Recon For Bug Bounty Penetration Testers Ethical Hackers
What you’ll learn
Web Reconnaissance: Unlocking the Mysteries of Websites for Competitive Advantage
Beyond the Main Domain: Expert Tips for Discovering Subdomains
URL Mining: Advanced Techniques for Gathering Valuable Data and Insights
Parameter Discovery: Advanced Techniques for Uncovering Valuable Data
Information Mining: How to Unleash the Power of Data Through Smart Gathering
Unlocking the Power of Information: Safely Gathering Sensitive Data from Websites
Uncover the Hidden Truth: Mastering Deep Recon on Websites
Requirements
Basic knowledge of linux is required
Basic knowledge of vulnerabilities
Description
This course is fully made for website reconnaissance for bug bounty hunters, penetration testers & ethical hackers. This is a intermediate level course all the topics are discussed here regarding recon on websites.Some of the topics are what is reconnaissance, what is recon , recon for bug bounty hunters and penetration testers, Subdomain enumeration, URL enumeration, parameter bruteforcing, Creating your own recon tools and many more…This course is fully focused on website recon and vulnerability assessment.There will be full methodology of website reconnaissance, bug bounty hunting, penetration testing. The videos are divided into small sections for the students to learn. All the resources are provided in the resource section including links, pdf, payloads that are used in course.Course Curriculum : IntroductionIntroduction to reconSubdomain enumeration from toolsSubdomain enumeration #1Subdomain enumeration #2Subdomain enumeration #3Subdomain enumeration #4Subdomain bruteforcingFiltering unique domainsSubdomain generatorSubdomain enumeration from websitesSubdomain enumeration from website #1Subdomain enumeration from website #2Subdomain enumeration from website #3Subdomain enumeration from website #4Filtering live domainsFiltering live domainsURL extraction from the internetURL extraction from the internet #1URL extraction from the internet #2Finding parametersFinding parametersParameter bruteforcerFinding URL from pastURL from pastSorting urlsSorting url for vulnerabilitiesAutomation for replacing parameters with PayloadsAutomation for replacing parameters with PayloadsFootprinting websites ( Website recon )Whatweb reconNetcraftSecurity headersDnsdumpmasterWhois reconMxtoolboxOSINTMaltegoBrowser addons for reconwappalyzerretire.jsshodan KnoxxHack-tools addonWAF idetificationWAF identificationSubdomain takeoverHostileSubBruteForcerSub404SubjackFuzzing (Content-Discovery)dirbffufPort scanningIntroduction to nmapPort specification in nmapService and version detection from nmapFirewall bypass techniqueFast port scanningnabbumasscanVisual reconGowitnessGoogle dorkingIntroduction to google dorkingUnderstnding the URL structureSyntax of google dorkingGoogle dorking operatorsGoogle search operators ( Part – 1 )Google search operators ( Part – 2 )Google dorking practicalIntroduction to practical google dorkingHow to find directory listing vulnerabilities ?How to dork for wordpress plugins and thems ?How to dork for web servers versions ?How to dork for application generated system reports ?Dorking for SQLiReading materials for google dorkingTips for advance google dorkingTip #1Tip #2Tip #3Shodan dorkingIntro to shodan dorkingShodan web interfaceShodan search filtersShodan dorking practicalFinding serverFinding fIles and directoriesFinding operating systemsFinding compromised devices and websitesShodan command lineIntroduction to shodan command linePractical shodan in command lineGithub dorkingIntroduction to github dorkingGithub dorking practicalVulnerability scanningNuclei Wp-ScanScanning with burpsuiteMetasploit for reconDNS recon using metasploitSub-domain enumeration using metasploitE-mail address findingPort scanning using metasploitTCP SYN port scan using metasploitSSH version detectionFTP version enumerationMySQL version detectionHTTP enumerationPayloads for bug bounty huntersPayloads for bug hunters and enetration testersHow to create tools for recon ?SSRF finder toolXSS finding tooURL extractor from javascript filesFull website recon toolBonusBonus video Thank you :)Vivek Pandit
Overview
Section 1: Introduction
Lecture 1 Introduction
Section 2: Subdomain enumeration from tools
Lecture 2 Subdomain recon enumeration #1
Lecture 3 Subdomain recon enumeration #2
Lecture 4 Subdomain recon enumeration #3
Lecture 5 Subdomain recon enumeration #4
Lecture 6 Subdomain bruteforcing tools
Lecture 7 Subdomain generator
Section 3: Subdomain enumeration from websites
Lecture 8 Subdomain enumeration from website #1
Lecture 9 Subdomain enumeration from website #2
Lecture 10 Subdomain enumeration from website #3
Lecture 11 Subdomain enumeration from website #4
Section 4: Filtering live domains
Lecture 12 Filtering live domains
Section 5: URL extraction from the internet
Lecture 13 URL extraction from the internet #1
Lecture 14 URL extraction from the internet #2
Section 6: Finding parameters
Lecture 15 Finding parameters
Lecture 16 Parameter bruteforcer
Section 7: Finding URL from past
Lecture 17 URL recon from past
Section 8: Sorting urls
Lecture 18 Sorting url for vulnerabilities
Section 9: Automation for replacing parameters with Payloads
Lecture 19 Automation for replacing parameters with Payloads
Section 10: Footprinting websites (website recon)
Lecture 20 Wahtweb scanner
Lecture 21 Netcraft
Lecture 22 Security headers
Lecture 23 Dnsdumpmaster
Lecture 24 Whois recon
Lecture 25 Mxtoolbox
Lecture 26 OSINT recon
Lecture 27 Maltego
Section 11: Browser addons for recon
Lecture 28 Wappalyzer addon
Lecture 29 retire.js addon
Lecture 30 Shodan addon
Lecture 31 Knoxx addon
Lecture 32 Hack-tools addon
Section 12: WAF idetification
Lecture 33 WAF Identificaton
Section 13: Subdomain takeover
Lecture 34 HostileSubBruteForcer
Lecture 35 Sub404
Lecture 36 Subjack
Section 14: Fuzzing (Content-Discovery)
Lecture 37 dirb
Lecture 38 ffuf
Section 15: Recon with port scanning
Lecture 39 Introduction to nmap
Lecture 40 Port specification in nmap
Lecture 41 Service and version detection from nmap
Lecture 42 Firewall bypass technique
Section 16: Fast port scanning recon
Lecture 43 Naabu
Lecture 44 Masscan
Section 17: Visual recon
Lecture 45 Gowitness
Section 18: Google dorking
Lecture 46 Introduction to google dorking
Lecture 47 Understanding the structure of url
Lecture 48 Syntax of google dorking
Lecture 49 Golden rules of google dorking
Lecture 50 Google dorking operators
Lecture 51 Google search operators ( Part – 1 )
Lecture 52 Google search operators ( Part – 2 )
Section 19: Google dorking practical
Lecture 53 Introduction to practical google dorking
Lecture 54 How to find directory listing vulnerabilities ?
Lecture 55 How to dork for wordpress plugins and thems ?
Lecture 56 How to dork for web servers versions ?
Lecture 57 How to dork for application generated system reports ?
Lecture 58 Dorking for SQLi
Lecture 59 Reading materials for google dorking
Section 20: Tips for advance google dorking
Lecture 60 Tip #1
Lecture 61 Tip #2
Lecture 62 Tip #3
Section 21: Shodan dorking
Lecture 63 Introduction to shodan dorking
Lecture 64 Shodan web interface
Lecture 65 Shodan search filters
Section 22: Shodan dorking practical
Lecture 66 Finding servers
Lecture 67 Finding fIles and directories
Lecture 68 Finding operating systems
Lecture 69 Finding compromised devices and websites
Section 23: Shodan command line
Lecture 70 Introduction to shodan command line
Lecture 71 Practical shodan in command line
Section 24: Github dorking
Lecture 72 Introduction to github dorking
Lecture 73 Github dorking practical
Section 25: Vulnerability scanning
Lecture 74 Nuclei tool
Lecture 75 WP-Scan
Lecture 76 Scanning with burpsuite
Section 26: Metasploit for recon
Lecture 77 DNS recon using metasploit
Lecture 78 Sub-domain enumeration using metasploit
Lecture 79 E-mail address finder
Section 27: Port scanning using metasploit
Lecture 80 TCP SYN port scan using metasploit
Lecture 81 SSH version detection
Lecture 82 FTP version enumeration
Lecture 83 MySQL version detection
Lecture 84 HTTP enumeration
Section 28: Payloads
Lecture 85 Payloads for bug hunters and penetration testers
Section 29: How to create tools for recon ?
Lecture 86 XSS finding tool
Lecture 87 URL extractor from javascript files
Lecture 88 SSRF finder tool
Lecture 89 Full website recon tool
Section 30: Bonus
Lecture 90 Bonus video
Bug bounty hunters, penetration testers, ethical hackers and etc.
Course Information:
Udemy | English | 9h 7m | 7.17 GB
Created by: Vivek Pandit
You Can See More Courses in the IT & Software >> Greetings from CourseDown.com