-
cX0hT3
Always 5 stars for Zaid's courses!
I saw the ad on Youtube that Zaid is releasing a new course and was super excited about it! and once the course was released I bought it without even reading it's contents because I know all Zaid's courses are excellent and you learn a lot from it! I have almost all his courses and I gained a lot of experience. As of this course, I only progressed 10% and can't explain how amazing the course is! thanks alot Zaid! you are exeptional teacher.
Curriculum
-
Introduction
-
Information Disclosure vulnerabilities
- Introduction to Information Disclosure Vulnerabilities
- Discovering Database Login Credentials
- Discovering Endpoints & Sensitive Data
- Introduction to HTTP Status Codes
- Employing the Hacker / Bug Hunter Mentality to Discover Admin Login Information
- Manipulating Application Behaviour Through the HTTP GET Method
- Manipulating Application Behaviour Through the HTTP POST Method
- Intercepting Requests With Brup Proxy
-
Broken Access Control Vulnerabilities
-
Path / Directory Traversal
-
CSRF - Client-Side Request Forgery
-
OAUTH 2.0 Vulnerabilities
-
Injection Vulnerabilities
-
OS Command Injection
-
XSS - Cross Site Scripting
-
DOM XSS Vulnerabilities
-
XSS - Bypassing Security
-
Bypassing Content Security Policy (CSP)
-
SQL Injection Vulnerabilities
-
Blind SQL Injections
-
Time-Based Blind SQL Injection
-
SSRF (Server-Side Request Forgery)
-
SSRF - Advanced Exploitation
-
SSRF - Bypassing Security
-
Blind SSRF Vulnerabilities
-
XXE (XML External Entity) Injection
-
2 Hour Live Bug Hunting !
- Introduction
- Overview of the Target
- Discovering an Open Redirect Vulnerability
- Discovering a an XSS in the Response
- Discovering an XSS in a HTML Comment
- Discovering an XSS in a Date Picker
- Broken Access Control in Booking Page
- Analysing Application Files & Finding Sensitive Data
- Discovering Endpoints Hidden In Code
- Discovering an IDOR – Insecure Direct Object Reference
- Discovering Hidden Endpoints Using Regex
- Discovering a Complex Stored XSS
- Discovering Bugs in Hidden Elements
- Discovering Bugs in Hidden Parameters
-
Participating in Bug Bounty Programs
-
Bonus Section