Web Security & Bug Bounty Learn Penetration Testing in 2023
10h 28m 11s
English
Paid
Course description
Start a career or earn a side income by becoming a Bug Bounty Hunter. No experience needed. Hack websites, fix vulnerabilities, improve web security and much more. You'll learn penetration testing from scratch and master the most modern pentesting tools & best practices for 2021!
Read more about the course
- Learn Penetration Testing from scratch to become a bug bounty hunter and web security expert
- Setting Up Your Hacking Lab: Kali Linux and Virtual Machines (Works with Windows/Mac/Linux)
- Learn How To Hack & Attack Systems With Known Vulnerabilities
- Bug Hunter and the Burpsuite Tool
- Command Injection/Execution
- Bruteforce Attacks
- Security Misconfiguration
- SQL Injection
- Logging & Monitoring Best Practices
- Networking Fundamentals
- Discover, exploit, and mitigate all types of web vulnerabilities. Secure any of your future applications using best practices
- How to make money from bug bounty hunting and make a career of it
- Website Enumeration & Information Gathering
- HTML Injections
- Broken Authentication
- Broken Access Control
- Cross Site Scripting - XSS
- XML, XPath Injection, XXE
- Web Fundamentals
- Linux Terminal Fundamentals
Watch Online
0:00
/ #1: Course Outline
All Course Lessons (87)
| # | Lesson Title | Duration | Access |
|---|---|---|---|
| 1 | Course Outline Demo | 06:10 | |
| 2 | Join Our Online Classroom! | 04:02 | |
| 3 | What is Penetration Testing ? | 05:44 | |
| 4 | What is Bug Bounty ? | 06:36 | |
| 5 | ZTM Resources | 04:24 | |
| 6 | Virtual Box, Kali Linux Download | 11:10 | |
| 7 | Important - New Kali Linux Categories | 01:27 | |
| 8 | Kali Linux Installation | 12:15 | |
| 9 | OWASPBWA Installation | 08:36 | |
| 10 | Creating TryHackMe Account | 02:48 | |
| 11 | 2 Paths | 02:06 | |
| 12 | Website Enumeration - Theory | 05:01 | |
| 13 | Google Dorks | 11:29 | |
| 14 | Ping, Host, Nslookup ... | 07:22 | |
| 15 | Whatweb | 08:53 | |
| 16 | Dirb | 06:21 | |
| 17 | Nmap | 11:29 | |
| 18 | Nikto | 06:33 | |
| 19 | Burpsuite Configuration | 07:48 | |
| 20 | Burpsuite Intercept | 07:28 | |
| 21 | Burpsuite Repeater | 07:49 | |
| 22 | Burpsuite Intruder | 09:21 | |
| 23 | HTML Injection - Theory | 03:25 | |
| 24 | HTML Injection 1 on TryHackMe | 09:02 | |
| 25 | HTML Injection 2 - Injecting User-Agent Header | 03:50 | |
| 26 | Injecting Cookie Field and Redirecting The Page | 05:24 | |
| 27 | Advance Example of HTML Injection | 13:19 | |
| 28 | Command Injection Theory | 04:15 | |
| 29 | Command Injection On TryHackMe and Blind Command Injection | 09:56 | |
| 30 | Solving Challenges With Command Injection | 09:31 | |
| 31 | Running PHP Reverse Shell With Command Execution Vulnerability | 07:27 | |
| 32 | Bypassing Input Filter And Executing Command | 07:26 | |
| 33 | Broken Authentication Theory | 04:24 | |
| 34 | Broken Authentication On TryHackMe | 06:01 | |
| 35 | Broken Authentication Via Cookie | 04:31 | |
| 36 | Basic Authorization in HTTP Request | 06:35 | |
| 37 | Forgot Password Challenge | 08:22 | |
| 38 | Session Fixation Challenge | 05:10 | |
| 39 | Cluster Bomb Bruteforce | 06:39 | |
| 40 | Hydra Bwapp Form Bruteforce | 12:21 | |
| 41 | Hydra Post Request Form Bruteforce | 05:25 | |
| 42 | Extra - Hydra SSH Attack | 04:16 | |
| 43 | Sensitive Data Exposure Example | 10:12 | |
| 44 | Broken Access Control - Theory | 06:28 | |
| 45 | Accessing passwd With BAC | 04:25 | |
| 46 | Ticket Price IDOR | 06:34 | |
| 47 | Security Misconfiguration - Default App Credentials | 04:42 | |
| 48 | Exercise: Imposter Syndrome | 02:57 | |
| 49 | XSS Theory | 06:13 | |
| 50 | Changing Page Content With XSS | 10:54 | |
| 51 | Bypassing Simple Filter | 03:49 | |
| 52 | Downloading a File With XSS Vulnerability | 09:06 | |
| 53 | DOM XSS Password Generator | 05:36 | |
| 54 | JSON XSS | 08:10 | |
| 55 | Old Vulnerable Real Applications | 04:12 | |
| 56 | SQL Injection Theory | 04:01 | |
| 57 | Guide To Exploiting SQL Injection | 08:01 | |
| 58 | Getting Entire Database | 05:26 | |
| 59 | Extracting Passwords From Database | 19:44 | |
| 60 | Bypassing Filter In SQL Query | 06:07 | |
| 61 | Blind SQL Injection | 11:39 | |
| 62 | XPath Injection | 06:24 | |
| 63 | XPath Injection 2 | 03:58 | |
| 64 | XXE | 07:23 | |
| 65 | Components With Known Vulnerabilities Example | 10:07 | |
| 66 | Insufficient Logging And Monitoring Example | 04:02 | |
| 67 | Whats Next & How To Earn Money By Finding Vulnerabilities ? | 11:36 | |
| 68 | Browsing the Web | 06:01 | |
| 69 | Breaking Google | 03:01 | |
| 70 | The Internet Backbone | 05:30 | |
| 71 | Traceroute | 02:25 | |
| 72 | HTML, CSS, Javascript | 05:05 | |
| 73 | Build Your First Website | 07:49 | |
| 74 | HTML Tags | 08:40 | |
| 75 | Your First CSS | 13:43 | |
| 76 | What Is Javascript? | 05:34 | |
| 77 | Your First Javascript | 11:42 | |
| 78 | Javascript On Our Webpage | 09:06 | |
| 79 | HTTP/HTTPS | 19:59 | |
| 80 | Introduction To Databases | 10:55 | |
| 81 | SQL: Create Table | 05:16 | |
| 82 | SQL: Insert Into + Select | 04:34 | |
| 83 | What is PHP? | 05:17 | |
| 84 | Linux 1 - ls, cd, pwd, touch... | 13:47 | |
| 85 | Linux 2 - sudo, nano, clear ... | 07:01 | |
| 86 | Linux 3 - ifconfig, nslookup, host ... | 07:35 | |
| 87 | Thank You | 01:14 |
Unlock unlimited learning
Get instant access to all 86 lessons in this course, plus thousands of other premium courses. One subscription, unlimited knowledge.
Learn more about subscriptionComments
0 commentsWant to join the conversation?
Sign in to commentSimilar courses
Introduction to Prompt Engineering
Sources: DAIR.AI
This course is dedicated to the key methods of Prompt Engineering for large language models (LLMs) and their effective application in various scenarios and...
1 hour 27 minutes 29 seconds
Great Thinkers, Great Theorems
Sources: Wondrium by The Great Courses, Dr. William Dunham
Delve into the mechanics of some of math's greatest and most awe-inspiring achievements. Explore the most awe-inspiring theorems in the 3,000-year history of ma
12 hours 14 minutes 35 seconds
Production-Ready Serverless
Sources: Yan Cui
The Production-Ready Serverless course teaches how to build resilient and scalable serverless applications, ready for production deployment. It covers...
13 hours 37 minutes 6 seconds
The Power of Thought Experiments
Sources: Wondrium by The Great Courses, Daniel Breyer
Thought experiments have been used throughout history by great thinkers to expand our knowledge of ourselves and the world. In this course, you’ll explore fasci
11 hours 54 minutes 19 seconds
The Complete Guide to Becoming a Software Architect
Sources: udemy
Becoming a Software Architect is the holy grail for almost all developers. Great salary, working with management, dealing with the up-to-date technologies and p
5 hours 44 minutes 32 seconds