Intro to Bug Bounty Hunting and Web Application Hacking
Insiders guide to ethical hacking and bug bounty hunting with Ben Sadeghipour (@NahamSec)
NahamSec LLC
Summary
- Reed courses certificate of completion - Free
Overview
Welcome to Intro to Bug Bounty Hunting and Web Application Hacking, your introductory course into practical bug bounty hunting.
Learn ethical hacking principles with your guide and instructor Ben Sadeghipour (@NahamSec).
During the day, Ben works as the head of Hacker Education at HackerOne. During his free time, Ben produces content on Twitch and YouTube for other hackers, bug bounty hunters, and security researchers.
This course serves as a comprehensive guide and answers the number one question he receives, "how do I get started?"
Curriculum
-
Intro to Bug Hunting - Course Overview 01:11
-
HTTP Basics 10:08
-
Open Redirect 05:36
-
Cross-site Scripting (XSS) 22:11
-
Cross-site Request Forgery (CSRF) 06:17
-
Insecure Direct Object Reference (IDOR) 07:32
-
Local File Disclosure (LFD) 10:15
-
SQL Injection 37:43
-
Server Side Request Forgery (SSRF) 28:26
-
XML External Entity (XXE) 15:03
-
Remote Command Execution (RCE) 12:28
-
Testing File Uploaders 13:44
-
Recon 21:03
-
How to Setup Your Lab (Installing and Demos) 30:35
-
Hands on Hacking 45:35
-
Next Steps & Outro 37:40
-
Resources 07:05
Course media
Description
This course will feature:
-
An overview of 10+ vulnerability types and how to find them.
-
Hands-on labs for each vulnerability type where Ben will walk you through how each bug works and how they can be further exploited.
-
A practical lab where students will be attacking a fake organisation to test out their newly acquired skills.
-
An introduction to recon including asset discovery and content discovery.
-
You will learn the tools of the trade and how to set up your hacking lab
-
Introduction to bug bounty programs, how to read the scope, how to write a report, a good report, and how to get your first invitation to a private bug bounty program!
-
This course will be updated based on changing bug types, recon tactics, and your feedback! Purchase of the course gets you lifetime access to all information and updates.
Notes & Disclaimer
This course will be updated regularly as new information becomes available. Ben is committed to providing as much assistance as possible and will be answering relevant questions within 48 hours. Please don't be discouraged if you don't immediately find a bug, this field is for resilient people committed to learning and figuring things out without much direction. Google will be your friend, and we encourage you to try things before immediately asking for a solution.
This course is meant for educational purposes only. This information is not to be used for black hat exploitation and should only be used on targets you have permission to attack
Who is this course for?
- Beginners in cybersecurity
- People interested in bug bounty hunting
- Anyone interested in ethical hacking
- Developers looking to expand on their knowledge of vulnerabilities that may impact them
- Anyone interested in application security
- Anyone interested in Red teaming
- Anyone interested in offensive security
- Bug Bounty Hunters
- Hack Websites for Ethical Hacking
Requirements
-
Basic understanding of web technology
-
Linux basics
-
Reliable internet connection.
Certificates
Reed courses certificate of completion
Digital certificate - Included
Will be downloadable when all lectures have been completed
Reviews
Currently there are no reviews for this course. Be the first to leave a review.
Legal information
This course is advertised on reed.co.uk by the Course Provider, whose terms and conditions apply. Purchases are made directly from the Course Provider, and as such, content and materials are supplied by the Course Provider directly. Reed is acting as agent and not reseller in relation to this course. Reed's only responsibility is to facilitate your payment for the course. It is your responsibility to review and agree to the Course Provider's terms and conditions and satisfy yourself as to the suitability of the course you intend to purchase. Reed will not have any responsibility for the content of the course and/or associated materials.