وب سایت تخصصی شرکت فرین
دسته بندی دوره ها

Learn Bug Bounty Hunting & Web Security Testing From Scratch

سرفصل های دوره

Learn how to discover bugs / vulnerabilities like experts | OWASP top 10 + more | No prior knowledge required


1. Introduction
  • 1. Introduction
  • 2. What is a Website

  • 2. Information Disclosure vulnerabilities
  • 1.1 Information Disclosure slides.pdf
  • 1. Introduction to Information Disclosure Vulnerabilities
  • 2.1 Target website link.html
  • 2. Discovering Database Login Credentials
  • 3.1 Target website link.html
  • 3.2 Wordlist Repository.html
  • 3. Discovering Endpoints & Sensitive Data
  • 4.1 Target website link.html
  • 4. Introduction to HTTP Status Codes
  • 5. Employing the Hacker Bug Hunter Mentality to Discover Admin Login Information
  • 6.1 Target website link.html
  • 6. Manipulating Application Behaviour Through the HTTP GET Method
  • 7. Manipulating Application Behaviour Through the HTTP POST Method
  • 8. Intercepting Requests With Brup Proxy

  • 3. Broken Access Control Vulnerabilities
  • 1.1 Broken Access Control slides.pdf
  • 1. Introduction to Broken Access Control Vulnerabilities
  • 2.1 Target website link.html
  • 2. Cookie Manipulation
  • 3.1 Target website link.html
  • 3. Accessing Private User Data
  • 4.1 Target website link.html
  • 4. Discovering IDOR Vulnerabilities (Insecure Direct Object Reference)
  • 5.1 Target website link.html
  • 5. Privilege Escalation with Burp Repeater
  • 6.1 Target website link.html
  • 6. Debugging Flows with HTTP TRACE & Gaining Admin Access!

  • 4. Path Directory Traversal
  • 1.1 Path Traversal slides.pdf
  • 1.2 Target website link.html
  • 1. Introduction to Path Traversal Vulnerabilities & Basic Discovery
  • 2.1 Target website link.html
  • 2. Bypassing Absolute Path Restriction
  • 3.1 Target website link.html
  • 3. Bypassing Hard-coded Extensions
  • 4.1 Target website link.html
  • 4. Bypassing Filtering
  • 5.1 Target website link.html
  • 5. Bypassing Hard-coded Paths
  • 6.1 Target website link.html
  • 6. Bypassing Advanced Filtering
  • 7.1 directory-traversal-cheatsheet.zip
  • 7.2 Target website link.html
  • 7. Bypassing Extreme Filtering

  • 5. CSRF - Client-Side Request Forgery
  • 1.1 CSRF slides.pdf
  • 1.2 Target website link.html
  • 1. Discovering & Exploiting CSRF Vulnerabilities

  • 6. OAUTH 2.0 Vulnerabilities
  • 1.1 OAUTH 2.0 slides.pdf
  • 1. Introduction to OAUTH 2.0
  • 2.1 Target website link.html
  • 2. OAUTH 2.0 Basic Exploitation
  • 3.1 Target website link.html
  • 3. Exploiting a Linking OAUTH 2.0 Flow Through CSRF
  • 4.1 Target website link.html
  • 4. Exploiting a Login OAUTH 2.0 Flow Through CSRF

  • 7. Injection Vulnerabilities
  • 1. Introduction to Injection Vulnerabilities

  • 8. OS Command Injection
  • 1.1 Command Injection slides.pdf
  • 1.2 Target website link.html
  • 1. Discovering a Basic Command Injection Vulnerability
  • 2.1 Target website link.html
  • 2. Discovering Blind Command Injection Vulnerabilities
  • 3.1 Target website link.html
  • 3. Discovering Asynchronous Blind Command Injection Vulnerabilities
  • 4. Using Burp Collaborator to Exploit Asynchronous Blind Command Injection

  • 9. XSS - Cross Site Scripting
  • 1.1 XSS slides.pdf
  • 1. Introduction to XSS Vulnerabilities & Its Types
  • 2.1 Target website link.html
  • 2. Discovering a HTML Injection Vulnerability
  • 3. Discovering Reflected & Stored XSS Vulnerabilities

  • 10. DOM XSS Vulnerabilities
  • 1. Introduction to DOM XSS Vulnerabilities
  • 2.1 Target website link.html
  • 2. Discovering a Reflected DOM XSS in a Link
  • 3.1 Target website link.html
  • 3. Discovering a Reflected XSS in an Image Tag!
  • 4.1 Target website link.html
  • 4. Injecting Javascript Directly in a Page Script
  • 5.1 Target website link.html
  • 5. Discovering XSS in a Drop-down Menu
  • 6.1 Target website link.html
  • 6. Discovering XSS in AngularJS Application

  • 11. XSS - Bypassing Security
  • 1.1 Target website link.html
  • 1. Bypassing Basic Filtering
  • 2.1 Target website link.html
  • 2. Bypassing Single-Quotes Filtering
  • 3.1 Target website link.html
  • 3. Bypassing Advanced Filtering
  • 4.1 Target website link.html
  • 4. Bypassing Server-Side Filtering
  • 5.1 Target website link.html
  • 5.2 XSS Cheatsheet.html
  • 5. Bypassing Extreme Filtering with Burp Intruder

  • 12. Bypassing Content Security Policy (CSP)
  • 1.1 Target website link.html
  • 1. Analysing the Target Application
  • 2. Discovering an XSS in a CSP Enabled Application

  • 13. SQL Injection Vulnerabilities
  • 1.1 SQLi slides.pdf
  • 1. Introduction to SQL Injection Vulnerabilities
  • 2.1 Target website link.html
  • 2. Discovering SQL Injections
  • 3.1 Target website link.html
  • 3. Bypassing Admin Login Using Logical Operators
  • 4.1 Target website link.html
  • 4. Selecting Data From the Database
  • 5.1 Target website link.html
  • 5. Accessing The Database Admin Records

  • 14. Blind SQL Injections
  • 1.1 Target website link.html
  • 1. Discovering Blind SQL Injections
  • 2.1 Target website link.html
  • 2. Enumerating Table & Column Names
  • 3.1 Target website link.html
  • 3. Recovering Administrator Password With Burp Intruder
  • 4.1 Target website link.html
  • 4. Using the Cluster-Bomb Attack to Recover Passwords

  • 15. Time-Based Blind SQL Injection
  • 1.1 Target website link.html
  • 1. Discovering Time-Based Blind SQLi
  • 2.1 Target website link.html
  • 2. Extracting Data From the Database Using a Time-Based Blind SQLi
  • 3.1 Target website link.html
  • 3. Getting The Admin Password Using a Time-Based Blind SQLi

  • 16. SSRF (Server-Side Request Forgery)
  • 1.1 SSRF slides.pdf
  • 1. Introduction to SSRF Vulnerabilities
  • 2. Theory Behind SSRF Vulnerabilities & Their Impact
  • 3.1 Target website link.html
  • 3. Discovering a Basic SSRF Vulnerability
  • 4.1 Target website link.html
  • 4. Accessing Private (Admin) Resources Using an SSRF Vulnerability

  • 17. SSRF - Advanced Exploitation
  • 1.1 Target website link.html
  • 1. Advanced SSRF Discovery
  • 2.1 Target website link.html
  • 2. Scanning & Mapping Internal Network & Services

  • 18. SSRF - Bypassing Security
  • 1.1 Target website link.html
  • 1. Bypassing Blacklists
  • 2.1 Target website link.html
  • 2. Bypassing Whitelists
  • 3.1 Target website link.html
  • 3. Chaining Open Redirection with SSRF to Bypass Restrictive Filters

  • 19. Blind SSRF Vulnerabilities
  • 1. Introduction to Blind SSRF Vulnerabilities
  • 2.1 Target website link.html
  • 2. Discovering Blind SSRF Vulnerabilities
  • 3.1 Target website link.html
  • 3. Exploiting Blind SSRF Vulnerabilities
  • 4.1 Target website link.html
  • 4. Escalating Blind SSRF to a Remote Code Execution (RCE)

  • 20. XXE (XML External Entity) Injection
  • 1.1 XXE slides.pdf
  • 1. Introduction to XXE Injection Vulnerabilities
  • 2. What is XML
  • 3.1 Target website..html
  • 3.2 XXE Cheatsheet.html
  • 3. Exploiting a Basic XXE Injection
  • 4.1 Target website link.html
  • 4. Discovering an SSRF Through a Blind XXE

  • 21. 2 Hour Live Bug Hunting !
  • 1.1 Live bug hunting slides.pdf
  • 1. Introduction
  • 2.1 Target website link.html
  • 2. Overview of the Target
  • 3. Discovering an Open Redirect Vulnerability
  • 4. Discovering a an XSS in the Response
  • 5. Discovering an XSS in a HTML Comment
  • 6. Discovering an XSS in a Date Picker
  • 7. Broken Access Control in Booking Page
  • 8. Analysing Application Files & Finding Sensitive Data
  • 9. Discovering Endpoints Hidden In Code
  • 10. Discovering an IDOR - Insecure Direct Object Reference
  • 11. Discovering Hidden Endpoints Using Regex
  • 12. Discovering a Complex Stored XSS
  • 13. Discovering Bugs in Hidden Elements
  • 14. Discovering Bugs in Hidden Parameters

  • 22. Participating in Bug Bounty Programs
  • 1. Hacker1 Overview
  • 2. Bug-Bounty Overview
  • 3. Submitting a Bug Report

  • 23. Bonus Section
  • 1. Bonus Lecture - Want to learn more.html
  • 139,000 تومان
    بیش از یک محصول به صورت دانلودی میخواهید؟ محصول را به سبد خرید اضافه کنید.
    خرید دانلودی فوری

    در این روش نیاز به افزودن محصول به سبد خرید و تکمیل اطلاعات نیست و شما پس از وارد کردن ایمیل خود و طی کردن مراحل پرداخت لینک های دریافت محصولات را در ایمیل خود دریافت خواهید کرد.

    ایمیل شما:
    تولید کننده:
    شناسه: 1442
    حجم: 8084 مگابایت
    مدت زمان: 657 دقیقه
    تاریخ انتشار: 26 دی 1401
    دسته بندی محصول
    طراحی سایت و خدمات سئو

    139,000 تومان
    افزودن به سبد خرید