Bug Bounty : Web Hacking
2.9 (300 ratings)
Instead of using a simple lifetime average, Udemy calculates a course's star rating by considering a number of different factors such as the number of ratings, the age of ratings, and the likelihood of fraudulent ratings.
10,364 students enrolled
Wishlisted Wishlist

Please confirm that you want to add Bug Bounty : Web Hacking to your Wishlist.

Add to Wishlist

Bug Bounty : Web Hacking

Earn by hacking legally
2.9 (300 ratings)
Instead of using a simple lifetime average, Udemy calculates a course's star rating by considering a number of different factors such as the number of ratings, the age of ratings, and the likelihood of fraudulent ratings.
10,364 students enrolled
Created by Amit Huddar
Last updated 4/2017
English
English [Auto-generated]
Current price: $12 Original price: $200 Discount: 94% off
3 days left at this price!
30-Day Money-Back Guarantee
Includes:
  • 5.5 hours on-demand video
  • 13 Supplemental Resources
  • Full lifetime access
  • Access on mobile and TV
  • Certificate of Completion

Training 5 or more people?

Get your team access to Udemy's top 2,000 courses anytime, anywhere.

Try Udemy for Business
What Will I Learn?
  • Hack websites
  • Participate in bug bounty programs for hackers
  • Earn by hacking legally
View Curriculum
Requirements
  • Basic computer and Internet browsing knowledge
  • One should have a laptop powered with windows or linux OS
Description

In this course you will learn how to hack facebook, google, paypal  type of  web application, you will not just learn
hacking them, you will even learn how to earn from hacking them and its all 100% legal, Earning by hacking legally is
known as bug bounty program, 250+ companies have bug bounty program, Facebook paid 5 million to hackers,
Google paid over $6 million and many others do pay. One earns millions to 100,000$/month, so basically bug bounty program is where hackers get paid for hacking and disclosing bugs to parent company, if you want to earn by hacking means this course is for you, this course will help you to get started in bug bounty program.
what all instructor have covered in this course:
first tools: Burp Suite, Browser Plugins, Lots of software in Kali Linux OS
after that all types of vulnerability: SQL, XSS, CSRF injection and many more
then finally methodology of doing bug bounty
so that's all in this course this much is enough to learn to begin with bug bounty
if you want to be one among those ethical hackers then enroll into my course "Bug Bounty: Web hacking"  now!

Who is the target audience?
  • Anyone interested in hacking
  • Who want to pursue ethical hacking as carrier
  • Who want to earn by hacking legallly
Compare to Other Bug Bounty Courses
Curriculum For This Course
112 Lectures
05:22:05
+
Let's Get Started
2 Lectures 04:07

In This video we see GitHub.

Preview 02:53
+
Tools
24 Lectures 01:52:56

In This video we see Vega.

Preview 06:05

Setting up Atmosphere
03:21

In This video we see

Nikto.

Nikto
05:28

In This video we see

Sub Domain.

Sub Domain
05:39

In This video we see

Recon-ng.

Recon ng
09:29

In This video we see Knockpy.

knockpy
03:04

In This video we see NMap.

Nmap
05:59

In This video we see

continue of Burp Suite.
 

Burp Suite Cont.
04:50

In This video we see

Spider.

Spider
06:51

In This video we see Scanner.

Scanner
07:07

In This video we see

Intruder.

Intruder
06:23

Repeater
03:59

Sequencer
04:29

Analyzing Sequencer Data
03:59

Decoder
01:52

Comparer
02:13

Save and Restore
03:46

In This video we see Authorization.

Authorization
04:29

In This video we see BWapp.

BWap
05:37

In This video we see Wapplayzer.

wapplayzer
04:53

In This video we see Firebug.

Firebug
03:10

In This video we see Hack bar.

Hack bar
03:45

User agent Switcher
02:42

In This video we see Sublist3r.

Sublist3r
03:46
+
WordPress Hacking
6 Lectures 25:17

In This video we see WP Scan.

WP Scan
04:40

In This video we see WP Scan Codex.

WP Scan Codex
05:03

In This video we see WP Scan Template Monster.

WP Scan Template Monster
07:49

In This video we see WP Scan theme.

WP Scan theme
03:36

In This video we see WP Scan User.

WP Scan User
01:19

In This video we see CMS Map.

CMS Map
02:50
+
Cross-site scripting (XSS)
6 Lectures 13:57

In This video we see XSS Demo.

XSS Demo
02:54

https://threatpost.com/yahoo-mail-xss-bug-worth-another-10k-to-researcher/122376/

Vulnerable URL:
http://www.lenovo.cz/tiskove-zpravy/admin/index.php?e="/></script><script>alert(/openbugbounty/)</script>



XSS Lenovo Yahoo
01:45

https://whitton.io/articles/uber-turning-self-xss-into-good-xss/

XSS Uber
02:53

In This video we see XSS Paypal.

XSS Paypal
01:53

In This video we see XSS WhatsApp Facebook.

XSS WhatsApp Facebook
01:56

In This video we see Counter Measures for XSS.

Counter Measures for XSS
02:36
+
SQL Injection (SQLi)
5 Lectures 10:28

In This video we see SQL Drupal.

SQL Drupal
02:33

http://devco.re/blog/2016/04/21/how-I-hacked-facebook-and-found-someones-backdoor-script-eng-ver/

Facebook SQL Injection
02:00

In This video we see Counter measures for SQL.

Counter Measures for SQL
03:02


Template Injection
01:54

In This video we see Similar Reports of Template Injection.

Template Injection similar Reports
00:59
+
Clickjacking
4 Lectures 06:38

In This video we see Clickjacking.

Clickjacking
02:37

In This video we see Clicjacking Report.


Clickjacking Report
01:31

1.website:
 https://hackerone.com/reports/21110

 Clickjacking

 Reported To :Mavenlink
 Type        :UI Redressing (Clickjacking)
 Bounty         :$50
------------------------------------------------------------------
2.website:
 https://hackerone.com/reports/128645

 Clickjacking on authenticated pages which is inscope for New Relic
 Reported To :New Relic
 Types       :Authentication, Privilege Escalation
------------------------------------------------------------------
3.website:
 https://hackerone.com/reports/7492

 Clickjacking: X-Frame-Options header missing

 Reported To :Minr.es
 Type        :UI Redressing (Clickjacking)
-------------------------------------------------------------------
4.website:
 https://hackerone.com/reports/8724

 Clickjacking

 Reported To :Mail.Ru
 Type        :UI Redressing (Clickjacking)
 Bounty        :$150
-------------------------------------------------------------------
5.website:
 https://hackerone.com/reports/119828

 Found clickjacking vulnerability

 Reported To  :LeaseWeb
 Type         :UI Redressing (Clickjacking)
--------------------------------------------------------------------

Clickjacking Injection Similar Report
01:27

In This video we see IFrame.

IFrame Demo
01:03
+
Open Redirect Vulnerability
2 Lectures 03:40

In This video we see Open Redirect Report.

Open Redirect Report
02:20

In This video we see Open Redirect Similar Report.

Open Redirect Similar Report
01:20
+
Cross-Site Request Forgery (CSRF)
8 Lectures 13:19

In This video we see CSRF (change password) Demo.

CSRF (change password) Demo
01:23

In This video we see

CSRF Injection.

CSRF Injection
02:13

In This video we see CSRF Townwars.

CSRF Townwars
01:11

In This video we see CRF Badoo.

CRF Badoo
02:07


CRLF Injection Similar Report
01:32

In This video we see Shellshock.

This report consist of $20k bug.

Shellshock
01:23

In This video we see SSRF.

SSRF
01:42


SSRF Similar Report
01:48
+
Full Path Disclosure
5 Lectures 08:55

In This video we see Full path Disclosure.

Full Path Disclosure
02:01

In This video we see Full Path Disclosure Report.

Full Path Disclosure Report
01:14

In This video we see Similar Reports of

Full Path Disclosure Report.


Full Path Disclosure Similar Report
01:09

In This video we see Insecure Cryptographer Storage.

Insecure Cryptographic Storage
02:06

In This video we see Insecure Direct object References.

Insecure Direct object References
02:25
+
Broken Authentication and Session Management
9 Lectures 19:38

In This video we see Autorize. 

Autorize
04:32

In This video we will see Broken Auth - Insecure Login Forms Demo.

Broken Auth - Insecure Login Forms Demo
01:32

In This video we will see Privilege.

Privilege
02:01

In This video we will see Privilege Bookfresh.

Privilege Bookfresh
01:42

In This video we will see Testing for Privilege Manipulation.

Testing for Privilege Manipulation
02:03

In this video we will see Session Mgmt - Administrative Portals.

Session Mgmt - Administrative Portals
00:56

In this video we will see Session report

Session Report
03:06

In this video we will see Application Logic Report.

Application logic report
02:11

In this video we will see Application Logic similar Report.

Application logic similar report
01:35
5 More Sections
About the Instructor
Amit Huddar
3.2 Average rating
1,582 Reviews
61,785 Students
12 Courses
Scientist, Engineer, Android Developer,Trainer and CEO

Amit Huddar is an Internet Entrepreneur and Software Engineer. He runs his own software company "Softdust", which develops products using new technology such as Android Wear (smartwatch and Google Glass). He believes wearable gadgets are the future of personal computing.

He believe 2017 to 2025 is meant for app developers

Many made millions out of app development, yet he believe it's just beginning.

He is CEO of Softdust  (software firm).

Amit opted to study Computer Science Engineering in 2013 at SSIT. He started his software company in his first year of Engineering and it became successful, so he dropped out in September, 2014.

He has worked on non-conventional forms of energy.

Amit demonstrated his design of a tidal energy power plant model at a national level and won awards from prestigious institutes including the ISRO (Indian Space Research Organisation) and NITK (National Institute of Technology Karnataka).

He is quantum physicist too.

Amit worked on practical application of quantum leap with fellow scientists at IISc (Indian Institute of Science), India’s leading research institute and also ranked as 23rd best in the world.

He applies and believes in the law of attraction.

Whilst the basic principles of reasoning from physics are important to him, so equally is the law of attraction also important. This plays a very important role in his life.

Skills: Android app development, HTML, CSS, PHP, C, C++, JAVA, Linux, building custom Linux OS, cloud computing, penetration testing, Kali Linux and Hacking.
Languages spoken: English, Hindi, Kannada.