Web Security & Bug Bounty Learn Penetration Testing in 2023

10h 28m 11s
English
Paid

Embark on a rewarding journey towards becoming a Bug Bounty Hunter with no prior experience required. Dive into the world of hacking websites, fixing vulnerabilities, and enhancing web security. Our comprehensive course covers everything from penetration testing basics to mastering the latest tools and best practices for 2023!

Course Highlights

  • Comprehensive Learning Path: Master penetration testing from the ground up to excel as a bug bounty hunter and web security expert.
  • Setting Up Your Hacking Lab: Learn how to configure Kali Linux and virtual machines compatible with Windows, Mac, and Linux systems.
  • Practical Hacking Skills: Gain hands-on experience by hacking and attacking systems with known vulnerabilities.
  • Burpsuite Mastery: Understand and effectively use the Burpsuite tool for bug hunting.
  • Key Attack Techniques: Command Injection/Execution, Bruteforce Attacks, Security Misconfiguration.
  • Exploiting Vulnerabilities: Dive into SQL Injection, Logging & Monitoring Best Practices.
  • Networking and Discovery: Enhance networking skills and perform Website Enumeration & Information Gathering.
  • Exploiting Common Web Vulnerabilities: HTML Injections, Broken Authentication, Access Control Issues, Cross-Site Scripting (XSS).
  • Advanced Injection Attacks: Explore XML, XPath Injection, XXE.
  • Foundational Knowledge: Learn Web Fundamentals and Linux Terminal Fundamentals.
  • Secure Future Applications: Learn to discover, exploit, and mitigate all types of web vulnerabilities using industry best practices.
  • Monetizing Your Skills: Discover how to turn bug bounty hunting into a profitable career.

About the Author: zerotomastery.io

zerotomastery.io thumbnail
Whether you are just starting to learn to code or want to advance your skills, Zero To Mastery Academy will teach you React, Javascript, Python, CSS and more to help you advance your career, get hired and succeed at some of the top companies in the world.

Watch Online 87 lessons

This is a demo lesson (10:00 remaining)

You can watch up to 10 minutes for free. Subscribe to unlock all 87 lessons in this course and access 10,000+ hours of premium content across all courses.

View Pricing
0:00
/
#1: Course Outline
All Course Lessons (87)
#Lesson TitleDurationAccess
1
Course Outline Demo
06:10
2
Join Our Online Classroom!
04:02
3
What is Penetration Testing ?
05:44
4
What is Bug Bounty ?
06:36
5
ZTM Resources
04:24
6
Virtual Box, Kali Linux Download
11:10
7
Important - New Kali Linux Categories
01:27
8
Kali Linux Installation
12:15
9
OWASPBWA Installation
08:36
10
Creating TryHackMe Account
02:48
11
2 Paths
02:06
12
Website Enumeration - Theory
05:01
13
Google Dorks
11:29
14
Ping, Host, Nslookup ...
07:22
15
Whatweb
08:53
16
Dirb
06:21
17
Nmap
11:29
18
Nikto
06:33
19
Burpsuite Configuration
07:48
20
Burpsuite Intercept
07:28
21
Burpsuite Repeater
07:49
22
Burpsuite Intruder
09:21
23
HTML Injection - Theory
03:25
24
HTML Injection 1 on TryHackMe
09:02
25
HTML Injection 2 - Injecting User-Agent Header
03:50
26
Injecting Cookie Field and Redirecting The Page
05:24
27
Advance Example of HTML Injection
13:19
28
Command Injection Theory
04:15
29
Command Injection On TryHackMe and Blind Command Injection
09:56
30
Solving Challenges With Command Injection
09:31
31
Running PHP Reverse Shell With Command Execution Vulnerability
07:27
32
Bypassing Input Filter And Executing Command
07:26
33
Broken Authentication Theory
04:24
34
Broken Authentication On TryHackMe
06:01
35
Broken Authentication Via Cookie
04:31
36
Basic Authorization in HTTP Request
06:35
37
Forgot Password Challenge
08:22
38
Session Fixation Challenge
05:10
39
Cluster Bomb Bruteforce
06:39
40
Hydra Bwapp Form Bruteforce
12:21
41
Hydra Post Request Form Bruteforce
05:25
42
Extra - Hydra SSH Attack
04:16
43
Sensitive Data Exposure Example
10:12
44
Broken Access Control - Theory
06:28
45
Accessing passwd With BAC
04:25
46
Ticket Price IDOR
06:34
47
Security Misconfiguration - Default App Credentials
04:42
48
Exercise: Imposter Syndrome
02:57
49
XSS Theory
06:13
50
Changing Page Content With XSS
10:54
51
Bypassing Simple Filter
03:49
52
Downloading a File With XSS Vulnerability
09:06
53
DOM XSS Password Generator
05:36
54
JSON XSS
08:10
55
Old Vulnerable Real Applications
04:12
56
SQL Injection Theory
04:01
57
Guide To Exploiting SQL Injection
08:01
58
Getting Entire Database
05:26
59
Extracting Passwords From Database
19:44
60
Bypassing Filter In SQL Query
06:07
61
Blind SQL Injection
11:39
62
XPath Injection
06:24
63
XPath Injection 2
03:58
64
XXE
07:23
65
Components With Known Vulnerabilities Example
10:07
66
Insufficient Logging And Monitoring Example
04:02
67
Whats Next & How To Earn Money By Finding Vulnerabilities ?
11:36
68
Browsing the Web
06:01
69
Breaking Google
03:01
70
The Internet Backbone
05:30
71
Traceroute
02:25
72
HTML, CSS, Javascript
05:05
73
Build Your First Website
07:49
74
HTML Tags
08:40
75
Your First CSS
13:43
76
What Is Javascript?
05:34
77
Your First Javascript
11:42
78
Javascript On Our Webpage
09:06
79
HTTP/HTTPS
19:59
80
Introduction To Databases
10:55
81
SQL: Create Table
05:16
82
SQL: Insert Into + Select
04:34
83
What is PHP?
05:17
84
Linux 1 - ls, cd, pwd, touch...
13:47
85
Linux 2 - sudo, nano, clear ...
07:01
86
Linux 3 - ifconfig, nslookup, host ...
07:35
87
Thank You
01:14
Unlock unlimited learning

Get instant access to all 86 lessons in this course, plus thousands of other premium courses. One subscription, unlimited knowledge.

Learn more about subscription