Section 01: Introduction to the Bug Bounty Course |
|
We are pleased to have you on board! |
|
00:04:00 |
Section 02: Let's clear Cyber Security Fundamentals |
|
What is Security? |
|
00:06:00 |
|
What is Cyber Security? |
|
00:05:00 |
|
History of Cyber Security |
|
00:07:00 |
|
How to Become a Cyber Security Professional? |
|
00:08:00 |
Section 03: Getting started with Bug Bounty! |
|
Types of Actors |
|
00:09:00 |
|
What is a Passive Attack? |
|
00:05:00 |
|
What is an Active Attack? |
|
00:05:00 |
Section 04: The Core Concepts of Bug Bounty! |
|
Why do we need to fix the Vulnerabilities? |
|
00:05:00 |
|
Hacker Sponsored Security |
|
00:03:00 |
|
Key Terms in Bug Bounty Program |
|
00:05:00 |
|
Public and Private Bug Bounty Program |
|
00:04:00 |
|
What is HackerOne? |
|
00:05:00 |
|
Why organizations will hire you as a Bug Bounty Hunter? Part 1 |
|
00:02:00 |
|
Why organizations will hire you as a Bug Bounty Hunter? Part 2 |
|
00:02:00 |
|
Why organizations will hire you as a Bug Bounty Hunter? Part 3 |
|
00:05:00 |
Section 05: Networking Fundamentals for Web Pentesting |
|
What is an Address in Networking? |
|
00:09:00 |
|
What is an IP Address? |
|
00:07:00 |
|
Classes of IP Address |
|
00:10:00 |
|
How to find our own IP Address? |
|
00:03:00 |
|
How to find our own MAC Address? |
|
00:05:00 |
|
What is Domain Name System? |
|
00:03:00 |
|
What is Name Resolution Process? |
|
00:06:00 |
|
Why UDP is used in Name Resolution Process? |
|
00:04:00 |
|
What is HTTP? |
|
00:04:00 |
|
Why do we prefer HTTPS over HTTP? |
|
00:05:00 |
Section 06: Diving Deep into Penetration Testing |
|
Ethical Hacking Terminologies |
|
00:06:00 |
|
What is Vulnerability Assessment? |
|
00:04:00 |
|
Penetration Testing Methodologies |
|
00:07:00 |
|
What are the different types of Penetration tests? |
|
00:06:00 |
|
IMPORTANT – Phases of Penetration Testing |
|
00:04:00 |
|
10 Steps Bug Bounty Experts follow! |
|
00:04:00 |
Section 07: Setting up your Bug Bounty Lab |
|
What is Linux Operating System? |
|
00:04:00 |
|
What is Kali Linux? |
|
00:03:00 |
|
Virtual Box Installation |
|
00:06:00 |
|
How to install Kali Linux in Virtual Box? |
|
00:12:00 |
|
How to install Metasploitable in Virtual Box? |
|
00:09:00 |
|
Our hacking machine – DVWA |
|
00:18:00 |
|
How to browse anonymously using TOR? |
|
00:09:00 |
|
Executing Basic Commands in Kali Linux |
|
00:12:00 |
|
Executing Advance Commands in Kali Linux |
|
00:14:00 |
Section 08: Information Gathering Phase |
|
What is Information Gathering? |
|
00:08:00 |
|
Information Gathering using MALTEGO Part 1 |
|
00:07:00 |
|
Information Gathering using MALTEGO Part 2 |
|
00:06:00 |
|
Website Mirroring using HTTrack |
|
00:05:00 |
|
Information Gathering using The Harvester |
|
00:02:00 |
|
Information Gathering using OSINT Framework |
|
00:05:00 |
|
Information Gathering using NSLOOKUP |
|
00:03:00 |
|
Information Gathering using Red Hawk Tool |
|
00:05:00 |
|
Find vulnerable webcams using SHODAN Search Engine |
|
00:09:00 |
Section 09: Scanning and Enumeration Phase |
|
What is Scanning? |
|
00:07:00 |
|
What is NMAP? |
|
00:05:00 |
|
Scan networks using ZENMAP |
|
00:17:00 |
|
What is enumeration? |
|
00:03:00 |
|
Types of Enumeration |
|
00:03:00 |
|
Enumeration using SuperScan |
|
00:07:00 |
|
Enumeration using Hyena |
|
00:06:00 |
Section 10: Vulnerability Assessment Phase |
|
What is Vulnerability Assessment? |
|
00:04:00 |
|
Phases of Vulnerability Assessment and Penetration Testing |
|
00:08:00 |
|
Vulnerability Scoring Systems |
|
00:09:00 |
|
Introduction to Nessus Vulnerability Scanning |
|
00:05:00 |
|
How to configure a scan in Nessus? |
|
00:08:00 |
|
Analyze Nessus Scan Results |
|
00:08:00 |
Section 11: Web Server Penetration Testing |
|
What is a Web Server? |
|
00:05:00 |
|
Web Server Attacks |
|
00:05:00 |
|
Web Server Penetration Testing |
|
00:04:00 |
|
Web Server Countermeasures |
|
00:05:00 |
Section 12: OWASP Top 10 Vulnerabilities and Website Footprinting |
|
OWASP Top 10 Attacks: Part 1 |
|
00:05:00 |
|
OWASP Top 10 Attacks: Part 2 |
|
00:07:00 |
|
Website Foot printing Part 1 |
|
00:05:00 |
|
Website Foot printing Part 2 |
|
00:03:00 |
Section 13: Command Execution and Find upload Vulnerabilities |
|
Exploiting Basic Command Execution Vulnerability |
|
00:07:00 |
|
Exploiting Advance Command Execution Vulnerability |
|
00:07:00 |
|
Configuring Burp Suite |
|
00:16:00 |
|
Exploiting Basic File Upload Vulnerability |
|
00:10:00 |
|
Exploiting Intermediate File Upload Vulnerability |
|
00:07:00 |
|
Exploiting Advance File Upload Vulnerability |
|
00:08:00 |
Section 14: SQL Injection and Database Hacking |
|
What is SQL Injection Vulnerability? |
|
00:04:00 |
|
Types of SQL Injection Vulnerabilities |
|
00:05:00 |
|
How to carry out manual SQL Injection? |
|
00:17:00 |
|
Automating SQL Injection Vulnerability using SQL map |
|
00:09:00 |
|
How to prevent SQL Injection Attacks? |
|
00:03:00 |
Section 15: Cross Site Scripting (XSS) |
|
What is XSS? |
|
00:03:00 |
|
Types of XSS Attacks |
|
00:06:00 |
|
Exploiting Basic XSS Vulnerability |
|
00:11:00 |
|
Exploiting Intermediate XSS Vulnerability |
|
00:05:00 |
|
Exploiting Advance XSS Vulnerability |
|
00:11:00 |
|
How to prevent XSS Attacks? |
|
00:04:00 |
Section 16: Password Cracking and Cross Site Request Forgery (CSRF) |
|
What is CSRF? |
|
00:06:00 |
|
What is a Brute Force Attack? |
|
00:05:00 |
|
How to crack usernames and passwords using Burp Suite? |
|
00:18:00 |
Section 17: Web Application Penetration Testing Guide |
|
The complete guide to Website Penetration Testing |
|
00:09:00 |
|
Web Application Countermeasures |
|
00:06:00 |
Section 18: Denial of Service (DOS) |
|
What is a DOS/DDOS Attack? |
|
00:03:00 |
|
Types of DOS Attacks? |
|
00:05:00 |
|
What is a BOTNET? |
|
00:03:00 |
Section 19: IMPORTANT - Writing a BUG BOUNTY report |
|
Start writing a bug bounty report! |
|
00:08:00 |
|
Components of a Bug Bounty Report |
|
00:14:00 |
|
Exploiting CSRF Vulnerability? |
|
00:07:00 |
Assignment |
|
Assignment -Bug Bounty – Web Application Penetration Testing Bootcamp |
|
00:00:00 |