Udemy
    •  
    •  
    •  
    •  
    •  
    •  
    •  
    •  
Turn what you know into an opportunity and reach millions around the world.
Learn More
Your cart is empty.
Keep shopping
Bug Bounty - An Advanced Guide to Finding Good Bugs
Rating: 4.2 out of 5(173 ratings)
1,758 students

Bug Bounty - An Advanced Guide to Finding Good Bugs

Ethical Hacking - Real World Bug Bounty Techniques
Created byHussein Daher
Last updated 1/2022
English

What you'll learn

  • Identify interesting behaviours in web applications to find great bugs
  • Think outisde the box to approach a target
  • Chain lower bugs to get an impactful one
  • Write a comprehensive and detailed report

Course content

1 section13 lectures10h 0m total length
  • Introduction and Table of Content3:50
  • SQL Injection1:16:58
  • XXE59:58
  • SSRF1:05:54
  • RCE55:01
  • Thinking outside the b0x45:28
  • Path Traversal47:28
  • Access Control Issues16:18
  • Authentication Issues23:29
  • Cache Poisoning14:29
  • Information Disclosure5:38
  • Server Side Template Injection10:07
  • Question & Answers2:55:35

Requirements

  • Medium-Good knowndlege of web application security

Description

UPDATE: as of this course becoming the #bestseller on Udemy, we have opened a private discord channel for all students where we do 1 live hacking session per week. Please join the discord after enrolling to attend the live hacking sessions! Thank you for the trust!

Bug bounties are evolving year after year and thousands of infosec enthuasiasts are looking to join the boat. Having a great place on that boat requires dedication and investing a great amount of time of work. In fact, there are multiple types of vulnerabilities and mastering the most important of these can be a game changer. In this class, attendees will learn the "how" and "why" of vulnerabilities they are already aware of instead of sticking to what the vulnerability is in general. This class will be based on real-life scenarios to show how to think out of the box in different scenarios to bring in the maximum impact.


During the session, students will have hands on excercises with:

  1. SQL Injection

  2. XXE

  3. SSRF

  4. RECON out of the box

  5. RCE

  6. SSTI

  7. Directory Traversal

  8. Access Control Vulns

  9. Authentication Issues

  10. Cache Poisoning

  11. Info Disclosure

  12. More subjects to be treated

Who Should Attend This Course

This course is intended for students with an interest in bug bounties, web vulnerability discovering and exploitation, or general infosec enthusiast who whish to know more about the side of bug bounties. Students should be comfortable with the type of vulnerabilities mentionned because we are not going to cover from a totaly beginner's side.


Key Takeaways

  1. Students will learn in-depth about a vulnerability exploitation

  2. Students will be able to approach a target effectively

  3. Students will learn thinking out of the box in different scenarios


Who this course is for:

  • Bug bounty hunters and anyone interested into web application security
  • Pentesters
  • Hackers