Bug Bounty from Scratch
Learn to hunt for high-impact vulnerabilities and become a bug hunting pro, mastering bug bounties from recon to report!.
Bug Bounty
A bug bounty course trains participants in ethical hacking, covering web security, tools, techniques, case studies, legal aspects, and responsible disclosure to identify software vulnerabilities.
What you'll learn
- Understanding Security Protocols.
- Penetration Testing Techniques.
- Bug Bounty Tools.
- Incident Response and Reporting
- Legal and Ethical Aspects
✔ 1.1: Kali Linux Overview
✔ 1.2: Installing VMWare / Kali Linux
✔ 1.3: Navigating the File System
✔ 1.4: Users and Privileges
✔ 1.5: Repositories & Settings
✔ 1.6: Common Network Commands
✔ 1.7: Viewing, Creating, and Editing Files
✔ 1.8: Starting and Stopping Services
✔ 1.9: Installing and Updating Tools
✔ 2.1: Networking Concepts
✔ 2.2: Networking Devices, Protocols and Services, and Tools
✔ 2.3: OSI Model & TCP/IP Model, IP & MAC Addresses. Static & Dynamic IP
✔ 2.4: Portforwarding & Protocols: DNS, SSH, FTP, TELNET, HTTP, SSL, POP, SMB, RDP
✔ 2.5: VPN & Proxies, IP Addresses, VPS Server
✔ 3.1: Working Websites, Databases, Servers
✔ 3.2: Domain and Subdomain, API, HTTP and HTTPS
✔ 3.3: Security Header, Request and Response
✔ 3.4: URL and Domain, Session, Cookies
✔ 3.5: Types of Users, User Roles
✔ 3.6: Misconfiguration, Policies
✔ 3.7: Authentication & Authorization
✔ 4.1: Public Information, Whois-Registrant, Credentials Leaks
✔ 4.2: GitHub Dorks, Google Dorks, Google Dorks (All)
✔ 4.3: Shodan, Git, Email Tools, Social Media, Metadata
✔ 5.1: Subdomains Finding, Port Scanning
✔ 5.2: Technologies, DNS Enumeration
✔ 5.3: Content Discovery, Links
✔ 5.4: Parameters, Fuzzing
✔ 5.5: HTTP and HTTPS, Enumerate File
✔ 5.6: JS File
✔ 5.7: Ports Enumeration
✔ 5.8: Bruteforcing
✔ 5.9: Hash Cracking
✔ 5.10: Crawling
✔ 6.1: OWASP ZAP, dirb, gobuster
✔ 6.2: Burp Suite, ffuf, httpx, subfinder
✔ 6.3: curl, wget, Nikto, W3af
✔ 7.1: Debug Information Exposure
✔ 7.2: Sensitive Configuration Files
✔ 7.3: Unintended Data Exposure
✔ 7.4: Exposed API Endpoints
✔ 8.1: Unencrypted Data Transmission
✔ 8.2: Weak Encryption Algorithms
✔ 8.3: Insecure Storage of Sensitive Data
✔ 8.4: Improper Key Management
✔ 9.1: Default Credentials
✔ 9.2: Unnecessary Services
✔ 9.3: Verbose Error Messages
✔ 9.4: Incomplete Setup
✔ 10.1: Workflow Manipulation
✔ 10.2: Misuse of Business Rules
✔ 10.3: Race Conditions
✔ 10.4: Fraudulent Transactions
✔ 11.1: Information Leakage
✔ 11.2: Stack Traces Exposure
✔ 11.3: Custom Error Pages
✔ 11.4: Verbose Error Messages
✔ 12.1: UI Redress Attack
✔ 12.2: Transparent Iframes
✔ 12.3: Frame Busting Bypass
✔ 12.4: Social Engineering Clickjacking
✔ 13.1: Unsecured Admin Panels
✔ 13.2: Lack of Authentication Controls
✔ 13.3: Default Admin URLs
✔ 13.4: Accessing Admin Functions Without Privileges
✔ 14.1: Time-of-Check to Time-of-Use (TOCTOU)
✔ 14.2: Concurrent Process Exploitation
✔ 14.3: Transaction Manipulation
✔ 14.4: Resource Contention
✔ 15.1: Volume-Based Attacks
✔ 15.2: Protocol Attacks
✔ 15.3: Application Layer Attacks
✔ 15.4: Resource Exhaustion Attacks
✔ 16.1: Overly Broad API Responses
✔ 16.2: Leaking User Data
✔ 16.3: Detailed Error Messages
✔ 16.4: Unrestricted Access to Resources
✔ 17.1: Unvalidated Redirects
✔ 17.2: URL Manipulation
✔ 17.3: Phishing Attacks via Redirects
✔ 17.4: Open URL Parameter Attacks
✔ 18.1: Directory Traversal
✔ 18.2: Symbolic Link Traversal
✔ 18.3: Command Execution via Path Traversal
✔ 18.4: Accessing Sensitive Files
✔ 19.1: Credentials Stuffing
✔ 19.2: Brute Force
✔ 19.3: Session Hijacking
✔ 19.4: Weak Password Recovery Mechanisms
✔ 20.1: Insecure Direct Object References (IDOR)
✔ 20.2: Privilege Escalation
✔ 20.3: Cross-Domain Access
✔ 20.4: Forceful Browsing
✔ 21.1: Parameter Manipulation
✔ 21.2: URL Manipulation
✔ 21.3: Accessing User Data
✔ 21.4: Accessing Administrative Functions
✔ 21.5: Exploiting API Endpoints
✔ 22.1: Template Injection via User Input
✔ 22.2: Injection of Malicious Templates
✔ 22.3: Cross-Site Scripting via Templates
✔ 22.4: Malicious Variable Manipulation
✔ 23.1: Stored XSS (Persistent XSS)
✔ 23.2: Reflected XSS (Non-Persistent XSS)
✔ 23.3: DOM-based XSS
✔ 23.4: Blind XSS
✔ 23.5: Mutated XSS
✔ 23.6: Self-XSS
✔ 24.1: In-band SQLi
✔ 24.2: Inferential SQLi
✔ 24.3: Out-of-band SQLi
✔ 25.1: State-changing Requests
✔ 25.2: Data Theft
✔ 25.3: Login CSRF
✔ 25.4: Session Riding
✔ 26.1: Command Injection
✔ 26.2: Code Injection
✔ 26.3: Malicious File Upload
✔ 26.4: Deserialization Attack
✔ 26.5: Remote File Inclusion (RFI)
✔ 26.6: Server Misconfiguration
✔ 27.1: Internal Network Scanning
✔ 27.2: Accessing Metadata Services
✔ 27.3: HTTP Host Header Attacks
✔ 27.4: Third-party Service Exploitation
✔ 27.5: Local File Inclusion via SSRF
✔ 27.6: Blind SSRF
✔ 28.1: Path Traversal
✔ 28.2: Remote File Inclusion (RFI)
✔ 28.3: Log File Injection
✔ 28.4: File Inclusion via Null Byte
✔ 29.1: Unrestricted File Upload
✔ 29.2: Malicious File Upload
✔ 29.3: File Type Bypass
✔ 29.4: Exploiting Metadata
✔ 30.1: URL Injection
✔ 30.2: Remote File Upload
✔ 30.3: File Inclusion via PHP Wrappers
✔ 30.4: Server Misconfiguration
✔ 31.1: Shell Injection
✔ 31.2: SQL Command Injection
✔ 31.3: OS Command Injection