Web App Pen-testing & Bug Bounty Hunting

Description Welcome to ESSENTIALS OF COMPUTER SCIENCE & WEB APPLICATION PEN TESTING. A course that teaches you practically, about web application security, protecting your websites from attacks, and reporting bugs for reward, if you found one. This course is made from scratch. So, if you do not have any knowledge about Website Hacking or Bug hunting then this is the course to go with. This course is not just based on a home lab environments like DVWA, BWAPP, and other vulnerable web applications, instead, this course is completely based on real-life security vulnerabilities that are reported on the crowdsourcing platform. This is the place, where people make thousands of dollars in a few hours by just reporting one big security vulnerabilities to big companies like Uber, Facebook, Google, Amazon, and Zomato. This course I designed specifically for people who want to earn online irrespective of there knowledge if you have zero knowledge in the field of cybersecurity as well as in programming we still got your back we are going to do everything from scratch whatever we need through this course and we promise you that it’s going to be great fun learning with us Requirements

  • Use computers at the basic level
  • Good Internet Connection
  • Windows, Linux, and MAC, all are good for this course
  • Curiosity To Learn More
  • Patience & Practice

Benefits 

  • Certificate Available
  • Pentesting On Live Sites
  • Reports Template Available To Save Time
  • Doubt Class Every Sunday
  • Support For Getting First Bounty
  • Whatsapp Support

Introduction To Bug Bounty

1
What Are Bug Bounty Programs ?
2
What Are Crowd-Source Platforms?
3
Introduction To Bugcrowd and Hackerone [RECORDED]

Watch The Video To To Get Clear Concept About How To Use Bugcrowd & Hackerone & What Other Things You Need To Know Before Getting Started

Introduction To Toolkit

1
LIVE LAB SETUP [RECORDED]
2
Downloading & Installing Burp Suite Professional
3
Downloading and Install Kali Linux
4
Downloading Some Good Known Common Tools

Introduction To Computer Science Essentials

1
Learning Linux Basics [RECORDED]
2
Learning Burpsuite [RECORDED]
3
Learning about SSH

Broken Authentication & Session Management

1
Broken Auth And Session Managment [RECORDED}
2
Failure To Invalidate Session
3
Session Fixation
4
Authentication Bypass [Login Bypass]
5
Second Factor Authentication (2FA) Bypass [RECORDED]
6
Cleartext Transmission of Session Token
7
Weak Registration Implementation
8
Weak Login Function

CROSS-SITE REQUEST FORGERY (CSRF)

1
Complete CSRF ALL TYPES BYPASS [RECORDED]
2
JSON BASED CSRF [RECORDED]
3
CSRF To Account Takeover
4
CSRF To OAuth Misconfiguration
5
CSRF On Delete Account
6
CSRF On Profile Update
7
CSRF Bypass Tips

Broken Access Control

1
Rate Limit Issues [RECORDED]
2
Broken Access Control Complete [RECORDED]
3
IDOR [RECORDED ]
4
Server-Side Request Forgery [RECORDED]
5
SSRF ADVANCE [RECORDED]
6
Parmeter Tampering (Getting Product For Free)
7
Username / Email Enumeration

Server Security Misconfiguration

1
Misconfigured DNS
2
OAuth Misconfiguration
3
Mail Server Misconfiguration [SPECIAL SESSION]
4
Click-jacking [RECORDED]
5
UNSAFE File Upload [RCE] [RECORDED]

Sensitive Data Exposure

1
Exif Meta Data Not Stripped [RECORDED]
2
GitHub Recon Revised [RECORDED]
3
Token Leakage Vulnerability [RECORDED]
4
Sensitive Hardcoded Data [RECORDED]
5
Directory Brute forcing [RECORDED]
6
File Brute forcing

Cross-Site Scripting (XSS) [Mostly Lab Based]

1
COMMON BUGS V1 XSS [UNDERSTANDING LITTLE ABOUT JS]
2
COMMON BUGS V2 XSS PART 2 REFLECTED
3
COMMON BUGS V3 XSS PART 3 STORED DOM
4
COMMON BUGS V3 XSS PART 4 IMAGE. COOKIE REFER BASED

Server-Side Injection

1
LFI Prequsite [RECORDED]
2
Local File Inclusion [RECORDED]
3
Remote File Inclusion [IN SSRF RECORDED SESSION]
4
Command Injection [RECORDED]
5
SQL Injection [BASICS] [RECORDED]
6
XML External Entity Injection (XXE) [LAB] [RECORDED]

Awesome Bugs

1
2FA BYPASSS [RECORDED]
2
COMMON BUGS Special P2 Vulnerability [RECORDED]
3
COMMON BUGS V2 [RECORDED]
4
OAUTH MISCONFIGURATION [RECORDED]
5
Exploiting Misconfigured CORS SOP [RECORDED]
6
WEB CACHE POSINING [RECORDED SESSION]
7
Chaining CSRF XSS To Account Takeover
8
Chaining RFI To XSS
9
Reverse Engineering Android App [RECORDED SESSION]

Reconnaissance Is An Art [Mixed]

1
Introduction To Recon API Exploits [RECORDED]
2
Reconnaissance Part 2 GitHub Tools Installation [RECORDED]
3
Reconnaissance Part 3 Continue Digging Into JS FIles [RECORDED]
4
Reconnaissance Part 4 Fuzzing [RECORDED]
5
Reconnaissance Part 5 Shodan , Censys , Exploit DB [RECORDED]
6
Reconnaissance Part 6 WayBack One Liners [RECORDED]
7
Reconnaissance Part 7 Reversing Subdomain Takeover
The Duration, Of Course, Is Lifetime ! Yes It's For Real.
We will have a doubt session weekly on every sunday
The Duration Of Entire Course Is 60-70 Hours
I love teaching and it's my passion and if was doing this just for sake of money and lying to you about earning then I would have been teaching this course again and again on live classes but it's my habit to teach do things one time with your 100% best. because the quality matters and as per your question my answer is simple I love teaching and sharing things .
a Big NO because by doing this course you are learning how to earn through bug hunting and you can redeem your full amount by reporting a single valid bug as my many students did it already.
Yes, of course, you should enroll in this course will be from basic to scratch and it involves that you must have two things. 1-Good Internet Connection [512 Kbps Minimum] 2-Laptop / Computer
The instructor is not a celebrity or person you may know but the instructor has very good experience & various achievements in the field of Cyber Security & of course Bug Hunting also. For more details, You can visit Know Everything About Me On – https://vanshdevgan.com
Bug hunting is one of the most sought-after skills in all of software. It’s not easy, but it is incredibly rewarding when done right. Like writing code, keep in mind that it takes persistence, a lot of feedback, and determination to become a successful bug bounty hunter. Think outside the box and do your utter best. You can earn pretty good reward starting from 100$ To $$$$$ there’s no upper limit to bounties you can earn
Yes . we reply to everyone on whatsapp in group if you post an question i will get back to you with an answer within few hours .
No , You can enjoy new videos for free it's an dynamic course and thanks for showing your interest in our course.
We Will Initiate Full Refund If You Don't Exceed Watching 20% Of Course .

Greetings - One positive thing that has come about being locked down and not being allowed to leave the premises & house, is having additional free time to focus on exercising, learning a language, and working on building new course videos. For the last couple of months, I have seen there is only one field that isn't affected due to this pandemic covid19  which is cybersecurity !! people are still earning millions of $$$ with bug bounties so i thought i should also go ahead and share my knowledge with you guys so you can also learn the field of web application security & earn for living a better life  One question that I get asked a lot, is how to avoid duplicates in bug bounties. The answer for that is very simple most of the bug hunters doing bug bounties are only focusing on low hanging fruits which is why they are getting duplicates I know it's quite complicated to learn some high-level vulnerabilities like ssrf but it's not impossible to learn if you know the basics very well so this course is focused to teach you from basics  Additional Note - Kindly Go Through Video Lectures Only The Theory Content Will Be Updated Soon !! I hope everyone is staying safe and making use of their free time to learn something useful. See you in the discussions! Regards - Vansh Devgan

Be the first to add a review.

Please, login to leave a review
Add to Wishlist
Get course
Enrolled: 157 students
Duration: 70 Hours
Lectures: 69
Video: 68 Hour
Level: Beginner

Archive

Working hours

Monday 9:30 am - 6.00 pm
Tuesday 9:30 am - 6.00 pm
Wednesday 9:30 am - 6.00 pm
Thursday 9:30 am - 6.00 pm
Friday 9:30 am - 5.00 pm
Saturday Closed
Sunday Closed

About

E-CyberXplore Is an Intiative By CyberXplore To Provide Quality Education To Everyone WordWide

Contact