Uncle Rat’s Web Application Hacking And Bug Bounty Guide

Uncle Rat's Web Application Hacking And Bug Bounty Guide

Uncle Rat’s Web Application Hacking And Bug Bounty Guide

Take the leap from practice platform to bug bounty target

Language: english

Note: 4.6/5 (515 notes) 21,337 students

Instructor(s): Wesley Thijs

Last update: 2022-09-08

What you’ll learn

  • A Bug Hunters mindset, i won’t hold your hand. This is bug bounties
  • A solid bug bounty methodology to help you get started
  • Several attack techniques and how to employ them
  • What parameters to test for what vulnerabilities

 

Requirements

  • Be farmiliar with the basics of web communication like GET,POST,PUT,DELETE… calls
  • A computer that can run burp suite, OS doesn’t matter

 

Description

SUDO

I can not promise this course will find you bugs. I can promise I will leave you with a solid methodology that’s netted me a few nice extra monthly salaries. This method is not guaranteed to work for you. You will need to be adept. You will need to work.

If any course promises you that they WILL find you bugs, run as fast as you can.

WHOAMI

My name is uncle rat and i am here to help you take the next step. I am not here to hold your hand, I am here to push you over the edge. You’ve been practicing on practice platforms for long enough now, don’t you think? It’s time.

I will provide you with a solid methodology to build upon. I don’t want you to follow in my footsteps, I want you to write your own legend. This is after all the place where legends are born. 

Every chapter has at least a video file with slides to download and where applicable a full-text PDF with extra information. All extra’s like cheat sheets are separately downloadable for your comfort. 

– The XSS Rat

CAT ‘goals.txt’

I can hack, but i can only hack one target at a time. My passion is teaching so why not hit two birds with one stone?

I created this course because i strongly believe that if i hack 1 target i am just me but if i train 1000 hackers, we are an army. 

This is my goal, I want to make the internet a safer place but I can’t do it alone.


 

Who this course is for

  • Beginner bug bounty hunters who are looking for a solid methodology and mindset
  • Experienced pentesters looking to get into bug bounties
  • Companies training their cybersecurity staff to withstand even the toughest of logic attacks

 

Course content

  • Introduction
    • Introduction
    • What you need to know about bug bounties – Video
    • A look at bug bounties from all perspectives
    • Discord invite link
  • The Intricacies of bug bounties
    • The Intricacies of bug bounties
    • Quiz: The Intricacies of bug bounties
    • Let’s pick a target
  • Main app methodology
    • Main app methodology – Video
    • Main app methodology
    • Main app methodology demonstration on the owasp juice shop
    • Main app methodology – Demonstrated
    • Quiz: Main app methodology
  • Broad scope methodology
    • Broad scope manual methodology – Video
    • Broad scope manual methodology
    • Quiz: Manual broad scope methodology
    • Broad scope automated methodology – video
    • Birdseye view of broad scope methodology
    • Extra video: Quickly identify a target from a list of subdomains
    • Quiz: Broad scope automated methodology
  • Attack techniques: CSRF
    • What exactly is CSRF and how does it happen?
    • Attack techniques: CSRF – Video
    • Attack techniques: CSRF demonstration – video
    • Quiz: CSRF
    • Attack techniques: CSRF
    • Labs: CSRF basic labs
    • Lab: CSRF on impactful functionality
    • Solutions: CSRF on impactful functionality
    • Video solution CSRF lab 5 – server does not check anything
    • Video solution: Creation a CSRF PoC
  • Attack technique: Open redirect
    • Open redirects: What are they and how abuse them
    • Open redirects: What are they and how to abuse them
    • Labs: Open Redirect
  • Attack techniques: Intro to JWT
    • JWT tokens explained
    • Labs: JWT Attack techniques
    • JWT Extra resources
  • Attack techniques: CAPTCHA bypass
    • Captcha bypass
    • Labs: Captcha bypass
    • Labs: Instructions
    • Extra resources
  • Attack techniques – Broken Access Control
    • Attack techniques – Broken Access Control – video
    • Attack techniques – Broken Access Control
    • Attack techniques – Broken Access Control – Overview
    • Quiz: Broken Access Control
    • Lab: Broken Access Control
    • Solutions: Broken Access Control
    • Extra resources
  • Attack techniques – IDOR By Uncle Rat
    • Attack techniques – IDOR By Uncle Rat – Video
    • Attack techniques – IDOR By Uncle Rat
    • Quiz: IDOR
    • Labs: Attack techniques – IDOR By Uncle Rat
    • Solutions: Attack techniques – IDOR By Uncle Rat
  • Attack techniques – Business logic flaws
    • Video: Attack techniques – Business logic flaws
    • Article: The origin of Business logic flaws
    • Attack techniques – Business logic flaws
    • The origin of Business logic flaws
    • Quiz: Business logic flaws
    • Labs: Attack techniques – Business logic flaws
    • Solutions: Attack techniques – Business logic flaws
    • Labs: Business logic issues
    • Extra resources
  • Attack techniques – File Inclusions By PinkDraconian
    • 0 Introduction
    • 1 What are File Inclusions
    • 2 Finding a target
    • 3 Is The Target Vulnerable
    • 4 File Inclusion to RCE
    • 5 Wrapper Magic
    • 6 Tools Wordlists Exercises
    • Excercises: Dogcat
    • Excercises: Sniper
    • Excercises: SKFLFI2
    • Excercises: Book
    • Extra resources
  • Attack techniques – SQLi By PinkDraconian
    • 0 Intro
    • 1 What are SQLi
    • 2 Detecting SQLi
    • 3 Types of SQLi
    • 4 WAF Bypasses
    • 5 SQLMap
    • 6 References & Exercises
    • Excercises: 1 Portswigger Simple Login Bypass
    • Excercises: 2 Union Based SQLi To RCE!
    • Excercises: 3 MSSQL injection to RCE
    • Excercises: 4 Boolean Based SQLi
    • Excercises: 5 SQLi WAF Bypass
    • Excercises: 6 SQLi, XSS and XXE all in one payload
    • Extra resources
  • Attack techniques – XXE
    • Video: Attack techniques – XXE
    • Attack techniques – XXE
    • XXE
    • Labs: XXE
    • Solution to the labs
    • XXE Extra resources
  • XXE according to OWASP (Optional)
    • 0 Intro
    • 1 What is XXE
    • 2 Finding XXE attack vectors
    • 3 Exploiting XXEs
    • 4 WAFs and Filters
    • 5 Tools and Mitigations
  • Attack techniques – XPath injection
    • What is XPATH injection and how to test for it
    • Labs: XPath injection
  • Attack techniques – Template injections
    • Video: Attack techniques – Template injections – SSTI
    • Attack techniques – Template injections – SSTI
    • SSTI overview
    • Video: Attack techniques – Template injections – CSTI
    • Attack techniques – Template injections – CSTI
    • Quiz: Template Injections
  • Attack techniques – XSS
    • Video: What you NEED to know about XSS
    • Video: Ultimate beginner XSS guide
    • Video: Analyzing JS files
    • Analyzing JS files
    • Quiz: Analyzins JS files
    • Video: Advanced XSS Testing
    • Video: How to test for reflected XSS
    • How to test for stored XSS
    • What is DOM XSS
    • Labs: Reflected XSS
    • Solutions: Reflected XSS
    • Lab: Stored XSS
    • Solutions: Stored XSS
    • Cheat sheet: XSS
    • Labs: User submitted reflected XSS
  • Attack techniques: Insecure deserilisation
    • Lecture: Insecure deserilisation is not as hard as you may think
    • Video: Insecure deserilisation
    • Quiz: insecure deserilisation
  • CSP – Content security protection AKA why is my JS not executing?
    • What is CSP?
    • Let’s build some CSP
    • CSP Labs
    • Solutions: CSP Labs
  • Attack techniques – SSRF
    • Video: Attack techniques – SSRF
    • SSRF
    • Extra video: Blind SSRF, what is it and how to exploit it
    • Quiz: SSRF
  • Attack techniques – OS Command injection
    • Video: Attack techniques – OS Command injection
    • Attack techniques – OS Command injection
  • Attack techniques – WAF evasion techniques
    • Video: Attack techniques – WAF evasion techniques
  • Attack techniques – HTTP Parameter pollution
    • HTTP Parameter pollution
  • Using postman to hack APIs
    • API hacking with postman Part 1 – getting the basics down
    • API hacking with postman Part 2 – importing the API description
    • API hacking with postman Part 3 Pre-request scripts, tests and console
    • API hacking with postman Part 4 – Getting dirty with data sources
  • Practice: Let’s build some APIs to hack
    • Video: Let’s build some APIs that we can hack!
    • Let’s build an API to hack – Part 1: The basics
    • Let’s build an API to hack – Part 2: Faking it before breaking it
    • Let’s build an API to hack – Part 3: Information disclosure
  • Tools
    • Video: Full guide on How Burp Suite works
    • Video: Burp suite zero to hero
    • Video: My Top 10 Burp Suite extensions
    • Video: Authorize for automating IDORs and BAC
    • Video: The truth about XSS scanners … do they work or not?
  • Burp Suite practical examples
    • Testing for SQLi with burp suite
    • Testing for IDORs with Burp Suite
    • Testing websockets in burp
    • Testing a 2FA bypass in burp
  • Reporting
    • Video: Reporting
  • What now?
    • Next steps
    • Uncle Rat’s Recommended public bug bounty targets
  • CheesyLabs
    • There are 5 issues in here, can you find them all? – easy
    • CheesyLabs solutions
  • Master Labs
    • How to enter the master labs

 

Time remaining or 242 enrolls left

 

Don’t miss any coupons by joining our Telegram group 

Udemy Coupon Code 100% off | Udemy Free Course | Udemy offer | Course with certificate