fbpx
4.29 out of 5
4.29
844 reviews on Udemy

Bug Bounty Hunting – Offensive Approach to Hunt Bugs

A Manual Bug Bounty Hunting Course
Instructor:
Vikash Chaudhary
2,642 students enrolled
Hall of Fame | Rewards | Bug Bounty | Appreciation | Bug Bounty Hunting | Cyber Security | Web Application Penetration Testing

Welcome to Manual Bug Bounty Hunting – Offensive Approach to Hunt Bugs. this course will cover most of the vulnerabilities of OWASP TOP 10 & Web Application Penetration Testing.

You will start as a beginner with no hands-on experience on bug bounty hunting and Penetration testing, after this course you will emerge as a stealth Bug Bounty Hunter.

Bug bounty hunting is the act of finding security vulnerabilities or bugs in a website and responsibly disclosing it to that company’s security team in an ethical way. Bug bounties, also known as responsible disclosure programs, are set up by companies to encourage people to report potential issues discovered on their sites. Some companies choose to reward a researcher with bounty, swag, or an entry in their hall-of-fame list. If you are interested in web application security then they have a great place of honing your skills, with the potential of earning some bounty and credibility at the same time.

Introduction

1
About Instructor
2
Course Introduction and Overview
3
Why you should take this ?
4
Teaser of Offensive Approach to Hunt Bugs

Information Gathering & Basic Terminologies

1
Information Gathering

Introduction of Burpsuite

1
Steps to Configure Burpsuite with Firefox
2
How to Use Burpsuite - Spider | Repeater | Intruder

Comprehensive XSS

1
Background Concept about XSS
2
Basic XSS
3
Basic XSS on Lab
4
Manual Building XSS Vector
5
XSS through Filter Bypassed XSS payloads On Lab
6
XSS On Live Websites
7
XSS Hunting Live Part 1
8
XSS Hunting Live Part 2
9
XSS Hunting Live Part 3
10
XSS Through Header Parameter
11
Reflected XSS Vs Stored XSS
12
Exploitation of XSS : - 1. URL Redirection
13
Exploitation of XSS : - 2. Phishing Through XSS
14
Exploitation of XSS : - 3. Cookie Stealing
15
XSS Through File Uploading
16
XSS Through Remote File Inclusion
17
Convert Self XSS to Reflected XSS
18
POC - 1 XSS Attack Discovered by Shubham Maheshwari

Former name :shubhack

linkedin profile :
https://www.linkedin.com/in/shubhack319

Current : Studying as Comp Engineering in Pune

19
POC - 2 XSS Attack Discovered by Shubham Maheshwari

Former name :shubhack

linkedin profile :
https://www.linkedin.com/in/shubhack319

Current : Studying as Comp Engineering in Pune

20
POC - 3 XSS Attack Discovered by Shubham Maheshwari

Former name :shubhack

linkedin profile :
https://www.linkedin.com/in/shubhack319

Current : Studying as Comp Engineering in Pune

21
POC 4 XSS Attack Discovered by Ankit Singh

Former name : Ankit Singh

linkedin profile :
https://www.linkedin.com/in/ankitk323/

Current : Studying as Comp Engineering in Meerut

22
POC 5 XSS Attack Discovered by Ankit Singh

Former name : Ankit Singh

linkedin profile :
https://www.linkedin.com/in/ankitk323/

Current : Studying as Comp Engineering in Meerut

23
POC 6 XSS Attack Discovered by Ankit Singh

Former name : Ankit Singh

linkedin profile :
https://www.linkedin.com/in/ankitk323/

Current : Studying as Comp Engineering in Meerut

24
POC 7 XSS Attack Discovered by Ankit Singh

Former name : Ankit Singh

linkedin profile :
https://www.linkedin.com/in/ankitk323/

Current : Studying as Comp Engineering in Meerut

25
POC 8 XSS Attack Discovered by Ankit Singh

Former name : Ankit Singh

linkedin profile :
https://www.linkedin.com/in/ankitk323/

Current : Studying as Comp Engineering in Meerut

Host Header Injection

1
Overview of Host Header Injection
2
Host Header Attack 1. Open Redirection
3
Host Header Attack 2. Cache Poisoning
4
Host Header Attack 3. Password Reset Poisoning
5
Host Header Attack 4. XSS Through Host Header
6
POC - 1 Host Header attack by Shubham Maheshwari

Former name :shubhack

linkedin profile :
https://www.linkedin.com/in/shubhack319

Current : Studying as Comp Engineering in Pune.

7
POC - 2 Host Header Attack Discovered by Shubham Maheshwari

Former name :shubhack

linkedin profile :
https://www.linkedin.com/in/shubhack319

Current : Studying as Comp Engineering in Pune

8
POC - 3 Host Header Attack Discovered by Shubham Maheshwari

Former name :shubhack

linkedin profile :
https://www.linkedin.com/in/shubhack319

Current : Studying as Comp Engineering in Pune

9
POC -4 Host Header Attack Discovered by Shubham Maheshwari

Former name :shubhack

linkedin profile :
https://www.linkedin.com/in/shubhack319

Current : Studying as Comp Engineering in Pune

10
POC - 5 Host Header Attack Discovered by Shubham Maheshwari

Former name :shubhack

linkedin profile :
https://www.linkedin.com/in/shubhack319

Current : Studying as Comp Engineering in Pune

11
POC - 6 Host Header Attack Discovered by Shubham Maheshwari

Former name :shubhack

linkedin profile :
https://www.linkedin.com/in/shubhack319

Current : Studying as Comp Engineering in Pune

12
POC - 7 Host Header Attack Discovered by Shubham Maheshwari

Former name :shubhack

linkedin profile :
https://www.linkedin.com/in/shubhack319

Current : Studying as Comp Engineering in Pune

13
XSS Task

URL Redirection

1
Background Concept about URL Redirection
2
URL Redirection Through Get Parameter
3
URL Redirection Through Path Fragments
4
POC of URL Redirection 1
5
POC of URL Redirection 2
6
POC 3 Open Redirection Vulnerability Discovered by Shubham Maheshwari

Former name :shubhack

linkedin profile :
https://www.linkedin.com/in/shubhack319

Current : Studying as Comp Engineering in Pune

7
POC 4 Open Redirection Vulnerability Discovered by Shubham Maheshwari

Former name :shubhack

linkedin profile :
https://www.linkedin.com/in/shubhack319

Current : Studying as Comp Engineering in Pune

8
POC 5 Open Redirection Vulnerability Discovered by Shubham Maheshwari

Former name :shubhack

linkedin profile :
https://www.linkedin.com/in/shubhack319

Current : Studying as Comp Engineering in Pune

9
POC 6 Open Redirection Vulnerability Discovered by Dawood Ansar

Former name : Dawood Ansar

linkedin profile :
https://www.linkedin.com/in/dawood-ansar-29403213b/

Current : Working as Information Security Analyst at Briskinfosec Technology and consulting Pvt ltd.

Parameter Tampering

1
Background Concept about Parameter Tampering
2
Parameter Tampering - Example 1

Do Not Try on any web site without permission it will lend you in legal action

3
Parameter Tampering - Example 2

Do Not Try on any web site without permission it will lend you in legal action

4
Parameter Tampering - Example 3

Do Not Try on any web site without permission it will lend you in legal action

5
Parameter Tampering - Example 4

Do Not Try on any web site without permission it will lend you in legal action

6
Parameter Tampering - Example 5

Do Not Try on any web site without permission it will lend you in legal action

HTML Injection

1
Background Concept about HTML Injection
2
HTML Injection Finding - Example1
3
HTML Injection Finding - Example2
4
HTML Injection Finding - Example3
5
Exploitation of HTML Injection

File Inclusion

1
Background Concept about File Inclusion
2
LFI Vs RFI
3
LFI Hunting Part 1
4
LFI Hunting Part 2
5
Exploitation of LFI
6
RFI Hunting

Missing/insufficient SPF record

1
Background Concept about Missing / insufficient SPF record
2
Testing SPF
3
Exploitation of SPF
4
POC 1 SPF
5
POC 2 - SPF Vulnerability Discovered by Shubham Maheshwari

Former name :shubhack

linkedin profile :
https://www.linkedin.com/in/shubhack319

Current : Studying as Comp Engineering in Pune

6
POC 3 - SPF Vulnerability Discovered by Shubham Maheshwari

Former name :shubhack

linkedin profile :
https://www.linkedin.com/in/shubhack319

Current : Studying as Comp Engineering in Pune

7
POC 4 - SPF Vulnerability Discovered by Shubham Maheshwari

Former name :shubhack

linkedin profile :
https://www.linkedin.com/in/shubhack319

Current : Studying as Comp Engineering in Pune

8
POC 5 - SPF Vulnerability Discovered by Shubham Maheshwari

Former name :shubhack

linkedin profile :
https://www.linkedin.com/in/shubhack319

Current : Studying as Comp Engineering in Pune

Insecure CORS Configuration

1
Background Concept about CORS
2
Insecure CORS by Checking Response Header
3
Insecure CORS through Request Header
4
Exploitation of Insecure CORS
5
POC Insecure CORS

Former name :shubhack

linkedin profile :
https://www.linkedin.com/in/shubhack319

Current : Studying as Comp Engineering in Pune

Server Side Request Forgery

1
Background Concept about SSRF
2
SSRF Testing on Lab
3
SSRF on Live web

big challenge you dont have log file analyzer 

how can you check the server is making request to third party domain 

for this i found a unique way to test this 

any.com ------?https://www.expressvpn.com/what-is-my-ip

any.com ip addrees 

that way we can identify the server is making request to expressvpn.com 

Exploitation of SSRF 

1. Read File from server 

file:///

2. scan the internal network 

file=http://localhost:4

3. ssrf with rfi 
lets create a html file 

testing.html 

<script>alert(1)</script>

4
Exploitation of SSRF attack
You can view and review the lecture materials indefinitely, like an on-demand channel.
Definitely! If you have an internet connection, courses on Udemy are available on any device at any time. If you don`t have an internet connection, some instructors also let their students download course lectures. That`s up to the instructor though, so make sure you get on their good side!
4.3
4.3 out of 5
844 Ratings

Detailed Rating

Stars 5
429
Stars 4
288
Stars 3
96
Stars 2
14
Stars 1
17