Advanced-Recon Course
Advanced-Recon Course
Published 6/2022
MP4 | Video: h264, 1280x720 | Audio: AAC, 44.1 KHz
Language: English | Size: 1.89 GB | Duration: 2h 3m
Published 6/2022
MP4 | Video: h264, 1280x720 | Audio: AAC, 44.1 KHz
Language: English | Size: 1.89 GB | Duration: 2h 3m
Recon for wide scopes
What you'll learn
Use recon tools coreectly
how to get data from javascript
how to collect and use data on your main target
Do recon on open scoped targets
What data to keep and what data to ignore
James Beers' recon methodology
Requirements
You should know how to use linux, you should also know what bug bounties are
Description
Course DescriptionHello, amazing hackers. I am James Beers, I am currently obtaining my bachelors in cybersecurity and I have been doing bug bounties and hacking for over 3 years now. This course will teach you everything I know so far about recon. In this course, we will be covering the basics to the intermediates of recon.We will be using our skills on a public lab that I have hosted on Heroku. It is juice shop and is really good for javascript enumeration and source code enumeration. Other public “labs” include the google VRP which can be found at their VRP program website. I will be teaching you how to enumerate IP addresses and versions on ports, how to enumerate subdomains from many sources and tools, and how to bring all of that data together so you can apply it. I will also teach you URL enumeration for parameters to add to a custom wordlist. Javascript reading for DOM interactions, API keys, and directories and requests that tools may miss.The purpose of this course is to get your mind thinking like an attacker from the start of the recon process. I will also be going over my methodology that I developed over my 3 years of bug bounties. I have some friends who are really good at wide scope target recon and they will be sharing info to be added to this course. Please take my methodology and make it your own, you cant get somewhere new following the same roads everyone else has, but you might be able to touch the sky if you stand on the shoulders of giants.Enjoy the course and please download all of the notes and walkthroughs that are available.
Overview
Section 1: Introduction
Lecture 1 Introduction
Section 2: Tools introduction and explaination
Lecture 2 introduction and explaination
Section 3: What is recon
Lecture 3 What is recon
Section 4: Thinking like a hacker
Lecture 4 Mind of a hacker
Section 5: Javascript?
Lecture 5 Javascript enumeration
Section 6: CORS and security headers for recon
Lecture 6 CORS and Security header recon
Section 7: My methodology
Lecture 7 Methodology
Section 8: Online recon sources
Lecture 8 Online sources for recon
Section 9: Tools for recon
Lecture 0 Recon with gau
Lecture 0 Tools for recon
Section 10: Recon for IP addresses
Lecture 0 Recon with IP addresses
Section 11: Recon on domains
Lecture 0 Recon on domains
Section 12: Recon on subdomains
Lecture 0 Recon on subs
Section 13: What to do with ALL of the data
Lecture 0 Bringing the data back around
Lecture 0 BONUS
Bug bounty hunters and cybersecurity professionals