CVE's for Ethical Hacking Bug Bounties & Penetration Testing

Updated : Live Website Hunting & Practicals for all the latest CVE's of 2020

Welcome to CVE's for Bug Bounties & Penetration Testing Course. This course covers web application attacks and how to earn bug bounties by exploitation of CVE's on bug bounty programs. There is no prerequisite of prior hacking knowledge and you will be able to perform web attacks and hunt bugs on live websites and secure them.

This course is not like other hacking or penetration testing course with outdated vulnerabilities and only lab attacks. This contains maximum live websites to make you comfortable with the Live Hunting Environment.

This course will start from basics of CVE Introduction, CVSS Score, Severity and Priority and dive in advance exploitation of CVE's.

This course is highly practical and is made on Live websites to give you the exact environment when you start your penetrating testing or bug hunting journey.

We will start from the basics of CVE's, How to setup Burp Suite Proxy for packet interception  to the exploitation of vulnerabilities leading to High Severity Bugs on live websites.

This course is divided into a number of sections, each section covers how to hunt, exploit and report a vulnerability in an ethical manner.

After identification of a vulnerability, we will exploit to leverage the maximum severity out of it.

In this course, you will also learn How can you start your journey on many famous bug hunting platforms like Bugcrowd, Hackerone and Open Bug Bounty.

Along with this, you will be able to hunt and report vulnerabilities to NCIIPC Government of India, also to private companies and to their responsible disclosure programs.

You will also learn Advance techniques to bypass filters and the developers logic for each kind of vulnerability. I have also shared personal tips and tricks for each attacks where you can trick the application and find bugs quickly.

This course also includes the Breakdown of all Hackerone Reports which are found and submitted by other hackers for better understanding as we will cover each type of technique in the course.

This course also includes important interview questions and answers which will be helpful in any penetration testing job interview.

Here's a more detailed breakdown of the course content:

In all the sections we will start the fundamental principle of How the attack works, Exploitation and Reporting of those attacks.

In Setting up Environment, We will cover what is Burp suite and how to configure it with our browser for identification of vulnerabilities.

1. In Bugcrowd VRT, we will cover about what is Bugcrowd VRT, Its pros and limitations and How you can contribute to the VRT.

Along with this we will also learn about CVSS Score, its parameters in depth which is responsible for the overall severity, CIA Triad and CVSS Calculator.

2. In Shodan for Bug-Bounties we will learn about Shodan Queries, and we will use Shodan GUI which is very simple and easily understandable. We will also see Shodan Images, Exploits , Report generation and alot more for increasing our scope of identifications of more assets.

3. Similar to Shodan, In Censys for Bug-Bounties we will learn about Censys Queries, and we will use Censys GUI which is very simple and easily understandable for increasing our scope of identifications of more assets.

4. In Certificate Transparency , we will learn about crt[dot]sh, wildcards of crt[dot]sh and We will learn automation for crt[dot]sh to enumerate subdomains for a target.

5. In Microweber CVE's, we will see how to identify vulnerability in Apache based CMS and we exploit one of the High severity vulnerability in which any unauthenticated attacker is able to dump the sensitive database details.

These details will include the servers username and password with more sensitive information.

6. In JIRA CVE's, we will see how to identify vulnerability in targets which are running atlassian based software configuration. By exploiting this vulnerability any unauthenticated attacker is able to get the sensitive details about the server with Bugs filed, Custom SLA Names and User enumeration which can expose  more sensitive information.

7. In Maracms CVE's, we will see how to identify vulnerability in targets which are running older version of maracms which is vulnerable to reflected cross site scripting vulnerability.

By exploiting this vulnerability any unauthenticated attacker is able to perform XSS attacks which can expose more sensitive information.

8. In Icewarp CVE's, we will see how to identify vulnerability in targets which are running older version of icewarp which is vulnerable to reflected cross site scripting vulnerability.

By exploiting this vulnerability any unauthenticated attacker is able to perform XSS attacks which can expose more sensitive information.

9. In BigIP CVE's, we will learn about the F5 Big IP Servers critical vulnerability and how can attacker exploit it to gain maximum privileges on the server.

By exploiting this vulnerability any unauthenticated attacker is able to perform Remote code execution attacks which can expose more sensitive information.

10. In Cisco CVE's, we will learn about the Cisco Servers critical vulnerability and how can attacker exploit it to gain privileges on the server.

We will see, How one can exploit the file read and file delete vulnerability

By exploiting this vulnerability any unauthenticated attacker is able to read files from the server and also delter files which can cause Denial of Service attacks on the server.

11. In SAP CVE's, we will learn about the SAP Servers critical vulnerability and how can attacker exploit it to gain user and root privileges on the server.

By exploiting this vulnerability any unauthenticated attacker is able to read sensitive information about all the users also perform sensitive actions on the target server.

12. In Kubernetes CVE's, we will learn about the Kubernetes Servers high vulnerability and how can attacker exploit it to read kubectl files from the server

By exploiting this vulnerability any unauthenticated attacker is able to read sensitive information about the kubectl servers.

13. In Bug Bounty Roadmap, we will learn about the different bug bounty platforms, How you can signup on them and start your journey as a security researcher and identify Vulnerabilities.

You will learn about different platforms like Bugcrowd, Hackerone, Synack, Open Bug Bounty, NCIIPC Govt of India and other private programs.

13. In Awesome Resources, we will learn about the Hackerone Hacktivity as one of the best resource to stay updated with latest attack vectors and read about publicly disclosed vulnerability reports of other hackers.

You will also get additional BONUS sessions, in which I m going to share my personal approach for hunting bugs. The course will be updated continuously with the latest high severity CVE's.

All the videos are recorded on Live websites so that you understand the concepts as well as you get comfortable to work on a live environment. I have also added Interview Questions and answers for each attack which will be helpful for those are preparing for Job Interviews and Internships in the field of Information Security.

With this course, you get 24/7 support, so if you have any questions you can post them in the Q&A section and we'll respond to you as soon as possible.

Notes:

• This course is created for educational purposes only and all the websites I have performed attacks are ethically reported and fixed.

• Testing any website which doesn’t have a Responsible Disclosure Policy is unethical and against the law, the author doesn’t hold any responsibility.