About
This course offers a comprehensive introduction to identifying and responsibly exploiting application vulnerabilities. It covers Web Application Architecture fundamentals and the critical OWASP Top 10. Participants will learn to distinguish Bug Bounty Hunting from Penetration Testing, engage in hands-on simulations, and master essential tools like Burp Suite.Course curriculum
- Introduction
- Course Introduction
- Disclaimer
- Rules for asking Questions
- How to Download a Certificate - OWASP Top 10
- What is OWASP and Injection
- What is Broken Authentication
- What is Sensitive Data Exposure
- What is XML External Entities
- What is Broken Access Control
- What is Security Misconfiguration
- What is Cross Site Scripting (XSS)
- What is Insecure Deserialization
- What is Using Components with Known Vulnerabilities
- What is Insufficient Logging and Monitoring
- Revision of OWASP - Burp Suite and Lab Setup
- Burp Suite Proxy Lab Setup
- Burpsuite Setup Revision - Authentication Bypass
- Authentication Bypass Exploitation Live -1
- Authentication Bypass Exploitation Live -2
- Authentication Bypass Exploitation Live -3
- Authentication Bypass Exploitation Live -4
- Authentication Bypass Exploitation Live -5
- Authentication Bypass Exploitation Captcha
- Authentication Bypass to Account Takeover Live -1
- Authentication Bypass to Account Takeover Live -2
- Authentication Bypass due to OTP Exposure Live -1
- Authentication Bypass due to OTP Exposure Live -2
- Authentication Bypass 2FA Bypass Live
- Authentication Bypass - Email Takeover Live
- Authentication Bypass Mitigations
- Authentication Bypass Interview Questions and Answers
- Authentication Bypass Revision - No Rate-Limit Attacks
- No Rate-Limit leads to Account Takeover Live Type-1
- NO RL Alternative Tools Introduction
- No Rate-Limit leads to Account Takeover Live Type -2
- No Rate-Limit leads to Account Takeover Live Type -3
- No Rate-Limit leads to Account Takeover Live Type -4
- No Rate-Limit leads to Account Takeover Live Type -5
- No Rate-Limit to Account Takeover Live - Type 6
- No Rate-Limit to Account Takeover Live - Type 7
- No Rate-Limit Instagram Report Breakdown
- No Rate-Limit Instagram Report Breakdown 2
- No Rate Limit Bypass Report Breakdown
- No Rate Limit Bypass Report Breakdown 2
- No Rate-Limit to Tool Fake IP Practical
- No Rate-Limit test on CloudFare
- No Rate-Limit Mitigations
- No Rate-Limit All Hackerone Reports Breakdown
- Burp Alternative: OWASP ZAP Proxy for No RL
- No Rate-Limit Revision - Cross Site Scripting (XSS)
- How XSS Works
- Reflected XSS on Live 1
- Reflected XSS on Live 2
- Reflected XSS on Live 3 Balanced
- XSS on Limited Inputs Live 1
- Reflected XSS on Live Manual Balancing
- XSS on Limited Inputs Live 2
- XSS in Request Headers - Live
- Reflected XSS Useragent and Caching
- Reflected XSS Email Validator Live
- Reflected XSS Protection Bypass Live 1 - Base64
- Reflected XSS Protection Bypass Live -2
- XSS using Spider
- XSS Bypass Right Click Disabled
- Blind XSS Exploitation
- Stored XSS Exploitation Live
- DOM XSS Name
- DOM XSS Redirect
- DOM XSS Index
- DOM XSS Automated Scanner
- XSS on Live by Adding Parameters
- XSS Mouse on Lab
- XSS Mouse Live
- XSS Mouse Events All Types
- XSS Polyglots Live
- XSS Polyglots Breakdown
- XSS Exploitation - URL Redirection
- XSS Exploitation - Phishing
- XSS Exploitation Cookie Stealer Lab
- XSS Exploitation Cookie Stealer Live
- XSS Exploitation File Upload Type -2
- XSS Exploitation File Upload Type -3
- XSS Exploitation File Upload Type-1
- XSS Mitigations
- XSS Bonus TIPS and TRICKS
- XSS Hackerone ALL Reports Breakdown
- XSS Interview Questions and Answers
- XSS Revision
- XSS Revision - 2 - Cross Site Request Forgery (CSRF)
- How CSRF Works
- CSRF Alternative Tools Introduction
- CSRF on LAB
- CSRF on LAB - 2
- CSRF on Live -1
- CSRF on Live -2
- CSRF Password Change Lab
- CSRF Funds Transfer Lab
- CSRF Request Methods Trick - Lab
- CSRF to Account Takeover Live -1
- CSRF to Account Takeover Live -2
- Chaining CSRF with XSS
- CSRF Mitigations
- CSRF BONUS Tips and Tricks
- CSRF ALL Hackerone Reports Breakdown
- CSRF Interview Questions and Answers
- Alternative to Burpsuite for CSRF: CSRF PoC Generator - Cross Origin Resource Sharing (CORS)
- How CORS Works
- CORS 3 Test Cases Fundamentals
- CORS Exploitation Live -2 Exfiltration of Account Details
- CORS Exploitation Live -3 Exfiltration of Account Details
- CORS Live Exploitation -4
- CORS Exploitation Facebook Live
- CORS Live Prefix Match
- CORS Live Suffix Match
- CORS Mitigations
- CORS Breakdown of ALL Hackerone Reports - How to start with Bug Bounty Platforms and Reporting
- BugCrowd ROADMAP
- Hackerone ROADMAP
- Open Bug Bounty ROADMAP
- NCIIPC Govt of India ROADMAP
- RVDP All Websites ROADMAP - Bug Bounty Reporting Templates
- Reporting Templates - Exploitation of CVE 2020-5902 Remote Code Execution
- Exploitation
- Assets & Resources
- Final Words - Exploitation of CVE 2020-3452 File Read
- Exploitation of CVE 2020-3452 File Read - Exploitation of CVE 2020-3187 File Delete
- Exploitation of CVE 2020-3187 File Delete - Snapshot
- Ethical Hacking_Bug Bounty
- Snapshot to XSS
- Snapshot to CSRF - OWASP 2021
- A1- Broken Access Control
- Tips and Best Practices for IDOR
Download
Free download for users PRIV8
Password
htdark.com
![Certified Exploit Development Professional [CEDP]](/data/resource_icons/0/128.jpg?1753658993){kind=icon}
