hacking/Website Hacking/ Penetration Testing &Bounty Hunting
Website Hacking / Penetration Testing & Bug Bounty Hunting
What you’ll learn
- 90+ Videos to take you from a beginner to advanced in website hacking.
- Become a bug bounty hunter & discover bug bounty bugs!
- Exploit these vulnerabilities to hack into web servers.
- Advanced post-exploitation – hack other websites on the same server, dump the database, privilege escalation….etc
- Create a hacking lab & needed software (on Windows, OS X, and Linux).
- Discover, exploit, and mitigate a number of dangerous web vulnerabilities.
- Bypass security & advanced exploitation of these vulnerabilities.
- Bypass security & filters.
- Gain full control over the target server using SQL injections.
- Intercept requests using a proxy.
- Adopt SQL queries to discover and exploit SQL injections in secure pages.
- Learn Linux commands and how to interact with the terminal.
- Understand how websites & web applications work.
- Gather sensitive information about websites.
- Discover emails & sensitive data associated with a specific website.
- Discover unpublished directories & files associated with a target website.
- Find all subdomains associated with a website.
- Find all websites hosted on the same server as the target website.
- Exploit advanced file upload vulnerabilities & gain full control over the target website.
- Exploit advanced code execution vulnerabilities & gain full control over the target website.
- Exploit local file inclusion vulnerabilities to get a shell.
- Exploit advanced remote file inclusion vulnerabilities & gain full control over the target website.
- Exploit advanced local file inclusion vulnerabilities & gain full control over the target website.
- Discover, fix, and exploit SQL injection vulnerabilities.
- No Linux, programming, or hacking knowledge required.
- Computer with a minimum of 4GB ram/memory.
- Operating System: Windows / OS X / Linux.
Discovery, Exploitation & Mitigation – In this section you will learn how to discover, exploit and mitigate a large number of vulnerabilities, this section is divided into a number of sub-sections, each covering a specific vulnerability, firstly you will learn what is that vulnerability and what does it allow us to do, then you will learn how to exploit this vulnerability and bypass security, and finally we will analyse the code causing this vulnerability and see how to fix it, the following vulnerabilities are covered in the course:
- File upload – This vulnerability allow attackers to upload executable files on the target web server, exploiting these vulnerabilities properly gives you full control over the target website.
- Code Execution – This vulnerability allow users to execute system code on the target web server, this can be used to execute malicious code and get a reverse shell access which gives the attacker full control over the target web server.
- Local File Inclusion – This vulnerability can be used to read any file on the target server, so it can be exploited to read sensitive files, we will not stop at that though, you will learn two methods to exploit this vulnerability to get a reverse shell connection which gives you full control over the target web server.
- Remote File Inclusion – This vulnerability can be used to load remote files, exploiting this vulnerability properly gives you full control over the target web server.
- SQL Injection – This is one of the most dangerous vulnerabilities, it is everywhere and can be exploited to do all of the things the above vulnerabilities allow us to do and more, so it allows you to log in as admin without knowing the password, access the database and get all data stored there such as usernames, passwords, credit cards ….etc, read/write files and even get reverse shell access which gives you full control over the target server!
- Insecure Session Management- In this section you will learn how to exploit insecure session management in web applications and login to other user accounts without knowing their password, you’ll also learn how to discover and exploit CSRF (Cross-Site Request Forgery) vulnerabilities to force users to change their password, or submit any request you want.
Who this course is for: