Course Overview
A bug bounty program is a crowdsourcing initiative hosted by organizations in order to give a platform to security researchers and white hat hackers from across the globe to showcase their skills and discover any security holes in their infrastructure. Depending upon the severity level of the bug reported and the details presented within the Proof of Concept (POC), they are either rewarded with remuneration or recognition as a token of appreciation.
While a large majority of the bug bounty programs are public, certain ones are private events and are strictly invite-based. Such programs have stringent terms and conditions that the invitees must always abide by.
During this course, you will acquire knowledge of the fundamentals of application security vulnerabilities and penetration testing.
Prerequisites
To initiate the Bug Bounty Training, you should be aware of the basic concepts of developing web applications; frontend and backend, what programming or scripting languages contribute to web development, and even how the web applications are hosted on the server.
Training Modules
- Black-box, White-box, Grey-box Testing
- VAPT Vs Bug Bounty Vs Red Teaming
- Legal Scope & Responsible Disclosure
- Recon Methodology (passive Vs Active)
- OWASP Top 10 Overview
- Installation Of Apache
- Installation Of MySQL
- Installation Of PhpMyAdmin
- Installation Of FTP Server
- Installation Of SSH Service
- Installation Of Git
- Setting Up DVWA
- Setting Up BWAPP
- Practicing On PortSwigger Web Security Academy Labs
- Browser Setup (extensions For Testing)
- Proxy Configuration & Intercepting Traffic
- Burp Installation & Setup
- Proxy Usage & Traffic Interception
- Repeater For Manual Testing
- Intruder For Fuzzing
- Scanner Basics
- Payload Types & Fuzzing Techniques
- Session Handling Basics
- Security Headers Analysis
- CORS Misconfiguration
- Cache Control Issues
- Header Injection
- Host Header Attacks
- PUT/DELETE Method Abuse
- Method Override Attacks
- TRACE Method Risks
- Verb Tampering
- REST API Method Testing
- Credential Stuffing & Brute Force
- Weak Password Policies
- MFA Bypass Techniques
- Session Fixation
- IDOR (Insecure Direct Object Reference)
- Vertical Vs Horizontal Escalation
- Forced Browsing
- API Authorization Flaws
- Role Manipulation
- Verbose Error Messages
- Stack Traces & Debug Endpoints
- Git/config File Leaks
- API Key Exposure
- Metadata Leakage
- Base64, URL Encoding
- Hash Identification (MD5, SHA1, Bcrypt)
- Hash Cracking Basics
- Encoding Bypass Techniques
- Backup Files (.zip, .bak, .old)
- .git Exposure
- SVN Leaks
- Misconfigured Cloud Storage
- Cookie Stealing (XSS)
- Session Fixation
- Predictable Session IDs
- Token Reuse
- Sensitive Info In Errors
- Cookie Flags (HttpOnly, Secure)
- Tampering Cookies
- JWT Decoding & Modification
- Parameter Tampering
- Mass Assignment
- Business Logic Flaws
- Chained Exploitation
- Path Traversal Basics
- Encoding Bypass (%2e%2e/)
- Null Byte Injection
- Filter Bypass Techniques
- WAF Bypass Basics
- LFI Basics & Fuzzing
- Wrappers (php://filter)
- Log Poisoning
- File Inclusion To RCE
- Remote File Inclusion Exploitation
- Basic Command Injection
- Blind Injection (time-based)
- Out-of-band (OAST Techniques)
- Command Chaining Operators
- Filter Bypass
- Multiple Type Bypass
- Double Extension Attacks
- Web Shell Upload
- Image-based Payloads
- Upload To RCE
- HTML Injection Basics
- Payload Crafting
- Leading To Phishing Attacks
- Obfuscation Techniques
- URL Validation Bypass
- Chaining With Phishing
- Bypassing The Restrictions
- Regex Basics
- Input Validation Bypass
- Union-based SQLi
- Boolean-based Blind
- Time-based Blind
- Error-based SQLi
- Reflected, Stored, DOM XSS
- Filter Bypass Techniques
- CSP Misconfiguration
- CSP Bypass Techniques
- CSRF Token Bypass
- SameSite Cookie Issues
- CSRF Via JSON/API
- Clickjacking Relation
- OWASP Secure Design
- Least Privilege
- Defense In Depth
- SSRF Basics
- Internal Service Access
- Cloud Metadata Exploitation
- Blind SSRF