Scribd
Upload
136 views2 pages

Bug Hunting

The document discusses various topics related to cyber security including bug bounty, penetration testing, red teaming, security operations centers, hacking machines, networking, web application fundamentals, web application security testing, reconnaissance, Burp suite, session management, cross-site scripting, SQL injection, file inclusion vulnerabilities, cross-site request forgery, server-side request forgery, insecure direct object references, command injection, response manipulation, host header injection, parameter tampering, XML external entities, remote code execution, and bug bounty platforms.

Uploaded by

DrShubhamangala Sunila
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
136 views2 pages

Bug Hunting

The document discusses various topics related to cyber security including bug bounty, penetration testing, red teaming, security operations centers, hacking machines, networking, web application fundamentals, web application security testing, reconnaissance, Burp suite, session management, cross-site scripting, SQL injection, file inclusion vulnerabilities, cross-site request forgery, server-side request forgery, insecure direct object references, command injection, response manipulation, host header injection, parameter tampering, XML external entities, remote code execution, and bug bounty platforms.

Uploaded by

DrShubhamangala Sunila
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 2

1.

About Cyber Security Industry


o What is Bug Bounty
o What is Penetration Testing
o What is Red Teaming
o What is SOC
o Needs to be a Professional Bug Hunter
2. Setting up Hacking Machine
o Introduction to Linux Environment
3. Introduction to Networking
4. Web Application Fundamentals & Configurations
o HTTP and HTTPS Protocol
o HTTP Requests & HTTP Response
o URL & URI
o HTTP Methods
o HTTP Response Status Codes
o SOP & CORS
5. Introduction to Web Application Security Testing
o Types of Web Application Security Testing
o Approach for Web App Penetration Testing
6. Web Application Reconnaissance
7. Working with Burp suite
8. Exploiting Traditional Web Application Vulnerabilities
o Sub Domain Take Over o Click Jacking
o Checking Necessary Security Headers
o Checking SPF & DMARC Record
o CORS (Cross-Origin Resource Sharing)
o Testing Rate Limit
9. Introduction to Session Managements
o What is Session Management
o Testing Weak Session Logout Policy
o Testing For Session Timeout
o Session Fixation Vulnerability
10. Introduction to XSS (Cross-Site Scripting)
o Exploiting Reflected XSS
o Exploiting Stored XSS
o Exploiting DOM XSS
11. Introduction to SQL injection
o Logic behind SQL injection
o Authentication Bypass using SQL injection
o Error Balancing in SQLi
o Information Disclosure (Exploiting Database) through SQL injection
o Automate SQL injection Process
12. Introduction to File Inclusion Vulnerability
o Exploiting LFI
o Exploiting RFI
13. CSRF (Cross-Site Request Forgery Attack)
14. SSRF (Server-Side Request Forgery Attack)
o Exploiting Blind SSRF
15. IDOR (Insecure Direct Object Reference)
16. OS Command injection
17. Response Manipulation
18. Host Header Injection
19. Parameter Tampering
20. XXE (XML External Entity)
21. RCE (Remote Code Execution)
22. Introduction to Bug Bounty Platforms
o Hackerone
o Bug Crowd
o Open Bug Bounty Programs
23. Preparation for Cyber Security Interview
that they are endorsed. Please contact us for additional details.

You might also like