This course will cover most of the vulnerabilities of OWASP TOP 10 & Web Application Penetration Testing. You will start as a beginner with no hands-on experience in bug bounty hunting and Penetration testing, after this course, you will emerge as a stealth Bug Bounty Hunter.
Finding security flaws or bugs in a website and ethically reporting them to the security team of that firm is known as bug bounty hunting. Companies create bug bounties, also known as responsible disclosure programs, to entice users to report any problems they may find on their websites. Some businesses decide to honor a researcher with a bounty, gifts, or a spot on their list of Hall of Fame. They provide an excellent area for honing your talents if you are interested in online application security, with the possibility of earning some money and credibility at the same time.
This training includes:
- Information Gathering and Basic Terminologies
- Introduction to Burpsuite
- Reporting Technique for Web Pentest and Bug Hunting
- OWASP Top 10
- XSS
- Host Header Injection
- URL Redirection
- Parameter Tampering
- HTML Injection
- Missing SPF Record
- Misconfig of CORS
- SSRF
- Critical File FOund
- Source Code Disclosure
- CSRF
- Hostile Subdomain Takeover
- SQL Injection
- Command Injection
- File Uploading
- XML (XXE)
