Dive into a comprehensive 4-hour 46-minute video course on practical bug bounty hunting. Learn essential web application security concepts, including authentication attacks, authorization vulnerabilities, and file inclusion exploits. Explore the differences between bug bounty hunting and penetration testing, understand scoping and ethics, and gain hands-on experience with tools like Burp Suite. Master techniques for fingerprinting web technologies, directory enumeration, and subdomain discovery. Complete practical challenges and walkthroughs to reinforce your skills in identifying and exploiting common web vulnerabilities.
Overview
Syllabus
- Intro
- Keeper Security Sponsorship
- Course Introduction
- Importance of Web App Security
- Web App Security Standards and Best Practices
- Bug Bounty Hunting vs Penetration Testing
- Phases of a Web App Pentest
- CryptoCat Introduction
- Understanding Scope, Ethics, Code of Conduct, etc.
- Common Scoping Mistakes
- Installing VMWare / VirtualBox
- Installing Linux
- Lab Installation
- Web Technologies
- HTTP & DNS
- Fingerprinting Web Technologies
- Directory Enumeration and Brute Forcing
- Subdomain Enumeration
- Burp Suite Overview
- Introduction to Authentication
- Brute-force Attacks
- Attacking MFA
- Authentication Challenge Walkthrough
- Intro to Authorization
- IDOR - Insecure Direct Object Reference
- Introduction to APIs
- Broken Access Control
- Testing with Autorize
- Introduction to LFI/RFI
- Local File Inclusion Attacks
- Remote File Inclusion Attacks
- File Inclusion Challenge Walkthrough
- Conclusion
Taught by
The Cyber Mentor
Related Courses
-
Web Application Ethical Hacking - Penetration Testing Course for Beginners
4.1 -
Learn Bug Bounty Hunting & Web Security Testing From Scratch
-
Web Security & Bug Bounty: Learn Penetration Testing
-
Burp Suite Bug Bounty Web Hacking from Scratch
-
Recon For Bug Bounty, Penetration Testers & Ethical Hackers
-
Bug Bounty Hunter Job Role Path
