YoVDO

Bug Bounty

Offered By: YouTube

Tags

Bug Bounty Courses Cybersecurity Courses Penetration Testing Courses Cross-Site Scripting (XSS) Courses Nmap Courses

Course Description

Overview

Dive into the world of bug bounty hunting with this comprehensive 5-hour video series. Learn essential techniques for finding and exploiting vulnerabilities in web applications. Start by understanding how to choose a bug bounty program and use GitHub dorks for scope review. Explore reconnaissance methods, including setting up a VPS and using tools like Amass, Assetfinder, and Subfinder. Master subdomain enumeration techniques and automate the process to build your personal recon toolkit. Discover port scanning with nmap and tackle advanced topics like XSS CSP bypass and XXE vulnerabilities. Set up a local hacking environment using Kali on Windows WSL, and learn to automate bug hunting with Nuclei. Investigate common API vulnerabilities, focusing on IDORs and access control issues. Delve into OAuth application hacking, including CSRF protection flaws. Finally, explore free automated reconnaissance using GitHub Actions with Project Discovery tools.

Syllabus

The Plan - Finding a program - Bug Bounty - Ep - 01.
Scope Review and Bug Hunting Using Github Dorks - Bug Bounty - Ep - 02.
Recon 01 - Recon Infrastructure Map Setting up VPS + Assetfinder + Subfinder - Bug Bounty - Ep - 03.
Amass Setup and Tutorial.
Collecting Subdomains - Part 2 | Automating the process | First Steps to your personal Recon Toolkit.
Collecting Subdomains - Part 1 | Amass | Subfinder | Assetfinder | Findomain.
Recon - Scan them all | Port Scanning ft. nmap + Short Videos Announcement.
XSS CSP Bypass - BugPoC Challenge.
Kali on Windows WSL for Pentester & Bug Bounty Hunter | Local Recon | Hacking Machine | No VPS / VM.
Local Recon Machine - Kali on Windows ft. WSL | Final Part - Pt.2 | Recon on a live site.
Automate your Bug Hunting using Nuclei | Writing our own nuclei template | Be The H.A.C.R. - Ep. 18.
XXE - What Why & How | XXE on Twitter | $10k Bounty | XML External Entity.
Automating IDORS with Autorize - Common API Bugs Pt. 2 - IDORs & Access Control Issues.
Hacking Oauth Applications - Pt. 1.
Flawed CSRF Protection - State Param - Hacking Oauth Pt . 2 | Live Demo on Medium.com.
Free Automated Recon Using Github Actions | Ft. Project Discovery.


Taught by

Hacking Simplified

Related Courses

Network Security
Georgia Institute of Technology via Udacity Proactive Computer Security
University of Colorado System via Coursera Identifying, Monitoring, and Analyzing Risk and Incident Response and Recovery
(ISC)² via Coursera Hacker101
HackerOne via Independent CNIT 127: Exploit Development
CNIT - City College of San Francisco via Independent