Bug Bounty Course for BEGINNERS - Everything You Need To Know

Share

Summary

This course is designed to take you from knowing nothing about ethical hacking to successfully finding bugs on Bug Bounty programs, read activity and other people exploits and understand what is going on. This course covers everything you need to know in order to become a bug Bounty hunter, gives you a great foundation for recon, and allows you to find the most common and complex vulnerabilities and how to exploit them.

Highlights

A Review
04:55:55

Because will and recon all from these

The Best Reason Behind a Show Done
03:56:59

Most all Bug bounty programs. Will has a huge scope and what will to.

Taking Note to Get to Back the Phase
04:08:56

In this a.a is helpful.

Knowing the Dns
04:45:38

Does it so it all work as a so we check in with a the out with it.

Moving Along
04:47:36

A go to if you are there in or there in to do.

Scanning a Network With Out Scanning It- Legality
03:08:20

Is it important to watch from show and host in order to grab domains you don't want to can for port ranges.

Using BGp for Net to Test
03:18:00

Electric for running mass, showdons is mass and database, all through Ican.

Moving Onto New Pages With Browser
03:20:48

Is the first tool one should now use and what is good to be looking at sensitive

The Big
04:48:04

As not do what does in then then or and then

Introduction
00:00:00

The purpose of this course is to take complete beginners to bug bounty hunters. The course walks through what you need to know to become a bug bounty hunter, emphasizing studying and understanding exploits. The content is time-stamped for specific vulnerabilities, allowing users to skip to relevant sections.

Virtual Hosting Software Options
00:01:54

The video discusses virtual hosting software, recommending VMware over Virtual Box due to past issues with Virtual Box's performance. VMware offers a 30-day free trial. The video also notes that the course resources will contain download links for both options.

Virtual Box Installation
00:04:05

This section walks through downloading Virtual Box, extracting the download, and right-clicking on the Virtual Box image to open it. It advises clicking 'I copied it' when prompted about the machine's origin and adjusting RAM and CPU settings. The login credentials are provided as cie for both username and password.

VMware Installation
00:08:48

The video provides instructions for installing VMware, emphasizing downloading the VMware Fusion Player for Mac or VMware Workstation for Windows. It advises downloading a virtual machine from CI Linux and opening it with VMware Fusion, remembering to click 'I copied it'. Configuration involves maximizing memory and cores, with default credentials being ‘cie’ for both username and password.

Scanning Bug Bounty Targets
00:12:34

The video addresses scanning and fuzzing bug bounty targets safely, emphasizing the importance of understanding program rules. It recommends using Shodan to scan targets and avoiding vulnerability scanners/excessively fast fuzzing. Inmap scans should be slowed down, and its legality depends on local laws, which should be checked.

Legal Issues and Fuzzing
00:16:36

The video provides a link to a page with inmap network scanning legal issues. It then goes into the ways to fuzz specific directories safely which can include installing SEClist to use better worded options and to follow the fuff syntax.

Using Shodan for Bug Bounties
00:20:37

The video covers the tool Shodan for bug bounty hunting, noting its use for finding vulnerabilities and information disclosures without directly scanning targets. It explains that Shodan crawls internet-connected devices, storing software versions and vulnerabilities. The video then demonstrates how to use Shodan via terminal and browser, including initializing the API key and performing queries. The video also describes legal and unethical use cases and the Showdown montior feature.

Note Taking for Bug Bounties and Penetration Testing
00:44:11

The video emphasizes the importance of note taking for bug bounty hunting and penetration testing. It covers using Cherry Tree, screenshotting for notes, and adopting a consistent note-taking methodology. The default credentials will be noted next to each VM. Also, creating a checklist is helpful in note taking to make sure not to miss any vulnerabilities, bugs, or subdomains previously enumerated.

URL Structure and Fuzzing
00:51:59

The video describes the basic structure of a URL by going over the different parts and their functions in the URL. This allows for an understanding on what to fuzz and different URLs to save.

How DNS Works
00:52:26

The video explains how the Domain Name System (DNS) resolves domain names to IP addresses. Steps include checking the web browser cache, querying the ISP, contacting the root server, then the TLD server, before finally reaching the name server to obtain the IP address.

Using Dig to Check for Zone Transfers
00:58:30

The video introduces the 'dig' tool for checking DNS Zone transfers, which can reveal subdomains. It explains that a DNS Zone transfer replicates a DNS database between servers. If a system is vulnerable, you can execute dig to see potential attack vectors like emails and portals.

Additional Recon Tools
01:05:33

The video quickly reviews the recon tools 'whois' and 'NS lookup', noting they provide domain information, registration details, and IP addresses. 'theHarvester' is also mentioned to find more domains, subdomains, and emails.

Using Crt.sh for Subdomain Discovery
01:09:06

The video demonstrates using 'crt.sh' to find subdomains of a target domain. The website gives certification tickets with all subdomains you are looking at.

Gather Possible URL Targets
01:11:40

Explanation of using Way Back Machine. It also covers installing Way Back URLs by Tom Nom Nom, the importance of the go language, and running URLs through amass. You would then run a pseudo app install HTTP probe

Finding Subdomains with Sublister and Amass
01:22:54

The video introduces Sublister but promotes Amass for its better subdomain enumeration. It shows Open List plugin to have multible URLs to pull with subdomains from AMass.

Dis closer or looking for a BugBounding Program
03:36:36

Is how quickly this is go and be helpful. We' be using that because version is be

Understanding the Browser
03:39:39

Is what to what these have been all to and the and to the that.

Identifying Technologies with Wappalyzer
01:26:26

The video covers tools like Wappalyzer, React Developer Tools, and W3Techs for identifying technologies running on a website. It explains how this helps in finding vulnerabilities related to software versions and web servers. Walizer provides information of a target, a react dev opens up the directory with different folders, and the W3 tecks shows the different versions of Apaches running.

Setting Up and Running Inmap
01:32:01

The video explained about Inmap, and what kinds of details that the user should be looking for. An in map scan involves a network that brawls all of the information on all different sorts of mediums, such as Apache or Windows or web browsers.

Fuzzing for Subdomains and Directories with Fuff
01:35:35

Fuff can also be used to fuzz for the same methods. This includes good synatax shortcuts. This allows for many different endpoints to be looked at for the different protocols.

Note Taking for Bug Bounty Hunters
01:41:42

Many different tools such as notes from CTF can be found in Google dorks, or using the tool derb. The key is that having a good list tool in the tool belt and it is never the worst to have a few different recon toos so that you have a wide range of versitity for solving specific attacks.

Understanding URLs for Recon
01:40:46

Select the main domains. The best thing to remember and the point to this is know which websites can make easy to change and fuzz which allows you to pull bag information you do not have access to.

Bug Bounty Programs on HackerOne
01:40:50

Sort the programs by the newest possible targets. Target what is familiar. Follow the developers.

Setting Up
01:47:13

Installing tools and seeing what the use and options are for each of the tools and how you like them or do not them use them.

Checking for Zone Transfers with Dig
01:49:47

A big thing to not is the value of running into Zone transfer. Using this, you can grep and sort into specific domains and files, ports, VPN, and so on.

Learning URL Recon in Bug Bount
01:53:33

This is something worth knowing and getting ready for. What does that tell us Google. Show done you will find in your recon phase make sure to save interesting URLs for those

DNS Names and Connection Security (Tor and VPN)
01:55:49

How does browser know where it is going, Facebook, Wikipedia, the tour browser keeps IP secure.

Note on Cyber Security
01:57:57

Note to save URLs that look really what and what parts you can change to pull information.

Note Taking in the Subdomains
01:59:59

Cherry Tree and Note Taking process. Keep checklists to prevent vulnerabilities and good domain structure. Default sub node is software.

Finding Bugs with Recon Phase Note Taking
02:00:05

If a new ability comes out you can go back to the specific domain and the what is applicable to it all as well as have something like walizer installed.

Learning How to Use URLs
02:09:43

It is shown that you need to understand what URLs look interesting you can copy and paste them into your notes and then return and act upon them. 443 protocol and how host yahoos .com and other different types work.

Learning about Show Done
02:14:12

The fact is there, a key factor is to understand, the ability from the start. Remember in setup that a cve has come out

Note on Darket Diaries
02:24:47

People who like Showdown the most tend to have the ability to do any thing, and don't care about darket and that is exactly the point of all of that.

Recon Note - ShowDone
02:30:21

No having too to do, based to find bugs, saves you recon time and it is also easy a fast pace.

Checking Open Ports on Yahoo
02:34:38

Grabbing a host. Showdone doesn't work as well as running certain host it seems and in map and so on because what is reachable and in map shows what is reachable as well.

Moving Further Into Cyber Security - Note Taking
02:36:46

It all about the note taking process.

Setting Up Cherry Tree
02:40:44

Setting up directory properly and save time copy and paste to use screenshotting and save information.

Recon Process Using ShowDown
02:42:58

Looking for Bugbounding, cves, known vunnerabilities as well as sensative information. One of the last things is showans monitor function.

URL
02:46:04

Cool things filters about in Chrome and getting help from search filter.

What NOT To Use Regarding Exploitation
02:48:18

Don't take scan and looking at program, before in scope. No need for actual exploitation. As pen testing looking for very targets and who actual vulnerabilities.

ShowDown is Good
02:51:00

Those commands such as checking for 1.4.7 which save time from doing heavy lifting.

The Reason Google Does it, Compared TO What ShowDone Doe
02:57:39

ShowDone crawls all devices while, Google goes out crawls all pages.

Find Open Bugs, Itself
02:59:58

We have one those very iple from it and looking for that is based in recon. Just have a cve. Is on here

Submitting to A Cve came and ShowDan Help
03:08:48

But they need to make that even though there are seven, that those do it to is a legal act.

Final Note One Scans
03:59:06

The way to look, there a cve in all show done.com so it does that mass for the people

More Introduction
04:03:30

There also all of for of with this does.

There Is A
04:55:42

On there using.

Recently Summarized Articles

Loading...