Web App Testing - SQL Injections and Live Bug Bounty Hunting
Offered By: Cyber Mentor via YouTube
Course Description
Overview
Dive deep into SQL injection techniques and live bug bounty hunting in this comprehensive 2-hour 52-minute video. Learn about advanced SQL injection attacks, including the use of UNIONs and the importance of sleep commands. Compare sqlmap, Burp Active, and manual approaches to SQL injection. Explore live bug bounty enumeration techniques, including subdomain discovery with sublist3r and crt.sh, data extraction, and host screening. Gain insights on manual enumeration and participate in an Ask Me Anything session. Perfect for aspiring ethical hackers and cybersecurity enthusiasts looking to enhance their web application testing skills.
Syllabus
- Welcome.
- Introduction / Overview of Week 5.
- SQL Injection refresher.
- SQL Injection attack #1.
- SQL Injection attack #2 (using UNIONs).
- sqlmap vs Burp Active vs manual.
- SQL Injection attack #3 - the importance of sleep.
- Other challenges & Easter eggs.
- Giveaway.
- Start of live bug bounty enumeration.
- Finding subdomains with sublist3r and crt.sh.
- Extracting data from crt.sh.
- For loop to test if site is up.
- Using eyewitness to screenshot hosts.
- Manual enumeration.
- Begin AMA.
Taught by
The Cyber Mentor
Related Courses
Ethical HackingIndian Institute of Technology, Kharagpur via Swayam Investigación en Informática Forense y Ciberderecho
University of Extremadura via Miríadax MSc Cyber Security
Coventry University via FutureLearn Network Security - Introduction to Network Security
New York University (NYU) via edX Network Security - Advanced Topics
New York University (NYU) via edX