DEV Community

Cover image for Web Security & Bug Bounty - Learn Penetration Testing
Aswin Barath
Aswin Barath

Posted on • Edited on • Originally published at aswinbarath.me

Web Security & Bug Bounty - Learn Penetration Testing

Note: This post includes affiliate links;
I may receive compensation if you purchase products or services from the different links provided in this article.


Start a career or earn a side income by becoming a Bug Bounty Hunter

Are you someone who is interested in learning penetration testing, web security or bug bounty from scratch?
Are you a web developer who feels lost and don't know what to do next?
Well, you are in the right place.

Learn everything you need know from the most comprehensive and up to date Penetration Testing course that you can find.

🚨 Spoiler Alert: This is a course preview 🚨

First of all let me answer a common question:
Should I learn ethical hacking?

Is it really worth it?

  • If these stats don't convince you, I don't know what will:
  • There is a hacker attack every 39 seconds
  • 64% of companies have experienced web-based attacks
  • Since COVID-19, the US FBI reported a 300% increase in reported cybercrimes
  • ~$10.5 trillion is expected to be spent globally on cybersecurity by 2025
  • Unfilled cybersecurity jobs worldwide grew 350% to ~3.5 million from 2013 to 2021. Way more jobs are becoming available than there are people with the skills to fill them.

Now that you are convinced, let's explore more about the course.

What will you learn?

Course Preview

πŸ‘‡ Complete Course Breakdown πŸ‘‡

1) Introduction To Bug Bounty:

  • You will learn the theory of what exactly is Bug Bounty and Penetration Testing

2) Our Virtual Lab Setup:

  • Here you will create our virtual lab that we will use throughout the course (Kali Linux machine).

3) Website Enumeration & Information Gathering

  • You will learn numerous tactics and tools that allow us to gather as much information about a certain website.
  • For this, you will use different tools like Dirb, Nikto, Nmap.
  • You will also use google hacking which is useful skill to have once tools are not available.

4) Introduction To Burpsuite

  • This is a very important tool for a Bug Hunter. Pretty much every Bug Hunter out there knows about this tool (and probably uses it).
  • It has many different features that make hunting for bugs easier.
  • Some of those features are crawling the webpage, intercepting and changing HTTP requests, brute-force attacks and more.

5) HTML Injection

  • This will be your first bug. It's also one of the easiest so we start with it.
  • HTML injection is essentially just finding a vulnerable input on the webpage that allows HTML code to be injected. That code is later rendered out on the page as real HTML.

6) Command Injection/Execution

  • This will be your first dangerous bug. Injecting commands is possible when server runs our input through its system unfiltered.
  • This could be something like a webpage that allows us to ping other websites but doesn't check whether we inputed a different command other than the IP address that it needs.
  • This allows us to run commands on the system, compromise system through a reverse shell and compromise accounts on that system (and all the data).

7) Broken Authentication

  • This is another vulnerability that occurs on websites.
  • It allows the attacker to impersonate legitimate users online. You will see different examples through cookie values, HTTP requests, Forgot password page etc.

8) Brutefroce Attacks

  • This can be a problem even if the website is secure. If client has an easy and simple password set, then it will be also easy to guess it.
  • You will learn different tools used to send lots of password on the webpage in order to break into an account.

9) Sensitive Data Exposure

  • This isn't a vulnerability in the system. Instead it's when developers forget to remove important information during production that can be used to perform an attack.
  • You will learn an example where developer forgot to remove the entire database from being accessible to regular users.

10) Broken Access Control

  • Access control enforces policy such that users cannot act outside of their intended permissions.
  • You will learn a vulnerability called Insecure direct object reference. A simple example would be an application that has user IDs in the URL.

11) Security Misconfiguration

  • You will see an example of a vulnerability where the admins of websites haven't changed the default credentials for a certain application that runs on their server.

12) Cross Site Scripting - XSS

  • This vulnerability allows us to execute Javascript code on the webpage.
  • This is due to user input not being well filtered and processing the input as javascript code.
  • There are 3 main types of XSS which are Stored, Reflected and DOM based XSS. We cover these 3 plus some unusual ones.

13) SQL Injection

  • Another big vulnerability out there and a really dangerous one. Many websites communicate with the Database, whether it being a database that stores product information or user information.
  • If the communication between the user and the database is not filtered and checked, it could allow the attacker to send an SQL query and communicate with the database itself, allowing them to extract the entire database or even delete it.
  • There are couple of types of SQL injection such as Error based or Blind SQL injection.

14) XML, XPath Injection, XXE

  • XXE or XML External Entity is a vulnerability that allows an attacker to interfere with a website that processes XML data.
  • It could allow the attacker to run a reverse shell or read files on the target system making it another severe vulnerability.

15) Components With Known Vulnerabilities

  • Even if the website might not be vulnerable, the server might be running some other components/applications that have a known vulnerability that hasn't been patched yet.
  • This could allow us to perform various types of attacks depending on what that vulnerability is.

16) Insufficient Logging And Monitoring

  • Logging and monitoring should always be done from security standpoint. Logging allows us to keep track of all the requests and information that goes through our application.
  • This can help us determine whether a certain attack is taking place or if the attack already happened, it allows us to examine it a little deeper, see which attack it was, and then apply that knowledge to change the application so that the same attack doesn't happen again.

17) Monetizing Bug Bounty Hunting

  • Here you will learn different platforms that can be used to start your career as a bug hunter, and you will also take one platform as an example to show how a bug bounty program looks like and what to pay attention to when applying.

18) Bonus - Web Developer Fundamentals

  • For anyone lacking some knowledge in Web Development or knowledge in how exactly websites work and are structured

19) Bonus - Linux Terminal

  • For anyone lacking some knowledge in simple usage of linux terminal as we will be using it throughout the course

20) Bonus - Networking

  • Fundamentals of networking and some basic terms used as Penetration Testers or Bug Bounty hunters.

About the Instructor πŸ‘¨β€πŸ«

  • Andrei, the lead instructor of Zero To Mastery Academy, has taught more than 750,000 students worldwide.
  • Andrei has worked as a Senior Software Developer in Silicon Valley and Toronto for many years.
  • Aleksa, another Zero To Mastery Academy instructor, is a Penetration Tester with 5+ years of experience in Ethical Hacking & Cyber Security.
  • Aleksa's goal is to teach you the foundations of Ethical Hacking & Cyber Security.
  • Graduates of ZTM Academy are now working at top tech companies and they are also working as top freelancers getting paid while working remotely around the world.

Bonus from ZTM:

Ethical Hacker Career Path

  • By enrolling today, you’ll also get to join our exclusive live online community classroom to learn alongside thousands of students, alumni, mentors, TAs and Instructors.

Online community classroom

Zero To Mastery (ZTM) Platform Benefits

30-Day Money-back Guarantee

  • You have nothing to lose.
  • Because you can start learning right now and if this course isn't everything you expected, ZTM will refund you 100% within 30 days.
  • No hassles and no questions asked.

ZTM Membership Plan Benefits

ZTM Offer

πŸ‘‰ Use Code: FRIENDS10 to get 10% OFF special discount (for life!) before it expires!

So, what are you waiting for?

Note:

Udemy Sale

Who amΒ I?

I’m Aswin Barath, a Software Engineering Nerd who loves building Web Applications, now sharing my knowledge throughΒ BloggingΒ during the busy time of my freelancing work life. Here’s the link to all of my socials categorized by platforms under one place:Β https://linktr.ee/AswinBarath

πŸŽ™ Disclosure:

Some of the links above may be affiliate links, from which I may earn a small commission.

Keep Learning

Now, I guess this is where I say GoodByeπŸ‘‹.Β 
But, hey it's time for you to start learning with your newfound Knowledge(Power)πŸ‘¨β€πŸ’»πŸ‘©β€πŸ’»Β .
Good Job that you made it this far πŸ‘πŸ‘
Thank you so much for reading my BlogπŸ™‚.

Top comments (1)

Collapse
 
samuleduke profile image
samuleduke

There are many Penetration Testing Companies to choose from, so it's important to do your research and find one that's right for your needs. Some factors to consider include the company's experience, expertise, and certifications. You should also make sure that the company is reputable and has a good track record.