The Complete Web Penetration Testing & Bug Bounty Course (updated 11/2022)

Learn Web Pentesting & Bug Bounty & Burpsuite by hands on experience with latest technology and a full curriculum

What you'll learn

Web Application & Website Penetration Tests

Burpsuite

Bug Bounty

Cyber Security Fundamentals

Kali Linux

Web Security

API Security

Requirements

A Computer with minimum 4GB of RAM

Internet Connection

Description

Welcome to The Complete Web Penetration Testing  & Bug Bounty CourseIn this course we are going to start from scratch and learn how to find vulnerabilities & bugs in Websites and Web Applications. Of course we will learn this to notify the related authorities to make internet a safer place and start making money out of this process. We are going to learn how hackers find vulnerabilities, how hackers do their attacks and also how to protect ourselves against these attacks and submit these bugs to the related developers. We will never neglect theory but we will do hands-on experience practices all the time during the course. You will be hacking into vulnerable systems throughout the course.This training is brought to you by Codestars by Rob Percival (+1.000.000 students) and Atil Samancioglu (+280.000 students). Atil teaches cyber security & programming in Udemy for more than 5 years and he also teaches mobile development in Bogazici University. If you are looking forward to be a part of the cyber security environment then you found the right course and right instructor!You can see some of the topics that we are going to cover throughout the course below:Web Application PentestingBurpsuiteKali LinuxHTMLbWappJuice ShopOwasp Top 10Owasp API Top 10MutillidaeDVWAXSSXXESQL InjectionHTML InjectionPHP InjectionShell MethodsFile VulnerabilitiesNiktoCommixDotdotpwnWafw00fDirectory TraversalBrute ForceBug BountyAPI PentestingContentThis training is perfect for people who want to be an Ethical Hacker and a Bug Bounty Hunter. We are going to start from scratch and make our way up to all details. We are going to cover Kali Linux, Burpsuite, HTML, XSS, SQL, PHP Injection and so much more. All curriculum is designed to make you comfortable during the process.Warning: This course aims to teach people how to become ethical hackers and cyber security specialists. All students must use the related information within legal boundaries as mentioned in the course to make internet a safer place.

Overview

Section 1: Introduction

Lecture 1 Introduction

Lecture 2 Course Manual

Section 2: Kali Linux Setup

Lecture 3 Kali Linux Setup Intro

Lecture 4 What is Virtual Machine?

Lecture 5 Virtualbox Installation (Windows)

Lecture 6 Virtualbox Installation (MAC)

Lecture 7 Kali Linux Download

Lecture 8 Kali Linux Download Links

Lecture 9 Kali Linux Installation

Lecture 10 Installation Problem Solving (Windows)

Lecture 11 Kali Linux Manual ISO Installation

Lecture 12 Installation Problem Solving (MAC)

Lecture 13 Solutions to Common Problems & Links

Lecture 14 Taking Snapshots

Lecture 15 Kali Linux Overview

Lecture 16 Navigation

Lecture 17 Moving Stuff

Lecture 18 Privilege and Permissions

Lecture 19 Linux Folders

Lecture 20 Linux Package Managers

Lecture 21 Nano

Lecture 22 Changing Password

Section 3: HTML Crash Course

Lecture 23 HTML Crash Course Intro

Lecture 24 What is a Website?

Lecture 25 Introduction to HTML

Lecture 26 Tags

Lecture 27 Elements and Attributes

Lecture 28 Forms

Lecture 29 Footer & Header

Section 4: HTML Injection

Lecture 30 HTML Injection Intro

Lecture 31 Installing Beebox

Lecture 32 Burpsuite Setup

Lecture 33 HTML Injection

Lecture 34 Stored HTML Injection

Lecture 35 Hacking with Forms

Lecture 36 Dirbuster Usage

Lecture 37 iFrame Injection

Section 5: PHP Injection

Lecture 38 PHP Injection Intro

Lecture 39 PHP Code Injection

Lecture 40 Upload Vulnerability

Section 6: Command Execution & SSI

Lecture 41 Command Execution Intro

Lecture 42 Foxy Proxy

Lecture 43 OS Command Injection

Lecture 44 Commix

Lecture 45 SSI Injection

Lecture 46 SSI Medium

Section 7: Directory Traversal

Lecture 47 Directory Traversal Intro

Lecture 48 What is Directory Traversal?

Lecture 49 Directory Traversal Vulnerabilities

Lecture 50 Dotdotpwn

Section 8: XSS

Lecture 51 XSS Intro

Lecture 52 Reflected XSS

Lecture 53 Reflected AJAX XSS

Lecture 54 Stored XSS

Section 9: Access Control & IDOR

Lecture 55 Broken Access Control

Lecture 56 IDOR

Lecture 57 Reading Other Users Chat

Section 10: CSRF

Lecture 58 CSRF Intro

Lecture 59 Metasploitable Installation

Lecture 60 Metasploitable Config

Lecture 61 Cookies

Lecture 62 CSRF Introduction

Lecture 63 CSRF Simple Hack

Lecture 64 CSRF Hacking with Link

Section 11: Brute Force

Lecture 65 Brute Force Intro

Lecture 66 Brute Force Attacks

Lecture 67 Intruder

Section 12: SQL Crash Course

Lecture 68 SQL Crash Course Intro

Lecture 69 What is SQL?

Lecture 70 Creating SQL Tables

Lecture 71 Inserting Values to Tables

Lecture 72 Filtering

Lecture 73 Advanced Query

Lecture 74 Guessing

Section 13: SQL Injection Introduction

Lecture 75 SQL Injection Intro

Lecture 76 Confirming SQLi Vulnerabilities

Lecture 77 Logging In Without Password

Lecture 78 OR

Lecture 79 SQLi In Hardened Security

Section 14: SQLi GET Request

Lecture 80 SQLi GET Request Intro

Lecture 81 GET Vulnerabilities and Decoder

Lecture 82 Union Select Operations

Lecture 83 Credit Card Numbers

Section 15: SQLi Advanced

Lecture 84 SQLi Advanced Intro

Lecture 85 Blind Injections

Lecture 86 SQLi Alternative Tests

Lecture 87 Hex Values

Lecture 88 Reading and Writing Files

Lecture 89 Shell with SQLi

Lecture 90 SQLMap

Section 16: Juice Shop

Lecture 91 Juice Shop Intro

Lecture 92 What is Juice Shop?

Lecture 93 Juice Shop Deployment

Lecture 94 Scoreboard

Lecture 95 DOM XSS

Lecture 96 Registering Users

Lecture 97 Feedback

Lecture 98 Viewing Someone Else's Basket

Lecture 99 SQL Injection

Lecture 100 Decrypting Password from Cookies

Lecture 101 Accessing Admin Dashboard

Lecture 102 XXE Attacks

Lecture 103 Creating Users with Admin Privileges

Lecture 104 Captcha Bypass

Lecture 105 Changing Requests

Lecture 106 Faking Feedbacks and Reviews

Lecture 107 Order Negative Amount

Section 17: SSRF

Lecture 108 What is SSRF?

Lecture 109 First SSRF Attack

Lecture 110 SSRF Backend Attack

Lecture 111 Blacklist

Lecture 112 Whitelist

Section 18: Information Gathering

Lecture 113 Information Gathering Intro

Lecture 114 Whois Lookup

Lecture 115 DNS Lookup

Lecture 116 Sitereport

Lecture 117 Firewall

Section 19: API Pentesting

Lecture 118 What is API Security?

Lecture 119 DigitalOcean Free Credit Link

Lecture 120 Creating Server

Lecture 121 Installing API in Server

Lecture 122 Burpsuite Settings

Lecture 123 Postman

Lecture 124 Broken Object Authorization

Lecture 125 Broken Authentication

Lecture 126 Excessive Data Exposure

Lecture 127 One Time Password Bypass

Lecture 128 Broken Function Level Authentication

Lecture 129 Mass Assignment

Lecture 130 Cors

Lecture 131 SQLi

Lecture 132 Improper Asset Management

Lecture 133 Closing

Section 20: Making Legal Money

Lecture 134 Making Legal Money Intro

Lecture 135 Making Legal Money & Next Steps

People who want to learn about Web Pentesting,People who want to learn making totally legal money in cyber security,People who want to learn about Burpsuite