Bug Bounty Secrets - Bug Bounty From Industry's Perspective

Name: Bug Bounty Secrets - Bug Bounty From Industry's Perspective
Rating: 4.4 (98 reviews)

Bug Bounty Made Easy : Test Web Apps & Earn Money With Bug Bounty Secrets

Created byCorporate Security Institute (CSI), Mandeep Singh

Last updated 8/2021

English

What you'll learn

Audit on any web app
OWASP testing methodology
Find complex bugs and security issues

Course content

8 sections • 22 lectures • 3h 29m total length

Conduct Search Engine Discovery Reconnaissance for Information Leakage4:34
Fingerprint Web Server3:36
Review Web Server Meta Files2:19
Review web server files for information leakage and learn how robots and noindex prevent web pages from being indexed by search engines, including the wp admin login page.
Review Web Page Comments And Meta Tags1:52
Review web page comments and metadata to identify information leakage in source code, including usernames and passwords, and learn how viewing the page source reveals admin access risks.
Fingerprint Web App Framework2:09

Testing for Cross Site Scripting40:18
Explore cross site scripting vulnerabilities, focusing on reflected and dom cross-site scripting, input vectors, and bypass techniques with lab demos showing cookie theft and session hijacking.
Testing for SQL Injection12:12
Testing for SQL Injection -Continue20:56
Testing for Command Injection7:11
Testing for LDAP Injection9:50
HTTP Verb Tampering2:31
Testing for XXE7:12
HTTP Parameter Pollution8:08

Requirements

Basic knowledge of linux
Basic knowledge of hacking tools like Metasploit, Burpsuite, NMap, etc

Description

Before I share my goal with this bug bounty secrets class, Let me first help you to get the big picture!

OWASP TOP 10 IS DEAD!
Sadly the experts promote this concept too excessively :(
Most beginners in the industry think that this will get them a job.
OWASP Top 10 is not what anyone will ask you in an interview. Infect, It is the OWASP Testing Methodology, they are looking for!!!

You see, All these Big Companies and Top Brands,
Well, When these companies get's Hacked/Breached, and then they are sued in the court by one person or another

THE ONLY WAY TO GET OUT IS BY PROVING ENTERPRISE GRADE REPORTS!!!
Now you may ask why should you care?

In a nutshell, They have to present a BOOK to the court. This book is a 100-150 page methodology report.
They show that We did all the tests given in a Global Methodology. Now if they get hacked, it's not their fault

I want to teach you this methodology and help you differentiate yourself from the rest.
This course will allow you the Gain the ability to do a Complete Web Application Audit and create that book!

Now before you press that Enroll Button, I want to tell you that this course is not meant for everyone.
There is a lot of work needed. This won't be a Feed Me From Spoon Experience. Things are tough, But if you are willing to put in that Extra Concentrated Effort for a week on this course...

I PROMISE!!!
This is the best decision you would have made. Moreover, There is no way you can go wrong with Udemy's Money Back Guarantee.

Let's dive in this journey from zero to hero on web app testing.
~ Mandeep Singh

Who this course is for:

People who want to become a professional web security analyst
Aspiring website penetration testing & bug hunting experts
Ethical hackers who want to specialize in web penetration testing

Bug Bounty Secrets - Bug Bounty From Industry's Perspective

What you'll learn

Explore related topics

Course content

Information Gathering5 lectures • 15min

Configuration and Deployment Management Testing1 lecture • 18min

Identity Management Testing1 lecture • 9min

Authentication Testing2 lectures • 28min

Authorization Testing2 lectures • 12min

Session Management Testing2 lectures • 15min

Input Validation Testing8 lectures • 1hr 48min

Client Side Testing1 lecture • 5min

Requirements

Description

Who this course is for: