[Last updated 6/2024] Intro to Bug Bounty Hunting and Web Application Hacking (Udemy – Engsub)

About Course

Views

Insiders guide to ethical web
hacking
and
bug bounty hunting
with Ben Sadeghipour (@NahamSec)
What you’ll learn:
Learn 10+ different vulnerability types
Ability to exploit basic web application vulnerabilities
Basics of Reconnaissance (recon)
How to approach a target
Understand how bug bounties work
Write better bug bounty reports
Includes practical hands on labs to practice your skills
Hack Websites for Ethical Hacking
Cross-Site Scripting (XSS)
SQL Injection
Server-Side Request Forgery (SSRF)
Description:
Welcome to
Intro to Bug Bounty Hunting and Web Application Hacking
, your introductory course into practical
bug bounty hunting
..

Link gốc:
https://www.udemy.com/course/intro-to-bug-bounty-by-nahamsec/

Time Course:
7.5 hours (85 Lectures + Documents)

Instructor
: Ben Sadeghipour
Total Weight:
4.16 GB
** Note
:

Chú ý:

Course Content

01 – Intro to Bug Hunting – Course Overview

001 About this course.mp4

01:44
002 Accessing your labs.mp4

03:24
003 Course Changes.mp4

00:55
004 What Is Bug Bounty.mp4

06:01

02 – Security Pre-cursor

03 – Why Proxy Tools

04 – Client Side Vulnerabilities

011 Content Security Policy (CSP) Explained.mp4

04:40
022 Understanding postMessages and How to Exploit them.mp4

16:46
021 Cross-origin resource sharing (CORS) Exploitation.mp4

04:00
020 Cross-origin resource sharing (CORS) Explained.mp4

04:00
019 Escalating Self-XSS with Cross-Site Request Forgery (CSRF).mp4

04:05
018 Cross-Site Request Forgery (CSRF) Bypass (Tips & Tricks).mp4

04:30
017 Cross-Site Request Forgery (CSRF) in POST Requests.mp4

03:35
016 Cross-Site Request Forgery (CSRF) in GET Requests.mp4

06:54
015 Cross-Site Request Forgery (CSRF) Explained.mp4

04:49
014 Content Security Policy (CSP) Bypass Using File Uploads.mp4

05:33
013 Content Security Policy (CSP) Bypass Using JSONP.mp4

05:30
012 Content Security Policy (CSP) Bypass Examples.mp4

02:26
001 Understanding Regular Expressions (RegEx).mp4

12:40
011 9.XSS-CSP-1.mp4

04:40
010 Understanding Cross-Site Scripting (XSS) Filter Bypasses (Tips &Tricks).mp4

09:18
009 Blind Cross-Site Scripting (Blind XSS).mp4

08:26
008 Stored Cross-Site Scripting (Stored XSS).mp4

02:35
007 Content Types and Cross-Site Scripting.mp4

10:09
006 Different Context for Cross-Site Scripting (XSS).mp4

08:54
005 Different approaches to Cross-Site Scripting (XSS).mp4

08:38
004 Cross-Site Scripting (XSS) Explained.mp4

06:02
003 Open Redirect Lab.mp4

03:13
002 Open Redirect Slides.mp4

02:23

05 – Local File Disclosure (LFD)

06 – Testing File Uploaders

07 – Broken Access Control

08 – Server Side Request Forgery (SSRF)

09 – XML External Entity (XXE)

10 – Remote Command Execution (RCE)

11 – Hacking JSON Web Tokens (JWT)

12 – Recon

001 Recon Explained.mp4

05:40
002 Subdomain’s Explained.mp4

04:45
003 Google Dorking Explained.mp4

05:13
004 Certificate Transparency Explained.mp4

07:10
005 Certificate Transparency Tricks & Tips.mp4

03:40
006 Discovering subdomains using Subfinder.mp4

04:47
007 Shodan Explained.mp4

08:34
008 Shodan CLI Examples.mp4

04:24
009 Information Gathering using HTTPx.mp4

04:42
010 Port Scanning Explained.mp4

04:26

13 – Hands On Hacking (OLD – Will get updated soon!)

14 – Resources

Student Ratings & Reviews

No Review Yet

About Course

Course Content

01 – Intro to Bug Hunting – Course Overview

001 About this course.mp4

002 Accessing your labs.mp4

003 Course Changes.mp4

004 What Is Bug Bounty.mp4

02 – Security Pre-cursor

008 HTTP Response Codes Explained.mp4

009 Making Requests.mp4

03 – Why Proxy Tools

001 Why proxy tools.mp4

002 Caido overview.mp4

003 BurpSuite Overview.mp4

04 – Client Side Vulnerabilities

011 Content Security Policy (CSP) Explained.mp4

022 Understanding postMessages and How to Exploit them.mp4

021 Cross-origin resource sharing (CORS) Exploitation.mp4

020 Cross-origin resource sharing (CORS) Explained.mp4

019 Escalating Self-XSS with Cross-Site Request Forgery (CSRF).mp4

018 Cross-Site Request Forgery (CSRF) Bypass (Tips & Tricks).mp4

017 Cross-Site Request Forgery (CSRF) in POST Requests.mp4

016 Cross-Site Request Forgery (CSRF) in GET Requests.mp4

015 Cross-Site Request Forgery (CSRF) Explained.mp4

014 Content Security Policy (CSP) Bypass Using File Uploads.mp4

013 Content Security Policy (CSP) Bypass Using JSONP.mp4

012 Content Security Policy (CSP) Bypass Examples.mp4

001 Understanding Regular Expressions (RegEx).mp4

011 9.XSS-CSP-1.mp4

010 Understanding Cross-Site Scripting (XSS) Filter Bypasses (Tips &Tricks).mp4

009 Blind Cross-Site Scripting (Blind XSS).mp4

008 Stored Cross-Site Scripting (Stored XSS).mp4

007 Content Types and Cross-Site Scripting.mp4

006 Different Context for Cross-Site Scripting (XSS).mp4

005 Different approaches to Cross-Site Scripting (XSS).mp4

004 Cross-Site Scripting (XSS) Explained.mp4

003 Open Redirect Lab.mp4

002 Open Redirect Slides.mp4

05 – Local File Disclosure (LFD)

001 Local File Read Explained.mp4

002 Local File Read Example.mp4

06 – Testing File Uploaders

001 File Uploads Slides.mp4

002 File Uploads Lab 01 – XSS.mp4

003 File Uploads Lab 02 – RCE.mp4

07 – Broken Access Control

001 IDOR Slides.mp4

002 IDOR Lab.mp4

08 – Server Side Request Forgery (SSRF)

001 Server-Side Request Forgery (SSRF) – Explained.mp4

002 Server-Side Request Forgery (SSRF) Example Basic Example Using Netcat.mp4

003 Server-Side Request Forgery (SSRF) Example Screenshot Tools + BurpSuite.mp4

004 Server-Side Request Forgery (SSRF) Example Internal Host and Port Scanning.mp4

005 Server-Side Request Forgery (SSRF) Example Understanding Whitelisting.mp4

006 Server-Side Request Forgery (SSRF) Example Understanding Blacklisting.mp4

09 – XML External Entity (XXE)

001 XXE Slides.mp4

002 XXE Lab 01.mp4

003 XXE Lab 02.mp4

10 – Remote Command Execution (RCE)

001 RCE Slides.mp4

002 RCE Lab 02 – Command Injection.mp4

003 RCE Lab 03 – Code Injection.mp4

11 – Hacking JSON Web Tokens (JWT)

001 JSON Web Tokens – Example.mp4

002 JSON Web Tokens (JWT) – Explained.mp4

12 – Recon

001 Recon Explained.mp4

002 Subdomain’s Explained.mp4

003 Google Dorking Explained.mp4

004 Certificate Transparency Explained.mp4

005 Certificate Transparency Tricks & Tips.mp4

006 Discovering subdomains using Subfinder.mp4

007 Shodan Explained.mp4

008 Shodan CLI Examples.mp4

009 Information Gathering using HTTPx.mp4

010 Port Scanning Explained.mp4

13 – Hands On Hacking (OLD – Will get updated soon!)

001 Intro.mp4

002 Hands on Hacking LFD.mp4