*Friday CLOSED

Timings 10.00 am - 08.00 pm

Call : 021-3455-6664, 0312-216-9325 DHA 021-35344-600, 03333808376, ISB 03333808376

Bug Bounty Hunting & Web Security Testing In Germany, Berlin , Munich. Hamburg, Frankfurt, Cologne

image_pdfSave PDFimage_printPrint

Bug Bounty Hunting & Web Security Testing

Many websites, organizations, and software companies provide bug bounty programs in which users can gain credit and reward for reporting bugs, security exploits, and vulnerabilities. These programs help developers find and fix flaws before they are discovered by malicious hackers or the broader public, preventing widespread exploitation.

The ultimate Bug Bounty Hunting course will teach you how to seek and exploit application vulnerabilities using the necessary tools and techniques. This course aims to provide ethical hackers with the skills they’ll need to identify and disclose vulnerabilities.


What you’ll learn

  • Discover the most common web application bugs and vulnerabilities.
  • Discover bugs from the OWASP top 10 most common security threats.
  • Bypass filters & security on all of the covered bugs & vulnerabilities.
  • 2 Hour LIVE bug hunt / pentest on a real web application at the end of the course.
  • My approach to bug hunting and web application penetration testing.
  • The bug hunter / hacker mentality.
  • Efficiency use Burp Suite to discover bugs and vulnerabilities.
  • Discover sensitive & hidden information, paths, files, endpoints and subdomains
  • Gather information about websites & applications
  • Essential topics to bounty hunting.
  • HTTP methods & status codes.
  • Cookies & cookie manipulation
  • HTML basics for bug hunting.
  • XML basics for bug hunting.
  • Javascript basics for bug hunting.
  • Read & analyse headers, requests and responses
  • Discover information disclosure vulnerabilities.
  • Discover broken access control vulnerabiltiies.
  • Discover path / directory traversal vulnerabilities.
  • Discover CSRF vulnerabilities.

Course Content:

Module1:Introduction

  •  Course Introduction Preview
  • Introduction to Bug Hunting
  • What is a Website?

Module2:Introduction to Information Disclosure Vulnerabilities

  • Introduction to Information Disclosure Vulnerabilities
  • Discovering Database Login Credentials
  • Discovering Endpoints & Sensitive Data
  • Introduction to HTTP Status Codes
  • Employing the Hacker / Bug Hunter Mentality to Discover Admin Login Information
  • Manipulating Application Behaviour Through the HTTP GET Method
  • Manipulating Application Behaviour Through the HTTP POST Method
  • Intercepting Requests With Brup Proxy

Module3:Introduction to Broken Access Control Vulnerabilities

  • Introduction to Broken Access Control Vulnerabilities
  • Cookie Manipulation
  •  Accessing Private User Data
  •  Discovering IDOR Vulnerabilities
  • Privilege Escalation with Burp Repeater
  • Debugging Flows with HTTP TRACE & Gaining Admin Access!

Module4:Introduction to Path Traversal Vulnerabilities & Basic Discovery

  • Introduction to Path Traversal Vulnerabilities & Basic Discovery
  •  Bypassing Absolute Path Restriction
  •  Bypassing Hard-coded Extensions
  •  Bypassing Filtering
  •  Bypassing Hard-coded Paths
  •  Bypassing Advanced Filtering
  •  Bypassing Extreme Filtering

Module5: CSRF Vulnerabilities

Discovering & Exploiting CSRF Vulnerabilities


Module6: OAUTH Vulnerabilities

  •  Introduction to OAUTH 2.0
  •  OAUTH 2.0 Basic Exploitation
  •  Exploiting a Linking OAUTH 2.0 Flow Through CSRF
    12:23
  •  Exploiting a Login OAUTH 2.0 Flow Through CSRF

Module7: Injection Vulnerabilities

  •  Introduction to Injection Vulnerabilities
  •  Discovering a Basic Command Injection Vulnerability

Module8: OS Command Injection

  • Discovering a Basic Command Injection Vulnerabile
  • Discovering Blind Command Injection Vulnerabilitie
  • Discovering Asynchronous Blind Command Injection Vulnerabilitie
  • Using Burp Collaborator to Exploit Asynchronous Blind Command Injection

Module9: DOM XSS

  • Introduction to DOM XSS Vulnerabilities
  • Discovering a Reflected DOM XSS in a Line
  • Discovering a Reflected XSS in an Image Tag 
  • Injecting Java script Directly in a Page Script
  • Discovering XSS in a Drop-down Me
  • Discovering XSS in AngularJS Application

Who this course is for:
  • Anybody looking to become a bug bounty hunter.
  • Anybody interested in web application hacking / penetration testing.
  • Anybody interested in learning how to secure websites & web applications from hackers.
  • Web developers so they can create secure web application & secure their existing ones.

International Student Fee: 300$


Job Interview Preparation  (Soft Skills Questions & Answers)


 Your FREE eLEARNING Courses (Click Here)

Internships, Freelance and Full-Time Work opportunities



Flexible Class Options

  • Week End Classes For Professionals  SAT | SUN
  • Corporate Group Trainings Available
  • Online Classes – Live Virtual Class (L.V.C), Online Training

Related  Courses

System Administrator Fundamentals (for Ethical Hacking Foundation Online Course)

 Ethical Hacking Professional with KALI Linux 

Ethical Hacking Training Course (BootCamp)

Ethical Hacking Training with Penetration Testing (2 in 1) Course

Ethical Hacking Training – Complete Ethical Hacking Course

]

KEY FEATURES

[/vc_row_inner]

Flexible Classes Schedule

Online Classes for out of city / country students

Unlimited Learning - FREE Workshops

FREE Practice Exam

Internships Available

Free Course Recordings Videos

Register Now


Comments are closed.
ABOUT US

OMNI ACADEMY & CONSULTING is one of the most prestigious Training & Consulting firm, founded in 2010, under MHSG Consulting Group aim to help our customers in transforming their people and business - be more engage with customers through digital transformation. Helping People to Get Valuable Skills and Get Jobs.

Read More

Contact Us

Get your self enrolled for unlimited learning 1000+ Courses, Corporate Group Training, Instructor led Class-Room and ONLINE learning options. Join Now!
  • Head Office: A-2/3 Westland Trade Centre, Shahra-e-Faisal PECHS Karachi 75350 Pakistan Call 0213-455-6664 WhatsApp 0334-318-2845, 0336-7222-191, +92 312 2169325
  • Gulshan Branch: A-242, Sardar Ali Sabri Rd. Block-2, Gulshan-e-Iqbal, Karachi-75300, Call/WhatsApp 0213-498-6664, 0331-3929-217, 0334-1757-521, 0312-2169325
  • ONLINE INQUIRY: Call/WhatsApp +92 312 2169325, 0334-318-2845, Lahore 0333-3808376, Islamabad 0331-3929217, Saudi Arabia 050 2283468
  • DHA Branch: 14-C, Saher Commercial Area, Phase VII, Defence Housing Authority, Karachi-75500 Pakistan. 0213-5344600, 0337-7222-191, 0333-3808-376
  • info@omni-academy.com
  • FREE Support | WhatsApp/Chat/Call : +92 312 2169325
WORKING HOURS

  • Monday10.00am - 7.00pm
  • Tuesday10.00am - 7.00pm
  • Wednesday10.00am - 7.00pm
  • Thursday10.00am - 7.00pm
  • FridayClosed
  • Saturday10.00am - 7.00pm
  • Sunday10.00am - 7.00pm
WhatsApp Us