This live webinar has been designed to guide you from the basics onto a real bug bounty platform and target. We will do this with a mix of practical labs that are naked and only contain one issue type or we might even migrate to testing for exploits on 1 bigger target or even multiple targets. At a certain point you will even build your own lab before hacking it!

High level overview

Day 1 - 3 hours - General introduction and easing into the issue types

Day 2 - 3 hours - Expanding our repetoire

Day 3 - 3 hours - Applying what we learned on a real target

Detailed syllabus

Day 1

001 - Introduction - 10 min

• Introduce instructor

• Welcome

• Introducing each other

• How we will go over the course

• Creating a checklist as we go

• How to use burp throughout this course

002 - CSRF - 15 min

• Explain

• Labs

003 - Open redirect - 15 min

• Build your own labs and exploit em

BREAK - 10 min

004 - BAC - 30 min

• Explaining

• Labs that are realistic (ratsite) , can you find at least 2 BAC issues?

005 - IDOR - 30 min

• Explain

• Labs (Cheesebook + ratsite)

006 - Business logic - 20 min

• Explain

• Labs (webshop)

Day 2

007 - Repeating from day 1 and adding to our checklist - 15 min

• CSRF attacks

• JWT attacks

• Open redirects

• BAC matrixes

• BAC techniques

• IDOR techniques

• Business logic

008 - Captcha bypass - 5 min

• Explain

• Labs

009 - SQLi - 5 min (shallow)

• Explain

• Labs

010 - LFI/RFI - 15 min

• Explain

• Labs

011 - XXE - 10 min

• Explain

• Labs

012 - Template injections - 10 min

• Explain CSTI

• Explain SSTI

• Labs

013 - XSS - 40 min

• Explain contexts + Reflected vs Stored

• Naked RXSS labs

• Stored XSS labs (ratsite)

BREAK - 10 min

014 - SSRF - 20 min

• Explain

• Labs

015 - Command injection - 5 min

• Explain

016 - CSP - 25 min

• Explain

• Exercises

• Labs

017 - Admin panel bypass - 10 min

Day 3

018 - Day 2 repetition plus adding to our checklist - 15 min

• Captcha bypasses

• SQLI

• LFI/RFI

• XXE

• CSTI/SSTI

• SSRF

• Command injection

• Admin panel bypass

019 - What you need to know about bug bounties - 25 min

020 - The intricacies of bug hinting - 20 min

• Basic info

• Show how to pick a target on intigriti

• Show targets to avoid on intigriti

021 - Main app hacking demo/hack a long - 20 min

• I will demo my main app methodology on ratsite, you on your target

BREAK - 10 min

022 - Hack your own target on your own - 30 min

023 - Broad scope methodology - manual - 30 min

024 - Broad scope methodology - auto - 30 min

025 - Free hacking - 30 min

EXTRA - I will be. there for another hour after the class ends so you can ask questions or practice a bit