Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Bug Bounty

via YouTube

Overview

Dive into the world of bug bounty hunting with this comprehensive 5-hour video series. Learn essential techniques for finding and exploiting vulnerabilities in web applications. Start by understanding how to choose a bug bounty program and use GitHub dorks for scope review. Explore reconnaissance methods, including setting up a VPS and using tools like Amass, Assetfinder, and Subfinder. Master subdomain enumeration techniques and automate the process to build your personal recon toolkit. Discover port scanning with nmap and tackle advanced topics like XSS CSP bypass and XXE vulnerabilities. Set up a local hacking environment using Kali on Windows WSL, and learn to automate bug hunting with Nuclei. Investigate common API vulnerabilities, focusing on IDORs and access control issues. Delve into OAuth application hacking, including CSRF protection flaws. Finally, explore free automated reconnaissance using GitHub Actions with Project Discovery tools.

Syllabus

The Plan - Finding a program - Bug Bounty - Ep - 01.
Scope Review and Bug Hunting Using Github Dorks - Bug Bounty - Ep - 02.
Recon 01 - Recon Infrastructure Map Setting up VPS + Assetfinder + Subfinder - Bug Bounty - Ep - 03.
Amass Setup and Tutorial.
Collecting Subdomains - Part 2 | Automating the process | First Steps to your personal Recon Toolkit.
Collecting Subdomains - Part 1 | Amass | Subfinder | Assetfinder | Findomain.
Recon - Scan them all | Port Scanning ft. nmap + Short Videos Announcement.
XSS CSP Bypass - BugPoC Challenge.
Kali on Windows WSL for Pentester & Bug Bounty Hunter | Local Recon | Hacking Machine | No VPS / VM.
Local Recon Machine - Kali on Windows ft. WSL | Final Part - Pt.2 | Recon on a live site.
Automate your Bug Hunting using Nuclei | Writing our own nuclei template | Be The H.A.C.R. - Ep. 18.
XXE - What Why & How | XXE on Twitter | $10k Bounty | XML External Entity.
Automating IDORS with Autorize - Common API Bugs Pt. 2 - IDORs & Access Control Issues.
Hacking Oauth Applications - Pt. 1.
Flawed CSRF Protection - State Param - Hacking Oauth Pt . 2 | Live Demo on Medium.com.
Free Automated Recon Using Github Actions | Ft. Project Discovery.

Taught by

Hacking Simplified

Reviews

Start your review of Bug Bounty

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.