[Last updated 3/2024] Learn Bug Bounty Hunting & Web Security Testing From Scratch (Udemy – Engsub)

About Course

Views

Learn Bug Bounty Hunting & Web Security Testing From Scratch
help how to discover bugs
What you’ll learn:
95+ videos to teach you bug hunting & security testing from scratch.
80+ hands-on real-life examples – from simple to advanced.
Discover the most common web application bugs and vulnerabilities.
Discover bugs from the OWASP top 10 most common security threats.
Bypass filters & security on all of the covered bugs & vulnerabilities.
2 Hour LIVE bug hunt / pentest on a real web application at the end of the course.
My approach to bug hunting and web application penetration testing.
The bug hunter / hacker mentality.
Efficiency use Burp Suite to discover bugs and vulnerabilities.
Discover sensitive & hidden information, paths, files, endpoints and subdomains
Gather information about websites & applications
Essential topics to bounty hunting.
v.v…
Description:
Learn bug bounty hunting and web security testing from scratch
with our comprehensive website. Master the skills needed to identify and fix vulnerabilities to enhance
web security

Link gốc:

https://www.udemy.com/course/learn-bug-bounty-hunting-web-security-testing-from-scratch/

Time Course:
11 hours (97 Lectures + Documents)

Instructor
: Zaid Sabih
Total Weight:
10.6 GB
** Note
:

Chú ý:

Course Content

11 – XSS – Bypassing Security

001 Bypassing Basic Filtering.mp4

05:59
002 Bypassing Single-Quotes Filtering.mp4

07:33
003 Bypassing Advanced Filtering.mp4

10:22
004 Bypassing Server-Side Filtering.mp4

06:43
005 Bypassing Extreme Filtering with Burp Intruder.mp4

09:21

21 – 2 Hour Live Bug Hunting !

001 2 Hour Live Bug Hunt Introduction.mp4

01:40
002 Overview of the Target.mp4

08:57
003 Discovering an Open Redirect Vulnerability.mp4

06:42
004 Discovering an XSS in the Response.mp4

09:09
005 Discovering an XSS in a HTML Comment.mp4

08:54
006 Discovering an XSS in a Date Picker.mp4

05:53
007 Broken Access Control in Booking Page.mp4

05:52
008 Analysing Application Files & Finding Sensitive Data.mp4

11:57
009 Discovering Endpoints Hidden In Code.mp4

03:54
010 Discovering an IDOR – Insecure Direct Object Reference.mp4

03:38
011 Discovering Hidden Endpoints Using Regex.mp4

09:10
012 Discovering a Complex Stored XSS.mp4

10:42
013 Discovering Bugs in Hidden Elements.mp4

08:01
014 Discovering Bugs in Hidden Parameters.mp4

06:42

20 – XXE (XML External Entity) Injection

19 – Blind SSRF Vulnerabilities

18 – SSRF – Bypassing Security

17 – SSRF – Advanced Exploitation

16 – SSRF (Server-Side Request Forgery)

15 – Time-Based Blind SQL Injection

14 – Blind SQL Injections

13 – SQL Injection Vulnerabilities

12 – Bypassing Content Security Policy (CSP)

01 – Introduction

10 – DOM XSS Vulnerabilities

09 – XSS – Cross Site Scripting

08 – OS Command Injection

07 – Injection Vulnerabilities

06 – OAUTH 2.0 Vulnerabilities

05 – CSRF – Cross-Site Request Forgery

04 – Path Directory Traversal Vulnerabilities

03 – Broken Access Control Vulnerabilities

02 – Information Disclosure vulnerabilities

001 Introduction to Information Disclosure Vulnerabilities.mp4

01:49
002 Discovering Database Login Credentials.mp4

09:25
003 Discovering Endpoints & Sensitive Data.mp4

08:01
004 Introduction to HTTP Status Codes.mp4

07:45
005 Employing the Hacker Bug Hunter Mentality to Discover Admin Login Information.mp4

08:15
006 Manipulating Application Behaviour Through the HTTP GET Method.mp4

05:46
007 Manipulating Application Behaviour Through the HTTP POST Method.mp4

06:48
008 Intercepting Requests With Burp Proxy.mp4

10:21

Student Ratings & Reviews

No Review Yet

About Course

Course Content

11 – XSS – Bypassing Security

001 Bypassing Basic Filtering.mp4

002 Bypassing Single-Quotes Filtering.mp4

003 Bypassing Advanced Filtering.mp4

004 Bypassing Server-Side Filtering.mp4

005 Bypassing Extreme Filtering with Burp Intruder.mp4

21 – 2 Hour Live Bug Hunting !

001 2 Hour Live Bug Hunt Introduction.mp4

002 Overview of the Target.mp4

003 Discovering an Open Redirect Vulnerability.mp4

004 Discovering an XSS in the Response.mp4

005 Discovering an XSS in a HTML Comment.mp4

006 Discovering an XSS in a Date Picker.mp4

007 Broken Access Control in Booking Page.mp4

008 Analysing Application Files & Finding Sensitive Data.mp4

009 Discovering Endpoints Hidden In Code.mp4

010 Discovering an IDOR – Insecure Direct Object Reference.mp4

011 Discovering Hidden Endpoints Using Regex.mp4

012 Discovering a Complex Stored XSS.mp4

013 Discovering Bugs in Hidden Elements.mp4

014 Discovering Bugs in Hidden Parameters.mp4

20 – XXE (XML External Entity) Injection

001 Introduction to XXE Injection Vulnerabilities.mp4

002 What is XML.mp4

003 Exploiting a Basic XXE Injection.mp4

004 Discovering an SSRF Through a Blind XXE.mp4

19 – Blind SSRF Vulnerabilities

001 Introduction to Blind SSRF Vulnerabilities.mp4

002 Discovering Blind SSRF Vulnerabilities.mp4

003 Exploiting Blind SSRF Vulnerabilities.mp4

004 Escalating Blind SSRF to a Remote Code Execution (RCE).mp4

18 – SSRF – Bypassing Security

001 Bypassing Blacklists.mp4

002 Bypassing Whitelists.mp4

003 Chaining Open Redirection with SSRF to Bypass Restrictive Filters.mp4

17 – SSRF – Advanced Exploitation

001 Advanced SSRF Discovery.mp4

002 Scanning & Mapping Internal Network & Services.mp4

16 – SSRF (Server-Side Request Forgery)

001 Introduction to SSRF Vulnerabilities.mp4

002 Theory Behind SSRF Vulnerabilities & Their Impact.mp4

003 Discovering a Basic SSRF Vulnerability.mp4

004 Accessing Private (Admin) Resources Using an SSRF Vulnerability.mp4

15 – Time-Based Blind SQL Injection

001 Discovering Time-Based Blind SQLi.mp4

002 Extracting Data From the Database Using a Time-Based Blind SQLi.mp4

003 Getting The Admin Password Using a Time-Based Blind SQLi.mp4

14 – Blind SQL Injections

001 Discovering Blind SQL Injections.mp4

002 Enumerating Table & Column Names.mp4

003 Recovering Administrator Password With Burp Intruder.mp4

004 Using the Cluster-Bomb Attack to Recover Passwords.mp4

13 – SQL Injection Vulnerabilities

001 Introduction to SQL Injection Vulnerabilities.mp4

002 Discovering SQL Injections.mp4

003 Bypassing Admin Login Using Logical Operators.mp4

004 Selecting Data From the Database.mp4

005 Accessing The Database Admin Records.mp4

12 – Bypassing Content Security Policy (CSP)

001 Analysing the Target Application.mp4

002 Discovering an XSS in a CSP Enabled Application.mp4

01 – Introduction

001 Course Introduction.mp4

002 Introduction to Bug Hunting.mp4

003 What is a Website.mp4

10 – DOM XSS Vulnerabilities

001 Introduction to DOM XSS Vulnerabilities.mp4

002 Discovering a Reflected DOM XSS in a Link.mp4

003 Discovering a Reflected XSS in an Image Tag!.mp4

004 Injecting Javascript Directly in a Page Script.mp4

005 Discovering XSS in a Drop-down Menu.mp4

006 Discovering XSS in AngularJS Application.mp4

09 – XSS – Cross Site Scripting

001 Introduction to XSS Vulnerabilities & Its Types.mp4

002 Discovering a HTML Injection Vulnerability.mp4

003 Discovering Reflected & Stored XSS Vulnerabilities.mp4

08 – OS Command Injection

001 Discovering a Basic Command Injection Vulnerability.mp4