Bug Bounty Training

INTRODUCTION

Bug Bounty program

History of Bug Bounty

INTRODUCTION TO BURPSUITE PRO

Java installation in the system

Proxy setting in Firefox browser

Burp Certification in Firefox

Foxy Proxy

RECON LIKE A HUNTER (FOOTPRINTING) (Reconnaisance)

Basic Ideas and Introduction

Nmap

Whatweb

Wappalyzer

Google dorks

Finding Subdomains of Domains

Github tools like (bbht, lazyrecon, assetfinder , )

Httpstatus.io

Github Recon

Extra – Censys, crt.sh , waybackmachine , dnsdumpster , shodan.io

HTML INJECTION

Basic idea on lab websites

Injection Findings Examples

Exploitation of HTML Injection Attack

Live POC

Mitigation of this Bug

CRITICAL and SOURCE CODE ERRORS, PATH TRAVERSAL

Basic Idea

Manual attacks

manually and automatically

Automatic attacks through payloads

Live POC

Mitigation of this Bug

XSS – CROSS SITE SCRIPTING

Basic Idea

XSS on LAB Target

Play with HTML & XML source code to find the reflection

Reflected XSS

Stored XSS

DOM XSS

XSS Exploitations

BLIND XSS

Introduction to KNOXSS tool (Best tool ever)

Live POC

Mitigation of this Bug

WEB CACHE POISONING ATTACK

Bsic Idea

Attack into the Host

Live POC

Mitigation of this Bug

CSRF – CROSS SITE REQUEST FORGERY

Conclusion of the Bug

Attacking Area

CSRF on different different pages

Account take over CSRF

Anti CSRF Tokens

My personal Live POC

Mitigation of this Bug

URL REDIRECT & FORWARD

Basic Concept

Attacking on the main domain URL

Attacking through burpsuite search key’s

Live POC

Mitigation of this Bug

SQL INJECTION

What is SQLi

Virtual Box LAB for SQLi

Authentication Bypass Attack

SQL MAP

Havij pro

Union Based SQLi

Exploitation (Getting Database) on the GET BASED , POST BASED , HEADER BASED & COOKIE BASED

Attacks on Live website

POC

Mitigation of this Bug

COMMAND INJECTION

What is CMDi

Attacks using Delimeters

Google cloud shell POC

Executing Arbitariry command

Live POC

Mitigation of this Bug