Web Applications Security and Bug Bounty Specialist - SlashWSB

 



Web Applications Security and Bug Bounty Specialist


Web Applications Security and Professional Bug Bounty Specialist Certification will help you in finding the security bugs or vulnerabilities in the Web Application.

In this course, we will be performing red team activity on web applications to identify the vulnerability, and the same will be responsibly reported to the security team of respective organizations to get big rewards.

Bug Bounty Expert is a tailored course that helps you recognize the security bugs or vulnerabilities in the web application. A bug-bounty program is a contract offered by various websites, such as Twitter, Yahoo, Uber, Coinbase, which are inviting researchers to assist and mitigate zero-day attacks or other possible security flaws, along with rewarding $100, $1,000, and even $10,000 per bug. This kind of bounty program addresses questions like How do you turn into a good bug hunter? This will help to make you go from zero to thousands of dollars on Hacker One or other bug hunting sites. This course will assist you in learning how to find bugs step by step (LIVE) in the
process.




Why you Join us :
#. 100% #Practical on Secure | Unsecure web applications
#. Real-time Challenges with every Training Modules
#. Customized Training
#. We cover OWASP Top 10+ CVE+ CWE+ CAPEC+ SANS 25 Software Errors
#. Resources will be provided for further learning
#. Proper Bug Reports will be provided



Training Level: 
Most of Bugs we will Practically demonstrate you on Live Modern WebApp



WebApp Testing Methodologies that are Covered in this Module includes:
● Bugcrowd’s Vulnerability Rating Taxonomy
● Common Weakness Enumeration (CWE) Vulnerabilities
● SANS TOP 25 Most Dangerous Application Vulnerabilities
● Common Attack Pattern Enumeration and Classification (CAPEC)



Syllabus... 

1) Practical Recon Techniques for Bug Hunters
● Manual Subdomain Analysis and Discovery
● Automated Subdomain Analysis and Discovery
● Recon Automation using Bash Shell Scripting
● Finding live Targets from collected Subdomains
● Identifying Web Application Technologies & Frameworks

2) Content Discovery on Collected Subdomains
● Common Crawling & Sensitive Directory Enumeration
● Identifying Exposed Internal Admin Portal
● Techniques for Identifying Sensitive Endpoints
● Testing for Content Management Systems
● Analysis of Robots Disallowed file

3) Testing the Security of Amazon Cloud Services
● Techniques for Identifying Disclosed S3 Buckets
● Testing for Amazon AWS S3 bucket Read Permissions
● Testing for Amazon AWS S3 bucket Write Permissions
● Testing for Amazon AWS S3 bucket Remove Permissions
● Testing for Amazon AWS S3 bucket Download Permissions
● Testing for AWS S3 Bucket Metadata Leakage

4) Security Issues in Github Repositories
● Sensitive Data Disclosure on Public Git Repository
● Techniques for Identifying Disclosed git folders
● Subdomain Pointing to Github Pages - Subdomain Takeover

5) BurpSuite Training for Bug Hunters
● Introduction to Burp: GUI, tools, audit workflow, inline help
● Automated Spidering and Scanning Web Application
● Target Module: Sitemap | Advanced Scope | Filter
● Proxy Module: Live modifications, interception and manual analysis
● Intruder Module: Covering every attack type and most payload types
● Repeater Module: live modifications and manual analysis
● Decoder Module: Decode -> Encode -> Decode Encryption
● Comparer Module: Manual analysis & Compare Request | Response
● Burpsuite Collaborator Client | External Service Interaction

6) Broken Authentication & Session Management Issues
● Session Expiration Issues
● Weak Login Function Issues
● Bypass Single factor Authentication
● Bypass Two factor (2FA) Authentication
● 2FA Missing Failsafe Issues (Account Takeover)
● OAuth Redirect_URI Issues (Token Hijacking)
● Account takeover related issues using OAuth
● Exposure of Private Information ('Privacy Violation')
● Incorrect Permission Assignment for Critical Function

7) Exploiting Password Recovery Functionalities
● Password Reset Token is Not Invalidated After Use
● Password Reset Token Leakage via Referer
● Password Reset Token Sent Over HTTP
● Static Password Reset Tokens

8) Access Control Vulnerabilities and Privilege Escalation
● Missing Authorization Issues
● Improper Authorization Issues
● Insecure Direct Object References (IDOR)
● Unauthorized Access Via User Impersonation
● Authorization Bypass Through User-Controlled Key
● User Enumeration (Sensitive Data Leaks)

9) Injection Vulnerabilities in Modern WebApps
● Introduction to Injection Vulnerabilities
● Finding All Possible Insertion Points
● Injection Vulnerability: Text Injection
● Injection Vulnerability: HTML Injection
● Injection Vulnerability: Cross Site Scripting
● Injection Vulnerability: Cookie Injections
● Injection Vulnerability: Host Header Injections
● Injection Vulnerability: Null Byte Injection
● Injection Vulnerability: CSV Injection
● Injection Vulnerability: SQL Injection
● Injection Vulnerability: NoSQL Injection
● Injection Vulnerability: LDAP Query Injections
● Injection Vulnerability: XML external entity (XXE) injection

10) Arbitrary Code Injection Vulnerabilities
● Apache Struts Vulnerability
● Remote Code Execution (RCE)
● Server Side Template Injections (SSTI)

11) Vulnerabilities of Modern WebApps - Part One
● Directory Traversal Attacks
● Local File Inclusion Vulnerability
● Remote File Inclusion Vulnerability
● Unrestricted File Upload with Dangerous Type
● Parameter Pollution in Social Sharing Buttons
● URL Redirection to Untrusted Site (Open Redirect)

12) Vulnerabilities of Modern WebApps - Part Two
● Cross-Origin Resource Sharing (CORS) Attacks
● Cross-Site Request Forgery (CSRF) - Action Specific
● Cross-Site Request Forgery (CSRF) - Account Takeover
● Server-Side Request Forgery (SSRF) - Sensitive Action
● Server-Side Request Forgery (SSRF) - Remote Service Scan

13) Testing for Dos / Buffer Overflow Issues
● XML-RPC Pingback DoS Attack
● Incorrect Calculation of Buffer Size
● XML External Entity (DTD) DoS attacks
● Buffer Copy without Checking Size of Input

14) Rate Limiting Missing on Applications Functions
● No Rate Limiting on API EndPoints
● No Rate Limiting on Login Form
● No Rate Limiting on Registration
● No Rate Limiting on Password Reset Functions
● No Rate Limiting on SMS related endpoints | SMS-Triggering
● No Rate Limiting on Email related endpoints | Email-Triggering

15) Other Security Misconfigurations in Modern WebApps
● No Password Policy
● Mail Server Misconfiguration
● Using Default Credentials Accesses
● Missing Encryption of Sensitive Data
● Argument Injection or Parameter Tampering
● Use of Broken or Risky Cryptographic Algorithm
● EXIF Geolocation Data Not Stripped From Uploaded Images

16) Application API Endpoint Analysis Tools
● Introduction to APIs
● Data Formats used with different APIs
● Identifying Sensitive API endpoints
● API Pentesting tool : Telerik Fiddler
● Intercepting API Endpoints with Fiddler
● Identifying data leaking APIs

Point to be Noted: Some Topics may be omitted from the whole modules Or some new Topics may be added.



Start your own Freelance Career and How to take Projects from
Companies | Online Sources
● We will guide you how to take IT Security Govt Projects
● We will guide you how to take Online Freelance Projects
● We will guide you how to work in Companies as Freelancer
● We will guide you how to take Projects from Corporate Companies



Pricing- 
USD $100 Only



Contact us:
Need Technical Assistance? Speak with a support representitive by 
Mailing -

hackerslash@icloud.com