Recon For Bug Bounty, Penetration Testers & Ethical Hackers

Recon for bug bounty, penetration testers & ethical hackers. Full methodology of website reconnaissance, bug bounty.

What you'll learn

Recon on websites

FInding subdomains

Finding urls

Recon for bug bounty, penetration testing and ethical hacking

Requirements

Basic knowledge of linux is required

Basic knowledge of vulnerabilities

Description

This course is fully made for website reconnaissance  for bug bounty, penetration testers & ethical hackers. This is a intermediate level course all the topics are discussed here regarding recon on websites.Some of the topics are what is reconnaissance, what is recon , recon for bug bounty hunters and penetration testers, Subdomain enumeration, URL enumeration, parameter bruteforcing, Creating your own recon tools and many more…This course is fully focused on website recon and vulnerability assessment.There will be full methodology of website reconnaissance, bug bounty hunting, penetration testing. The videos are divided into small sections for the students to learn. All the resources are provided in the resource section including links, pdf, payloads that are used in course.Course Curriculum : IntroductionIntroduction to reconSubdomain enumeration from toolsSubdomain enumeration #1Subdomain enumeration #2Subdomain enumeration #3Subdomain enumeration #4Subdomain bruteforcingFiltering unique domainsSubdomain generatorSubdomain enumeration from websitesSubdomain enumeration from website #1Subdomain enumeration from website #2Subdomain enumeration from website #3Subdomain enumeration from website #4Filtering live domainsFiltering live domainsURL extraction from the internetURL extraction from the internet #1URL extraction from the internet #2Finding parametersFinding parametersParameter bruteforcerFinding URL from pastURL from pastSorting urlsSorting url for vulnerabilitiesAutomation for replacing parameters with PayloadsAutomation for replacing parameters with PayloadsFootprinting websites ( Website recon )Whatweb reconNetcraftSecurity headersDnsdumpmasterWhois reconMxtoolboxOSINTMaltegoBrowser addons for reconwappalyzerretire.jsshodan KnoxxHack-tools addonWAF idetificationWAF identificationSubdomain takeoverHostileSubBruteForcerSub404SubjackFuzzing (Content-Discovery)dirbffufPort scanningIntroduction to nmapPort specification in nmapService and version detection from nmapFirewall bypass techniqueFast port scanningnabbumasscanVisual reconGowitnessGoogle dorkingIntroduction to google dorkingUnderstnding the URL structureSyntax of google dorkingGoogle dorking operatorsGoogle search operators ( Part - 1 )Google search operators ( Part - 2 )Google dorking practicalIntroduction to practical google dorkingHow to find directory listing vulnerabilities ?How to dork for wordpress plugins and thems ?How to dork for web servers versions ?How to dork for application generated system reports ?Dorking for SQLiReading materials for google dorkingTips for advance google dorkingTip #1Tip #2Tip #3Shodan dorkingIntro to shodan dorkingShodan web interfaceShodan search filtersShodan dorking practicalFinding serverFinding fIles and directoriesFinding operating systemsFinding compromised devices and websitesShodan command lineIntroduction to shodan command linePractical shodan in command lineGithub dorkingIntroduction to github dorkingGithub dorking practicalVulnerability scanningNuclei Wp-ScanScanning with burpsuiteMetasploit for reconDNS recon using metasploitSub-domain enumeration using metasploitE-mail address findingPort scanning using metasploitTCP SYN port scan using metasploitSSH version detectionFTP version enumerationMySQL version detectionHTTP enumerationPayloads for bug bounty huntersPayloads for bug hunters and enetration testersHow to create tools for recon ?SSRF finder toolXSS finding tooURL extractor from javascript filesFull website recon toolBonusBonus video Thank you :)Vivek Pandit

Overview

Section 1: Introduction

Lecture 1 Introduction of recon

Section 2: Subdomain enumeration from tools

Lecture 2 Subdomain enumeration #1

Lecture 3 Subdomain enumeration #2

Lecture 4 Subdomain enumeration #3

Lecture 5 Subdomain enumeration #4

Lecture 6 Subdomain bruteforcing tools

Lecture 7 Filtering unique domains

Lecture 8 Subdomain generator

Section 3: Subdomain enumeration from websites

Lecture 9 Subdomain enumeration from website #1

Lecture 10 Subdomain enumeration from website #2

Lecture 11 Subdomain enumeration from website #3

Lecture 12 Subdomain enumeration from website #4

Section 4: Filtering live domains

Lecture 13 Filtering live domains

Section 5: URL extraction from the internet

Lecture 14 URL extraction from the internet #1

Lecture 15 URL extraction from the internet #2

Section 6: Finding parameters

Lecture 16 Finding parameters

Lecture 17 Parameter bruteforcer

Section 7: Finding URL from past

Lecture 18 URL from past

Section 8: Sorting urls

Lecture 19 Sorting url for vulnerabilities

Section 9: Automation for replacing parameters with Payloads

Lecture 20 Automation for replacing parameters with Payloads

Section 10: Footprinting websites

Lecture 21 Wahtweb scanner

Lecture 22 Netcraft

Lecture 23 Security headers

Lecture 24 Dnsdumpmaster

Lecture 25 Whois recon

Lecture 26 Mxtoolbox

Lecture 27 OSINT

Lecture 28 Maltego

Section 11: Browser addons for recon

Lecture 29 Wappalyzer addon

Lecture 30 retire.js addon

Lecture 31 Shodan addon

Lecture 32 Knoxx addon

Lecture 33 Hack-tools addon

Section 12: WAF idetification

Lecture 34 WAF Identificaton

Section 13: Subdomain takeover

Lecture 35 HostileSubBruteForcer

Lecture 36 Sub404

Lecture 37 Subjack

Section 14: Fuzzing (Content-Discovery)

Lecture 38 Automation for replacing parameters with Payloads

Lecture 39 dirb

Lecture 40 ffuf

Section 15: Port scanning

Lecture 41 Introduction to nmap

Lecture 42 Port specification in nmap

Lecture 43 Service and version detection from nmap

Lecture 44 Firewall bypass technique

Section 16: Fast port scanning

Lecture 45 naabu

Lecture 46 Masscan

Section 17: Visual recon

Lecture 47 Gowitness

Section 18: Google dorking

Lecture 48 Introduction to google dorking

Lecture 49 Understanding the structure of url

Lecture 50 Syntax of google dorking

Lecture 51 Golden rules of google dorking

Lecture 52 Google dorking operators

Lecture 53 Google search operators ( Part - 1 )

Lecture 54 Google search operators ( Part - 2 )

Section 19: Google dorking practical

Lecture 55 Introduction to practical google dorking

Lecture 56 How to find directory listing vulnerabilities ?

Lecture 57 How to dork for wordpress plugins and thems ?

Lecture 58 How to dork for web servers versions ?

Lecture 59 How to dork for application generated system reports ?

Lecture 60 Dorking for SQLi

Lecture 61 Reading materials for google dorking

Section 20: Tips for advance google dorking

Lecture 62 Tip #1

Lecture 63 Tip #2

Lecture 64 Tip #3

Section 21: Shodan dorking

Lecture 65 Introduction to shodan dorking

Lecture 66 Shodan web interface

Lecture 67 Shodan search filters

Lecture 68 Resource

Section 22: Shodan dorking practical

Lecture 68 Finding servers

Lecture 69 Finding fIles and directories

Lecture 70 Finding operating systems

Lecture 71 Finding compromised devices and websites

Section 23: Shodan command line

Lecture 72 Introduction to shodan command line

Lecture 73 Practical shodan in command line

Section 24: Github dorking

Lecture 74 Introduction to github dorking

Lecture 75 Github dorking practical

Section 25: Vulnerability scanning

Lecture 76 Nuclei tool

Lecture 77 WP-Scan

Lecture 0 List of shodan search filters

Lecture 78 Scanning with burpsuite

Section 26: Metasploit for recon

Lecture 79 DNS recon using metasploit

Lecture 80 Sub-domain enumeration using metasploit

Lecture 81 E-mail address finder

Section 27: Port scanning using metasploit

Lecture 82 TCP SYN port scan using metasploit

Lecture 83 SSH version detection

Lecture 84 FTP version enumeration

Lecture 85 MySQL version detection

Lecture 86 HTTP enumeration

Section 28: Payloads

Lecture 87 Payloads for bug hunters and penetration testers

Section 29: How to create tools for recon ?

Lecture 88 XSS finding tool

Lecture 89 URL extractor from javascript files

Lecture 90 SSRF finder tool

Lecture 91 Full website recon tool

Section 30: Bonus

Lecture 92 Bonus video

Bug bounty hunters, penetration testers, ethical hackers and etc.