Autoplay
Autocomplete
Previous Lesson
Complete and Continue
Recon for Ethical Hacking / Penetration Testing & Bug Bounty
Training Overview
Description of Training
Video Overview (3:28)
Section: Introduction
Introduction (7:00)
Motivation & Importance (7:28)
Future Updates (3:36)
Rules for asking Questions
Disclaimer (0:59)
Section: Note Keeping
Note Keeping Importance (4:49)
How to make Notes (8:49)
Effective Note Keeping for Pentest & Bug Bounties (10:16)
Visual Notes (7:29)
Section: Bug Bounty Recon Introduction
Top 10 Rules for Bug Bounties (6:50)
Zen Poem (1:56)
What is Web (6:07)
What is DNS (9:26)
How does Web Server Work? (8:44)
Revision of Web, DNS and Server
URL vs URN vs URI (7:09)
Breakdown of URL (5:54)
Revision of URL
How to make the best out of this course
Feedback Time!
Section: Shodan for Bug Bounties
Shodan Installation & Lab Setup (3:55)
Shodan API (2:46)
Shodan Info & Count (5:20)
Shodan Scan Downloads (7:04)
Shodan Revision
Shodan Host Enumeration (5:35)
Shodan Parse Dataset (3:34)
Shodan Search Query (2:47)
Shodan Scan Commands (8:11)
Shodan Stats (3:01)
Shodan GUI (5:29)
Shodan Report Generation (4:11)
Shodan Report Generation - Part 2 (5:33)
Shodan Images (4:54)
Shodan Exploits (4:18)
Shodan Live Hunting - Remote Code Execution (10:16)
Shodan Live Hunting - Sensitive Data Exposure (7:55)
Exploitation of CVE 2020-3452 File Read (19:23)
Exploitation of CVE 2020-3187 File Delete (8:44)
Shodan Live Hunting - Jenkins Exploitation Logs (8:42)
Shodan Live Hunting - Jenkins Exploitation Credentials (5:45)
Shodan Live Hunting - ADB (14:00)
BONUS Shodan Extension (3:13)
Shodan Revision
Section: Certificate Transparency for Subdomain Enumeration
Certificate Transparency Crt.sh (11:18)
Certificate Transparency Crt.sh Wildcards (12:07)
Certificate Transparency Crt.sh Automation (7:01)
Shodan Subdomain Enumeration (8:08)
Shodan Subdomain Enumeration Automation (2:53)
Censys Subdomain Enumeration (7:23)
Censys Subdomain Enumeration Automation (10:44)
Facebook Certificate Transparency (4:43)
Google Certificate Transparency (4:26)
Certificate Transparency Revision
Scope Expansion
Pentest Tools (4:45)
Virus Total (8:31)
Sublister -1 (13:48)
Sublister -2 (8:11)
Sublister -3 (3:47)
Project Discovery Data Sets (5:26)
Project Discovery Data Sets CLI (6:00)
Project Discovery Data Sets CLI -2 (3:16)
Nmmapper (7:25)
Revision of Scope Expansion
Diving in depth of Archives for Bug Bounties
Wayback URL Introduction (4:32)
Wayback URL -2 (2:48)
Wayback URL Tool (5:49)
Wayback Iframe (7:38)
Wayback URL with Burp (4:08)
Wayback URL Automation -1 (15:58)
Wayback URL Automation -2 (15:28)
Wayback URL Automation -3 (3:40)
Wayback URL Live Hunting Bugcrowd (8:09)
Wayback URL Report Breakdown (2:11)
URL's from wayback,otx,commoncrawl (8:55)
DNS Enumeration for Bug Bounties
DNS Goodies (17:00)
DNS Dumpster for Subdomains (15:21)
Bonus DNS Dumpster Workflow
CMS Identification
Wappalyzer for Technology Identification (8:10)
Builtwith for Technology Identification (5:43)
Whatweb Opensource Technology Identification (5:57)
Netcraft Active Cyber Defence (11:33)
Retire JS - Hunt Outdated JS Libraries (6:20)
Retire JS - Burp Installation (4:32)
Fuzzing
Fuzzing Introduction (3:01)
Fuzzing Importance (2:55)
Fuzzing Process (4:24)
Fuzzing Step by Step (8:00)
Installation of Burpsuite (17:04)
Fuzzing on Lab (6:26)
Fuzzing on Live (6:01)
Fuzzing for Sensitive Files (5:17)
Fuzzing for Sensitive Files -2 (3:01)
Fuzzing Multiple Layers (5:01)
Wfuzz Installation (2:22)
Wfuzz Installation -2 (3:10)
Wfuzz Basic Fuzzing (4:29)
WFuzz Login Authentication (7:59)
Wfuzz HTTP Basic Auth Live (7:51)
FFUF - Fuzz Faster U Fool
FFUF Installation (5:59)
FFUF Working (6:46)
FFUF Revision - Fuzzing
FFUF Directory Fuzzing with extensions (6:12)
FFUF Directory Fuzzing with extensions Revision
FFUF Revision - Filter & Matcher
FFUF Login Authentication FUZZ (9:28)
FFUF Revision - Login Authentication FUZZ
Join the Student Community
Solve the FUZZ CTF
Content Discovery
dirsearch (4:01)
Visual Recon
Visual Recon with Screenshots (7:26)
Github Recon
Manual Way (4:34)
Automated Way (8:05)
WAF Identification
WAF Detection with Nmap (3:10)
WAF Fingerprinting with Nmap (2:11)
WafW00f vs Nmap (3:08)
Google Dorks
Google Dorks Manually (20:53)
How to become author of Google Dork (6:26)
Bug Bounty Platforms
Bucgrowd (17:41)
Hackerone (8:57)
Intigriti (10:43)
Open Bug Bounty (8:00)
Private RVDP Programs (6:25)
NCIIPC Govt. of India (8:27)
SynAck (5:41)
Mindmaps for Recon & Bug Bounties
What are Mindmaps (6:01)
Life Mindmap Example (3:43)
Breakdown of a Mindmap (7:03)
Mindmap by Jhaddix (5:24)
My Personal Mindmap by Rohit Gautam (18:48)
Section: Next Steps
Vote for the Next Module !
Snapshot
Snapshot of Ethical Hacking
Snapshot of URL , URN and URI
Top 5 Google Dorking
Using the best google dorks to find more targets
Snapshot of Shodan
Mastering Shodan Filters
Learning DNS Records in Reconnaissance
Introduction to DNS Records in Reconnaissance
Learning Web servers in Reconnaissance
Introduction to Web servers
Learning Uncover tool
Unveiling Hidden Assets with Uncover
Vote for the Next Module !
Lesson content locked
If you're already enrolled,
you'll need to login
.
Enroll in Course to Unlock