About

Complete Practical Course on Ethical Hacking, Penetration Testing and Bug Bounty Hunting with Live Attacks

Learn from the Best

ETHICAL HACKING

ROHIT GAUTAM

A cyber threat fighter from Gujrat Technical University (GTU), Mr. Rohit is on a mission to make the future a safer place. Other than being on the Google Hall of Fame, Mr. Rohit is passionate about dispersing his knowledge to students. With his knowledge, experience, and expertise, become a certified Ethical Hacker at Skillarena!

What You'll Learn

  • Why Ethical Hacking? Look at the Opportunities in this.
  • Why it’s “Ethical” Hacking?
  • OWASP 10 and Fundamentals
  • OWASP Top 10 2013 vs 2017
  • Bug Bounty Hunting - Live
  • Tips and Tricks to hunt bugs
  • BreakDown of Hackerone Reports for better understanding
  • Interview Preparation Questions Answers and Approach
  • Web Application Penetration Testing - Live
  • Become a bug bounty hunters & Hunt on Live Websites
  • Intercept requests using a Burpsuite proxy
  • Gain full control over the target server using Authentication Bypass Attacks
  • Gain full control over the target server using Captcha Bypass Attacks
  • Gain full control over the target server using OTP /2FA Bypass Attacks
  • Discover Vulnerabilities, technologies & services used on the target website.
  • Authentication Bypass Interview Questions and Answers
  • Hunt Basic XSS Vulnerabilities on Live Environments
  • Exploit and perform Account Takeovers on Live websites
  • Authentication Bypass Mitigations and Fixes
  • Authentication Bypass Breakdown of Hackerone Reports
  • Breakdown of No-Rate Limit of all Hackerone Reports by Hackers
  • Hunt Advance XSS Vulnerabilities by Filter and WAF Bypass
  • Hunt Vulnerabilities and Bug Bounty using XSS vulnerabilities.
  • Fix and Mitigations against XSS Vulnerabilities
  • Authentication Bypass Bonus Tips and Tricks
  • Know about XSS Exploitation Cookie Stealer Labs
  • Discover XSS Mitigations 
  • Practical Tips and Tricks for hunting XSS Live
  • Breakdown of XSS of all Hackerone Reports by Hackers
  • Interview Questions and Answers for XSS Attacks
  • Gain full control over the target server using CSRF Attacks
  • Hunt Vulnerabilities using Advance CSRF Techniques
  • Perform Complete Account Takeover using CSRF on Lab
  • Perform Complete Account Takeover using CSRF on Live
  • Hunt Advance CSRF Vulnerabilities by Filter Bypass
  • Learn how to Fix and Mitigations against CSRF Vulnerabilities
  • Learn CSRF Funds Transfer Lab 
  • Know about CSRF password change 
  • Learn Tricks and Tips for CSRF  Live
  • Breakdown of CSRF of all Hackerone Reports by Hackers
  • Interview Questions and Answers for CSRF Attacks
  • Gain full control over the target server using CORS Attacks
  • Hunt Vulnerabilities using Advance CORS Techniques
  • Exfiltrating Sensitive Information by CORS Vulnerability
  • Fix and Mitigations against CORS Vulnerabilities
  • Practical Tips and Tricks for hunting CORS Live
  • Breakdown of CORS of all Hackerone Reports by Hackers
  • Hunt Vulnerabilities using No Rate-Limit Techniques
  • Complete Account Takeover at by No Rate-Limit Vulnerability
  • Fix and Mitigations against No Rate-Limit Vulnerabilities
  • Practical Tips and Tricks for hunting No Rate-Limit Live
  •  Introduction to CSRF Alternative Tools
  • CSRF ALL Hackerone Reports  Breakdown 
  • Interview Questions and answers of CORS
  • Learn CORS Exploitation
  • Discover Bug Bounty - Roadmap for Hackerone
  • Bug Bounty - Roadmap for Bugcrowd
  • Bug Bounty - Roadmap for OpenBugBounty
  • Bug Bounty - Roadmap for NCIIPC (Govt of India)
  • Bug Bounty - Roadmap for RVDP All Programs

What this Course Includes

  • 110 videos
  • 45 days of Self-Paced Learning Program
  • 4 downloadable resources
  • Real-Life Projects and activities.
  • Access on mobile, Laptop and TV
  • Lifetime access to videos content.
  • Live Sessions
  • Certificate of completion 
  •  Internship Opportunities


Requirements

  • Basic IT Skills will help students in better understanding.
  • No Linux, programming or hacking knowledge required.
  • Computer with a minimum of 4GB ram/memory & Internet Connection 
  • Operating System: Windows / OS X Linux


Course curriculum

  • 1

    New Chapter

  • 2

    Section 2

    • 3. What is OWASP and Injection

    • 4. What is Broken Authentication

    • 5. What is Sensitive Data Exposure

    • 6. What is XML External Entities

    • 7. What is Broken Access Control

    • 8. What is Security Misconfiguration

    • 9. What is Cross Site Scripting (XSS)

    • 10.What is Insecure Deserialization

    • 11. What is Using Components with Known Vulnerabilities

    • 12. What is Insufficient Logging and Monitoring

    • OWASP Quiz

  • 3

    Section 3

    • 13. Burp Suite Proxy Lab Setup

  • 4

    Section 4

    • 14. Authentication Bypass Exploitation Live -1

    • 15. Authentication Bypass Exploitation Live-2

    • 16. Authentication Bypass Exploitation Live -3

    • 17. Authentication Bypass Exploitation Live -4

    • 18. Authentication Bypass Exploitation Live -5

    • 19. Authentication Bypass Exploitation Captcha

    • 20. Authentication Bypass to Account Takeover Live -1

    • 21. Authentication Bypass to Account Takeover Live -2

    • 22. Authentication Bypass due to OTP Exposure Live -1

    • 23. Authentication Bypass due to OTP Exposure Live -2

    • 24. Authentication Bypass 2FA Bypass Live

    • 25. Authentication Bypass - Email Takeover Live

    • 26. Authentication Bypass Mitigations

    • 27. Authentication Bypass Interview Questions and Answers

    • Authentication Bypass Quiz

  • 5

    Section 5

    • 28. No Rate-Limit leads to Account Takeover Live Type-1

    • 29. No Rate-Limit leads to Account Takeover Live Type -2

    • 30. No Rate-Limit leads to Account Takeover Live Type -3

    • 31. No Rate-Limit leads to Account Takeover Live Type -4

    • 32. No Rate-Limit leads to Account Takeover Live Type -5

    • 33. No Rate-Limit to Account Takeover Live - Type 6

    • 34. No Rate-Limit to Account Takeover Live - Type 7

    • 35. No Rate-Limit Instagram Report Breakdown

    • Resource

    • 36. No Rate-Limit Instagram Report Breakdown 2

    • 37. No Rate Limit Bypass Report Breakdown

    • 38. No Rate Limit Bypass Report Breakdown 2

    • 39.No Rate-Limit to Tool Fake IP Practical

    • 40. No Rate-Limit test on CloudFare

    • 41. No Rate-Limit Mitigations

    • 42. No Rate-Limit All Hackerone Reports Breakdown

    • 43. Burp Alternative: OWASP ZAP Proxy for No RL

    • Quiz- 3

    • Course Introduction ( Go and review all this course's instructions)

  • 6

    Section 6

    • 44. How XSS Works F

    • 45. Reflected XSS on Live 1

    • XSS+Payloads

    • 46. Reflected XSS on Live 2

    • 47. Reflected XSS on Live Manual Balancing

    • 48. Reflected XSS on Live 3 Balanced

    • 49. XSS on Limited Inputs Live 1

    • 50. Limited Inputs Live 2

    • 51. XSS in Request Headers - Live

    • 52. Reflected XSS Useragent and Caching

    • 53. Reflected XSS Email Validator Live

    • 54. Reflected XSS Protection Bypass Live 1 - Base64

    • 55. Reflected XSS Protection Bypass Live -2

    • 56. XSS using Spider

    • 57. XSS Bypass Right Click Disabled

    • 58. Blind XSS Exploitation

    • 59. Stored XSS Exploitation Live

    • 60. DOM XSS Name

    • 61. DOM XSS Redirect

    • 62. DOM XSS Index

    • 63. XSS on Live by Adding Parameters

    • 64. XSS Mouse on Lab

    • XSS+Mouse+payloads

    • 65. XSS Mouse Live

    • 66. XSS Mouse Events All Types

    • 67. XSS Polyglots Live

    • 68. XSS Polyglots Breakdown

    • 69. XSS Exploitation - URL Redirection

    • 70. XSS Exploitation - Phishing

    • 71. XSS Exploitation Cookie Stealer Lab

    • 72. XSS Exploitation Cookie Stealer Live

    • 73. XSS Exploitation File Upload Type -2

    • 74. XSS Exploitation File Upload Type -3

    • 75. XSS Exploitation File Upload Type- 1

    • 76. XSS Mitigations

    • 77. XSS Bonus TIPS and TRICKS

    • 78. XSS Hackerone ALL Reports Breakdown

    • 79. XSS Interview Questions and Answers

  • 7

    Section 7

    • 80. How CSRF Works

    • 81. CSRF Alternative Tools Introduction

    • 82. CSRF on LAB

    • 83. CSRF on LAB - 2

    • 84. CSRF on Live -1

    • 85. CSRF on Live -2

    • 86. CSRF Password Change Lab

    • 87. CSRF Funds Transfer Lab

    • 88. CSRF Request Methods Trick - Lab

    • 89. CSRF to Account Takeover Live -1

    • 90. CSRF to Account Takeover Live -2

    • 91. Chaining CSRF with XSS

    • 92. CSRF Mitigations

    • 93. CSRF BONUS Tips and Tricks

      FREE PREVIEW
    • 94. CSRF ALL Hackerone Reports Breakdown

    • 95. CSRF Interview Questions and Answers

    • CSRF+POC

  • 8

    Section 8

    • 96. How CORS Works

    • 97. CORS 3 Test Cases Fundamentals

    • 98. CORS Exploitation Live -2 Exfiltration of Account Details

    • 99. CORS Exploitation Live -3 Exfiltration of Account Details

    • 100. CORS Live Exploitation -4

    • 101. CORS Exploitation Facebook Live

    • 102. CORS Live Prefix Match

    • 103. CORS Live Suffix Match

    • 104. CORS Mitigations

    • 105. CORS Breakdown of ALL Hackerone Reports

    • CORS

  • 9

    Section 9

    • 106. BugCrowd ROADMAP

    • 107. Hackerone ROADMAP

    • 108. Open Bug Bounty ROADMAP

    • 109. NCIIPC Govt of India ROADMAP

    • 110. RVDP All Websites ROADMAP

    • Final Paper- Ethical Hacking

    • Course Introduction ( Go and review all this course's instructions)

  • 10

    Feedback Form

    • COMPULSORY