Search
START TYPING AND PRESS ENTER TO SEARCH
Contact Us : +918042191253 / +91 9972177789

Bug Bounty Hunting

Overview

  • This course “Practical Bug Bounty Hunting for Hackers and Pentesters, will guide you from finding targets, over developing exploits to writing comprehensive reports and ensure your success in the Bug Bounty industry. 
  • By the end of this course, with hands-on examples and real-world tricks, you will soon be able to find your first bug.

Course Module

Duration: 40 Hours

  1. About Cyber Security Industry
    • What is Bug Bounty
    • What is Penetration Testing
    • What is Red Teaming
    • What is SOC
    • Needs to be a Professional Bug Hunter
  2. Setting up Hacking Machine
    • Introduction to Linux Environment
  3. Introduction to Networking
  4. Web Application Fundamentals & Configurations
    • HTTP and HTTPS Protocol
    • HTTP Requests & HTTP Response
    • URL & URI
    • HTTP Methods
    • HTTP Response Status Codes
    • SOP & CORS
  5. Introduction to Web Application Security Testing
    • Types of Web Application Security Testing
    • Approach for Web App Penetration Testing
  6. Web Application Reconnaissance
  7. Working with Burp suite
  8. Exploiting Traditional Web Application Vulnerabilities
    • Sub Domain Take Over o Click Jacking
    • Checking Necessary Security Headers
    • Checking SPF & DMARC Record
    • CORS (Cross-Origin Resource Sharing)
    • Testing Rate Limit
  9. Introduction to Session Managements
    • What is Session Management
    • Testing Weak Session Logout Policy
    • Testing For Session Timeout
    • Session Fixation Vulnerability
  10. Introduction to XSS (Cross-Site Scripting)
    • Exploiting Reflected XSS
    • Exploiting Stored XSS
    • Exploiting DOM XSS
  11. Introduction to SQL injection
    • Logic behind SQL injection
    • Authentication Bypass using SQL injection
    • Error Balancing in SQLi
    • Information Disclosure (Exploiting Database) through SQL injection
    • Automate SQL injection Process
  12. Introduction to File Inclusion Vulnerability
    • Exploiting LFI
    • Exploiting RFI
  13. CSRF (Cross-Site Request Forgery Attack)
  14. SSRF (Server-Side Request Forgery Attack)
    • Exploiting Blind SSRF
  15. IDOR (Insecure Direct Object Reference)
  16. OS Command injection
  17. Response Manipulation
  18. Host Header Injection
  19. Parameter Tampering
  20. XXE (XML External Entity)
  21. RCE (Remote Code Execution)
  22. Introduction to Bug Bounty Platforms
    • Hackerone
    • Bug Crowd
    • Open Bug Bounty Programs

 

Course Schedule

Scheduled DateLocationAvailableRegister
01/06/2023 - 15/06/2023BengaluruLive on-line / Classroom ClassesRegister

Course Details

Duration: 20 Hours

Schedule

Location: Bengaluru
Available: VILT /ILT
Register
Download Syllabus

Contact Us

Subscribe to our newsletter

Courses

Gallery

Location

Write to US

GIT OFFERS WIDE Range of Courses

CISCO

CompTIA

EC-Council

CertNexus

Cloud

GIT IT Academy

GIT Academy Has been an innovative leader in developing and delivering authorized and customized technical training since 2002 empowering students to master their desired technologies for their unique environments.

Main Menu

Quick Links

Legal

© Copyrights 2021 GIT IT Academy. All rights reserved. 

Facebook-f Linkedin

Course Enquiry

Please submit the form, we'll be with you shortly.

Bootcamp Enquiry

Please submit the form, we'll be with you shortly.