Autoplay
Autocomplete
Previous Lesson
Complete and Continue
Ethical Hacking / Penetration Testing & Bug Bounty Hunting v2
Training Overview
Description of Training
Video Overview (3:28)
Section 1: Introduction
1. Disclaimer (1:02)
Section 2: Future Updates
2. Future Updates (1:32)
Section 3: Setting up Environment
3. Burp Suite Proxy Lab Setup (17:11)
Section 4: Subdomain Takeovers
4. What are Subdomains (3:52)
5. Subdomain Enum (5:12)
6. What is DNS (9:26)
7. Fastest Resolver (7:38)
8. What are DNS Records (7:56)
9. Sublister (6:00)
10. Findomain (3:02)
11. Subfinder (6:27)
12. Recursive Subdomain Enumeration (3:08)
13. Can I take over XYZ (6:54)
14. Can I take over ALL XYZ (6:37)
15. AWS Subdomain Takeover Live -1 (14:36)
16. AWS Subdomain Takeover Live -2 (7:14)
17. AWS Bugcrowd Report Breakdown (6:11)
18. Tumblr Subdomain Takeover (8:22)
19. Shopify Subdomain Takeover (11:55)
20. Cargo Subdomain Takeover (4:38)
21. Subzy Tool Automation for Subdomain Takeovers (5:47)
22. Subjack - Tool for Subdomain Takeovers (5:10)
Section 5: HTML Injection
23. What is HTML (5:41)
24. Understanding HTML (3:15)
25. HTML (3:59)
26. HTML Injection - Lab (5:06)
27. HTML Injection Live-1 (4:02)
Section 6: Click Jacking
28. Click Jacking Live-1 (3:31)
29. Click Jacking Live-2 (2:56)
30. Click Jacking Live-3 (3:35)
31. Click Jacking Live-4 (3:57)
32. Clickjacking Exploitation (7:40)
33. Clickjacking Live Target Exploitation (7:29)
34. Clickjacking Automation Live Target Exploitation (3:27)
35. Clickjacking - ClickBandit with Burpsuite (5:55)
Section 7: File Inclusion Exploitation
36. What is LFI (4:15)
37. LFI Exploitation on Lab (9:10)
38. LFI Exploitation Live -1 (4:49)
39. LFI Exploitation Live -2 (4:43)
40. LFI Exploitation LFi to RCE (11:52)
41. LFI vs RFI (3:26)
Section 8: Broken Link Hijacking
42. Introduction & Background Concept (5:39)
43. BLH Exploitation Practical (5:36)
44. BLH Exploitation Tool (6:17)
45. BLH Instagram Report Breakdown (2:01)
46. BLH Exploitation Practical Live (2:24)
47. BLH Hackerone Report Breakdown (3:00)
48. BLH Practical Tool Resource (3:30)
49. BLH Exploitation Practical Extension Tool (3:42)
50. BLH Command Injection (5:01)
51. BLH Exploitation Github Repo - Live (7:16)
9.SQL Injection
52. SQL Injection Background Concept (2:21)
53. SQL vs Spreadsheets (1:46)
54. SQL Database Importance (1:44)
55. XAMPP Installation & Setup (5:25)
56. SQL Practical Hands on - First Table (5:25)
57. SQL Practical Hands on - Queries (2:16)
58. SQL Practical Hands on - Second Table (5:47)
59. SQL Practical Hands on - Exercise (2:24)
60. Truth Table (1:51)
61. Truth Table Practical (6:11)
62. SQL Understanding the Logic (2:54)
63. SQL Query Breakdown (3:45)
64. SQL Injection Impact & Approach (5:43)
65. SQLi on Lab-1 (3:57)
66. SQL Query Breakdown payload-2 (3:49)
67. SQLi on Lab-2 (5:45)
68. Burp suite Web Academy (2:24)
69. SQLi Labs Data Retrieval Lab (4:37)
70. SQLi Labs Data Retrieval Live (2:01)
71. SQLi Login Bypass Lab (2:14)
72. SQLi Login Bypass Live 1 (2:57)
73. SQLMap Installation & Setup (3:14)
74. SQLMap Exploitation - Live 2 (11:58)
75. SQLMap Exploitation - Live 3 (9:40)
76. Shell Exploitation Techniques (2:26)
77. SQL : Shell Exploitation - Live 4 (5:16)
10.SSRF
78. SSRF Introduction & Principle (6:41)
79. SSRF Practical (10:06)
80. SSRF Bincatcher Listener (5:13)
81. SSRF against Server Itself (11:07)
82. SSRF against another Backend Server (10:08)
83. SSRF Bypass Protection Blacklist Filter (11:03)
84. SSRF Bypass Protection Whitelist Filter (8:07)
85. SSRF Chaining with Open Redirect and Bypass Filter (6:20)
86. SSRF Exploitation using MPEG - Live (6:58)
87. SSRF Exploitation JIRA chaining with XSS - Live (2:01)
88. SSRF Exploitation JIRA chaining with XSS - Live (4:01)
89. SSRF Exploitation JIRA Automation with Python (5:26)
90. SSRF Facebook Breakdown (14:42)
91. SSRF Microstrategy Live -1 (6:29)
92. SSRF PHP Filter Live (8:04)
93. SSRF PHP Filter Wordpress Config Live (5:38)
11.Remote Code Execution
94. Apache Unomi RCE Live (9:08)
12.How to start with Bug Bounty Platforms and Reporting
95. BugCrowd ROADMAP (17:41)
96. Hackerone ROADMAP (8:57)
97. Open Bug Bounty ROADMAP (8:00)
98. Synack ROADMAP (5:41)
99. Intigriti ROADMAP (10:43)
100. NCIIPC Govt of India ROADMAP (8:27)
101. RVDP All Websites ROADMAP (6:25)
Section 13: Bug Bounty / Penetration Testing Reporting Templates
102. Reporting Templates - We have your back!
Section 14: Snapshot
103. Snapshot of Subdomain Enumeration
104. Snapshot of Broken link Hijacking
Section 15: PortSwigger Labs
105. Solving Portswigger Lab SQL Injection -1
Section 16: Learning LFIscan
106. LFIscan
Section 17: Mastering Subdomain Enumeration in Penetration Testing
107. Basics and Common Mistakes to Avoid while doing Subdomain Enumeration
108. Subdomain Enumeration Strategies
109. Learning DOME - A subdomain enumeration tool
Section 18: Automating SQL Injection using Ghauri
116. Learning Ghauri
4. What are Subdomains
Lesson content locked
If you're already enrolled,
you'll need to login
.
Enroll in Course to Unlock