Bug Bounty Hunting: Guide to an Advanced Earning Method
3.9 (42 ratings)
Course Ratings are calculated from individual students’ ratings and a variety of other signals, like age of rating and reliability, to ensure that they reflect course quality fairly and accurately.
4,498 students enrolled

Bug Bounty Hunting: Guide to an Advanced Earning Method

Learn the techniques of finding bugs with live practical examples of bug hunting on web applications/websites.
3.9 (42 ratings)
Course Ratings are calculated from individual students’ ratings and a variety of other signals, like age of rating and reliability, to ensure that they reflect course quality fairly and accurately.
4,498 students enrolled
Created by Paratosh Kumar
Last updated 12/2019
English
English [Auto]
Current price: $48.99 Original price: $69.99 Discount: 30% off
5 hours left at this price!
30-Day Money-Back Guarantee
This course includes
  • 3.5 hours on-demand video
  • Full lifetime access
  • Access on mobile and TV
  • Certificate of Completion
Training 5 or more people?

Get your team access to 4,000+ top Udemy courses anytime, anywhere.

Try Udemy for Business
What you'll learn
  • How to identify and distinguish different types of bugs.
  • Finding bugs in real-world websites.
  • To create a bug report with its complete description.
  • Methods of earning through bug documentation on the websites.
  • Rewards you can get from Bug Hunting on a website.
  • Live POCs of websites.
Requirements
  • A laptop with a strong internet connection.
  • Basic knowledge of web technologies.
  • Basic computer and Internet browsing knowledge.
Description

This course includes all the methods to find any vulnerability in websites/ web applications and their exploitation. This Bug Bounty Hunting program is designed to inform all the latest vulnerabilities on websites like CSRF attacks, Web Application attacks, Injection attacks and many more. You will also learn the procedure in which you get paid or earn many other rewards by documenting and disclosing these bugs to the website’s security team. So, this course will give you a precise introduction to the bugs that you can report and earn money.

Who this course is for:
  • Anyone who wants to earn from Bug Hunting.
Course content
Expand all 71 lectures 03:17:44
+ Information Gathering
7 lectures 19:00
What is Information Gathering?
00:48
Concept of Digital Footprinting
00:42
What Information to Gather?
00:59
What is Whois Information?
02:16
Information Gathering About People & Organisation
04:32
Gathering Information About Websites
04:42
Google Dorking & GHDB
05:01
+ Setting Up Labs
2 lectures 07:00
DVWA Introduction & Configuration
03:56
bWAPP Introduction & Configuration
03:04
+ Introduction to Burp Suite
2 lectures 06:03
Introduction to Burp Suite
02:27
Steps to Configure
03:36
+ SQL Injection
9 lectures 30:03
Introduction to SQL
01:06
Writing Basic SQL Query
01:54
Different Types of Comments Used in SQL
00:53
SQLi Introduction & Impact
02:59
Union Based SQLi
12:22
Boolean Based SQLi
03:32
Time based SQLi
02:45
Validation Bypass (Client and Server)
02:47
IDOR Vulnerability
01:45
+ Web Application Attacks
6 lectures 15:57
IDOR (BWAPP)
02:54
Rate Limiting Flaw
02:40
File Upload Vulnerability
01:15
File Upload on DVWA
04:06
Live IDOR POC
02:54
Live Rate Limiting Flaw POC
02:08
+ Cross Site Script (XSS)
8 lectures 22:47
What Is Cross Site Scripting(XSS)?
02:41
Stored XSS
01:26
Stored XSS (DVWA)
04:13
Reflected XSS
01:33
Reflected XSS (DVWA)
05:12
DOM Based XSS
02:54
Blind XSS
01:36
Live XSS POC
03:12
+ Header Injection & URL Redirection
3 lectures 10:05
Host Header Injection Methods & URL Redirection
05:50
Live Host Header Injection POC
03:02
Live URL Redirection POC
01:13
+ Client Side Attacks
10 lectures 27:19
Understanding Session, Cookie & Session Fixation
05:17
Forced Browsing
01:47
Cross Site Request Forgery Introduction
03:15
CSRF Attack (DVWA)
03:48
Open Redirection
01:18
Personally Identifiable Information (PII)
01:25
9.7 Sensitive Information Disclosure
00:37
Live CSRF POC
06:04
Live Sensitive Information POC
01:58
Live Session Fixation POC
01:50
+ Brute Forcing
3 lectures 08:56
Brief About Brute Force
02:01
Brute Force DVWA
04:11
Live OTP Brute Force POC
02:44