:00
18. GET - BLIND - IMPIDENCE MISMATCH- Having ...
00:00
19. GET - BLIND - IMPIDENCE MISMATCH- Having ...
00:00
20. GET - Bypass custom filter adding slashe ...
00:00
21. GET - Bypass AddSlashes()
00:00
22. POST - Bypass AddSlashes()
00:00
23. POST - Bypass Add Slashes (we dont need ...
00:00
24. GET -Bypass MySQL Real Escape String
00:00
25. POST - Bypass MySQL Real Escape String
00:00
26. GET- Stacked Query Injection - String
00:00
27. GET - Stacked Query Injection - Intiger ...
00:00
28. GET - BLIND based - String - Stacked
00:00
29. GET - BLIND based - Intiger - Stacked
00:00
30. POST - Error based - String - Stacked
00:00
31. POST - Error based - String - Stacked wi ...
00:00
32. POST - Error based - String - Stacked -B ...
00:00
33. POST - Error based - String - Stacked - ...
00:00
34. GET - Error based - Numeric - ORDER BY C ...
00:00
35. GET - Error based - String - ORDER BY CL ...
00:00
36. GET - Error based - Blind- Numeric- ORDE ...
00:00
37. GET - Error based - String- Blind - ORDE ...
00:00
38. GET - Error based - ORDER BY CLAUSE -num ...
00:00
39. GET - Error based - ORDER BY CLAUSE-Stri ...
00:00
40. GET - Blind based - ORDER BY CLAUSE -num ...
00:00
41. GET - GET - Blind based - ORDER BY CLAUS ...
00:00
42. GET - challenge - Union- 10 queries allo ...
00:00
43. GET - challenge - Union- 14 queries allo ...
00:00
44. GET - challenge - Union- 14 queries allo ...
00:00
45. GET - challenge - Union- 14 queries allo ...
00:00
46. GET - challenge - Double Query- 5 querie ...
00:00
47. GET - challenge - Double Query- 5 querie ...
00:00
48. GET - challenge - Double Query- 5 querie ...
00:00
49. GET - challenge - Double Query- 5 querie ...
00:00
50. GET - challenge - Blind - 130 queries al ...
00:00
51. GET - challenge - Blind - 130 queries al ...
00:00
52. GET - challenge - Blind - 130 queries al ...
00:00
53. GET - challenge - Blind - 130 queries al ...
00:00
54. GET - challenge - Blind - 3 queries allo ...
00:00
55. GET - challenge - Blind - 3 queries allo ...
00:00
56. GET - challenge - Blind - 3 queries allo ...
00:00
57. GET - challenge - Blind - 3 queries allo ...
00:00
58. POST - challenge - error - 10 queries al ...
00:00
59. POST - challenge - error - 10 queries al ...
00:00
60. POST - challenge - error - 10 queries al ...
00:00
61. POST - challenge - error - 10 queries al ...
00:00
62. POST - challenge - Blind - 3 queries all ...
00:00
63. POST - challenge - Blind - 10 queries al ...
00:00
64. Live Hunting 1
00:00
65. Live Hunting 2
00:00
66. Live Hunting 3
00:00
67. Reporting
00:00
68. Background Concept
00:00
69. No Rate Limiting Live Hunting 1
00:00
70. No Rate Limiting Live Hunting 2
00:00
71. No Rate Limiting Live Hunting 3
00:00
72. No Rate Limiting Live Hunting 4
00:00
73. No Rate Limiting Live Hunting 5
00:00
74. Reporting
00:00
75. Background Concept
00:00
76. Long Password Dos Attack Hunting 1
00:00
77. Long Password Dos Attack Hunting 2
00:00
78. Long Password Dos Attack Hunting 3
00:00
79. Long Password Dos Attack Hunting 4
00:00
80. Long Password Dos Attack Hunting 5
00:00
81. Reporting
00:00
82. Background Concept
00:00
83. Buffer Overflow Live Hunting 1
00:00
84. Buffer Overflow Live Hunting 2
00:00
85. Buffer Overflow Live Hunting 3
00:00
86. Buffer Overflow Live Hunting 4
00:00
87. Buffer Overflow Live Hunting 5
00:00
88. Reporting
00:00
89. Background Concept
00:00
90. Android App 1 Live Hunting
00:00
91. Android App 2 Live Hunting
00:00
92. Android App 3 Live Hunting
00:00
95. Android App Source Code Review Part 1
00:00
96. Android App Source Code Review Part 2
00:00
97. Android App Source Code Review Part 3
00:00
98. Live Hunting 1
00:00
99. Live Hunting 2
00:00
100. Live Hunting 3
00:00
101. Reporting
00:00
102. Background Concept
00:00
103. Ios App 1 Hunting
00:00
104. Ios App 2 Hunting
00:00
105. Ios App 3 Hunting
00:00
106. Ios App 4 Hunting
00:00
107. Ios App 5 Hunting
00:00
108. Ios App Static Code Analysis Part 1
00:00
109. Ios App Static Code Analysis Part 2
00:00
110. Reporting
00:00
111. Background Concept
00:00
112. Hostile Subdomain Takeover Live Hunting 1
00:00
113. Hostile Subdomain Takeover Live Hunting 2
00:00
114. Hostile Subdomain Takeover Live Hunting 3
00:00
115. Hostile Subdomain Takeover Live Hunting 4
00:00
116. Hostile Subdomain Takeover Live Hunting 5
00:00
117. Reporting
00:00
118. Background Concept
00:00
119. Idor Live Hunting 1
00:00
120. Idor Live Hunting 2
00:00
121. Idor Live Hunting 3
00:00
122. Idor Live Hunting 4
00:00
123. Idor Live Hunting 5
00:00
124. Account Takeover Idor
00:00
125. Reporting
00:00
126. Background Concept
00:00
127. WPSCAN Overview
00:00
128. Username enumeration (from ?author)
00:00
129. Weak password cracking
00:00
130. Brute force attack
00:00
131. Enumerating wordpress Theme
00:00
132. Enumerating wordpress vulnerable Theme
00:00
133. Enumerating wordpress Plugins
00:00
134. Enumerating wordpress vulnerable Plugins
00:00
135. Backdoor in wordpress
00:00
136. Hunting with Metasploit
00:00
137. Live Hunting 1
00:00
138. Live Hunting 2
00:00
139. Live Hunting 3
00:00
140. Reporting
00:00
141. Overview of Joomla
00:00
142. Background Concept about Joomla Vuln
00:00
143. Overview of joomscan
00:00
144. Zero Day Exploit for Joomla
00:00
145. Live Hunting 1
00:00
146. Live Hunting 2
00:00
147. Live Hunting 3
00:00
148. Reporting
00:00
149. Overview of Drupal
00:00
150. Background Concept
00:00
151. Automated Scanner for Drupal
00:00
152. Hunting with Metasploit for Drupal
00:00
153. Zero Day Exploit for Drupal
00:00
154. Live Hunting 1
00:00
155. Live Hunting 2
00:00
156. Live Hunting 3
00:00
157. Reporting
00:00
158. Overview of All Types of CMS
00:00
159. Background Concept about All types of CMS Vulnerabilities
00:00
160. Automated CMS Vulnerability Scanners
00:00
161. Live Hunting 1
00:00
162. Live Hunting 2
00:00
163. Live Hunting 3
00:00
164. Reporting
00:00
165. Background Concept
00:00
166. Csrf Live Hunting 1
00:00
167. Csrf Live Hunting 2
00:00
168. Csrf Live Hunting 3
00:00
169. Csrf Live Hunting 4
00:00
170. Csrf Account Takeover
00:00
171. Json Csrf
00:00
172. Xss to Steal Anti Csrf Token
00:00
173. Pseudo Anti Csrf Tokens Bypass
00:00
174. Reporting
00:00
175. Background Concept
00:00
176. Hsts Live Hunting 1
00:00
177. Hsts Live Hunting 2
00:00
178. Reporting
00:00
179. Background Concept
00:00
180. Session Fixation Live Hunting 1
00:00
181. Session Fixation Live Hunting 2
00:00
182. Session Fixation Live Hunting 3
00:00
183. Session Fixation Live Hunting 4
00:00
184. Session Fixation Live Hunting 5
00:00
185. Reporting
09:55
186. Background Concept
00:00
187. Account Lockout Hunting 1
00:00
188. Account Lockout Hunting 2
00:00
189. Account Lockout Hunting 3
00:00
190. Account Lockout Hunting 4
00:00
191. Account Lockout Hunting 5
00:00
192. Reporting
00:00
193. Background Concept
00:00
194. Flash Based Xss
00:00
195. Xss Through File Upload
00:00
196. Remote File Xss
00:00
197. Important Dont Miss This Blind Xss
00:00
198. Background Concept About Blind Xss
00:00
199. Blind Xss Hunting 1
00:00
200. Blind Xss Hunting 2
00:00
201. Blind Xss Hunting 3
00:00
202. Xss Exploitation Through Beef
00:00
203. Xss Exploit - Browser Redirection and Iframe Injection
00:00
204. Xss Xploit - Stealing Cookies and Session Information
00:00
205. Reporting
00:00
206. Background Concept
00:00
207. Ssrf to Rfi
00:00
208. Ssrf to Rfi to Shell
00:00
209. Ssrf to Call Internal Files
00:00
210. Ssrf to Query Internal Networks
00:00
211. Reporting
00:00
212. Background Concept
00:00
213. Token hijacking attacks
00:00
214. Logical Bypass
00:00
215. Boundary Conditions
00:00
216. Authentication Bypassing Use Response Interception
00:00
217. Live Hunting 1
00:00
218. Live Hunting 2
00:00
219. Reporting
00:00
220. JWT Token Brute-Force attacks
00:00
221. SAML Authentication and Authorization Bypass
00:00
222. XXE through SAML
00:00
223. Advanced XXE Exploitation over OOB channels
00:00
224. Oauth Stealing
00:00
225. Exploiting 0Auth for Fun & Profit
00:00
226. Live Hunting 1
00:00
227. Live Hunting 2
00:00
228. Reporting
00:00
229. Cookie Swap
00:00
230. Host Header Validation Bypass
00:00
231. Case study of popular password reset fails.
00:00
232. Live Hunting 1
00:00
233. Live Hunting 2
00:00
234. Reporting
00:00
235. Known Plaintext Attack (Faulty Password Reset)
00:00
236. Path Traversal using Padding Oracle
00:00
237. Hash length extension attacks
00:00
238. Live Hunting 1
00:00
239. Live Hunting 2
00:00
240. Reporting
00:00
241. Background Concept
00:00
242. Business Logic Flaws on Password Reset
00:00
243. Business Logic Flaws on Payment Checkout
00:00
244. Mass Assignment
00:00
245. Invite / Promo Code Bypass
00:00
246. Replay attack
00:00
247. API Authorization Bypass
00:00
248. Live Hunting 1
00:00
249. Live Hunting 2
00:00
250. Live Hunting 3
00:00
251. Reporting
00:00
252. Background Concept
00:00
253. Apache Struts Remote Code Execution
00:00
254. Java Serialization Attack
00:00
255. Node.js RCE
00:00
256. PHP object injection
00:00
257. RCE through XXE (with blind XXE)
00:00
258. RCE through XSLT
00:00
259. Rails' Remote Code Execution
00:00
260. Ruby/ERB template injection
00:00
261. Exploiting code injection over OOB channel
00:00
262. Live Hunting 1
00:00
263. Live Hunting 2
00:00
264. Live Hunting 3
00:00
265. Reporting
00:00
266. Detailed Information about HQL
00:00
267. Background Concept about HQL injection
00:00
268. Hunting on Lab
00:00
269. Live Hunting 1
00:00
270. Live Hunting 2
00:00
271. Live Hunting 3
00:00
272. Reporting
00:00
273. Overview NOSQL
00:00
274. Background Concept about NOSQL Injection
00:00
275. NOSQL Injection on Lab
00:00
276. Live Hunting 1
00:00
278. Live Hunting 2
00:00
278. Live Hunting 3
00:00
279. How to Report NOSQL Injection Vulnerability
00:00
280. Background Concept
00:00
281. SMTP Command Injection
00:00
282. SMTP Injection Flaws
00:00
283. Live Hunting 1
00:00
284. Live Hunting 2
00:00
285. Live Hunting 3
00:00
286. Reporting
00:00
287. Web Cache Deception
00:00
288. CSV Injection
00:00
289. CSS Injection
00:00
290. Android SSL Pinning Bypass Part 1
00:00
291. Android SSL Pinning Bypass Part 2
00:00
292. Live Hunting 1
00:00
293. Live Hunting 2
00:00
294. Live Hunting 3
00:00
295. Live Hunting 4
00:00
296. Reporting
00:00
297. Thank you Message from Vikash Chaudhary
00:00
ADVERTISEMENT
Download and Install HackersEra android app from Play Store
