HTDark | Underground Hacking Forum and Cybersecurity Community
  • Earn real money by being active: Hello Guest, earn real money by simply being active on the forum — post quality content, get reactions, and help the community. Once you reach the minimum credit amount, you’ll be able to withdraw your balance directly. Learn how it works.
Resource icon

RECON FOR BUG BOUNTIES & PENETRATION TESTING 2025-01-12

No permission to download
You don't need to like the resource to download it.
You have reached your daily download limit.
You have bypassed the message count limit.
Overview History Discussion

Screenshot-2025-01-12-11-17-37-35-e4424258c8b8649f6e67d283a50a2cbc.jpg

About Course​

This course covers the reconnaissance phase of bug bounty hunting and penetration testing, teaching participants how to gather crucial information about a target to identify vulnerabilities and attack vectors

Course curriculum

  1. Introduction
    - Introduction
    - Motivation & Importance
    - Future Updates
    - Disclaimer
    - Rules for asking Questions
    - How to Download a Certificate
  2. Note Keeping
    - Note Keeping Importance
    - How to make Notes
    - Effective Note Keeping for Pentest & Bug Bounties
    - Visual Notes
  3. Bug Bounty Recon Introduction
    - Top 10 Rules for Bug Bounties
    - Zen Poem
    - What is Web
    - What is DNS
    - How does Web Server Work?
    - Revision of Web, DNS and Server
    - URL vs URN vs URI
    - Breakdown of URL
    - Revision of URL
    - How to make the best out of this course
    - Feedback Time!
  4. Shodan for Bug Bounties
    - Shodan Installation & Lab Setup
    - Shodan API
    - Shodan Info & Count
    - Shodan Scan Downloads
    - Shodan Revision
    - Shodan Host Enumeration
    - Shodan Parse Dataset
    - Shodan Search Query
    - Shodan Scan Commands
    - Shodan Stats
    - Shodan GUI
    - Shodan Report Generation
    - Shodan Report Generation - Part 2
    - Shodan Images
    - Shodan Exploits
    - Shodan Live Hunting - Remote Code Execution
    - Shodan Live Hunting - Sensitive Data Exposure
    - Exploitation of CVE 2020-3452 File Read
    - Exploitation of CVE 2020-3187 File Delete
    - Shodan Live Hunting - Jenkins Exploitation Logs
    - Shodan Live Hunting - Jenkins Exploitation Credentials
    - Shodan Live Hunting - ADB
    - BONUS Shodan Extension
    - Shodan Revision
  5. Certificate Transparency for Subdomain Enumeration
    - Certificate Transparency Crt.sh
    - Certificate Transparency Crt.sh Wildcards
    - Certificate Transparency Crt.sh Automation
    - Shodan Subdomain Enumeration
    - Shodan Subdomain Enumeration Automation
    - Censys Subdomain Enumeration
    - Censys Subdomain Enumeration Automation
    - Facebook Certificate Transparency
    - Google Certificate Transparency
    - Certificate Transparency Revision
  6. Scope Expansion
    - Pentest Tools
    - Virus Total
    - Sublister -1
    - Sublister -2
    - Sublister -3
    - Project Discovery Data Sets
    - Project Discovery Data Sets CLI
    - Project Discovery Data Sets CLI -2
    - Nmmapper
    - Revision of Scope Expansion
  7. Diving in depth of Archives for Bug Bounties
    - Wayback URL Introduction
    - Wayback URL -2
    - Wayback URL Tool
    - Wayback Iframe
    - Wayback URL with Burp
    - Wayback URL Automation -1
    - Wayback URL Automation -2
    - Wayback URL Automation -3
    - Wayback URL Live Hunting Bugcrowd
    - Wayback URL Report Breakdown
    - URL's from wayback,otx,commoncrawl
  8. DNS Enumeration for Bug Bounties
    - DNS Dumpster for Subdomains
    - DNS Goodies
    - Bonus DNS Dumpster Workflow
  9. CMS Identification
    - Wappalyzer for Technology Identification
    - Builtwith for Technology Identification
    - Whatweb Opensource Technology Identification
    - Netcraft Active Cyber Defence
    - Retire JS - Hunt Outdated JS Libraries
    - Retire JS - Burp Installation
  10. Fuzzing
    - Fuzzing Introduction
    - Fuzzing Importance
    - Fuzzing Process
    - Fuzzing Step by Step
    - Installation of Burpsuite
    - Fuzzing on Lab
    - Fuzzing on Live
    - Fuzzing for Sensitive Files
    - Fuzzing for Sensitive Files -2
    - Fuzzing Multiple Layers
    - Wfuzz Installation
    - Wfuzz Installation -2
    - Wfuzz Basic Fuzzing
    - WFuzz Login Authentication
    - FFUF - Fuzz Faster U Fool
    - FFUF Installation
    - FFUF Working
    - FFUF Revision - Fuzzing
    - FFUF Directory Fuzzing with extensions
    - FFUF Directory Fuzzing with extensions Revision
    - FFUF Revision - Filter & Matcher
    - FFUF Login Authentication FUZZ
    - FFUF Revision - Login Authentication FUZZ
    - Join the Student Community
    - Solve the FUZZ CTF
  11. Content Discovery
    - dirsearch
  12. WAF Identification
    - WAF Detection with Nmap
    - WAF Fingerprinting with Nmap
    - WafW00f vs Nmap
  13. Google Dorks
    - Google Dorks Manually
    - How to become author of Google Dork
  14. Bug Bounty Platforms
    - Bucgrowd
    - Hackerone
    - Intigriti
    - Open Bug Bounty
    - Private RVDP Programs
    - NCIIPC Govt. of India
    - SynAck
  15. Mindmaps for Recon & Bug Bounties
    - What are Mindmaps
    - Life Mindmap Example
    - Breakdown of a Mindmap
    - Mindmap by Jhaddix
    - My Personal Mindmap by Rohit Gautam
  16. Next Steps
    - Vote for the Next Module!
  17. Snapshot
    - Snapshot of Recon for Ethical Hacking / Penetration Testing & Bug Bounty
    - Snapshot of Google Dorking
    - Snapshot of Shodan Filters
    - Snapshot of URL, URN, and URI
    - Understanding DNS Records in Reconnissance

Download
Free download for users PRIV8

Password
htdark.com
Author
dEEpEst
Downloads
0
Views
109
First release
Last update

Ratings

0.00 star(s) 0 ratings
Join the discussion More information

More resources from dEEpEst

Share this resource

Back
Top