Uncle Rat’s Web Application Hacking And Bug Bounty Guide


Take the leap from practice platform to bug bounty target

What you will learn

A Bug Hunters mindset, i won’t hold your hand. This is bug bounties

A solid bug bounty methodology to help you get started

Several attack techniques and how to employ them

What parameters to test for what vulnerabilities

Description

SUDO

I can not promise this course will find you bugs. I can promise i will leave you with a solid methodology that’s netted me a few nice extra monthly salaries. This method is not guaranteed to work for you. You will need to adept. You will need to work.

If any course promises you that they WILL find you bugs, run as fast as you can.

WHOAMI

My name is uncle rat and i am here to help you take the next step. I am not here to hold your hand, i am here to push you over the edge. You’ve been practicing on pratice platforms for long enough now, don’t you think? It’s time.

I will provide you with a solid methodology to build upon. I don’t want you to follow in my footsteps, i want you write your own legend. This is after all the place where legends are born.

Every chapter has at least a video file with slides to download and where applicable a full text PDF with extra information. All extra’s like cheat sheets are seperatly downloadeable for your comfort.


Subscribe to latest coupons on our Telegram channel.

– The XSS Rat

CAT ‘goals.txt’

I can hack, but i can only hack one target at a time. My passion is teaching so why not hit two birds with one stone?

I created this course because i strongly believe that if i hack 1 target i am just me but if i train 1000 hackers, we are an army.

This is my goal, i want to make the internet a safer place but i can’t do it alone.

English
language

Content

Introduction
Introduction
What you need to know about bug bounties – Video
The Intricacies of bug bounties
The Intricacies of bug bounties
Quiz: The Intricacies of bug bounties
Main app methodology
Main app methodology – Video
Main app methodology
Main app methodology demonstration on the owasp juice shop
Quiz: Main app methodology
Broad scope methodology
Broad scope manual methodology – Video
Broad scope manual methodology
Quiz: Manual broad scope methodology
Broad scope automated methodology – video
Birdseye view of broad scope methodology
Extra video: Quickly identify a target from a list of subdomains
Quiz: Broad scope automated methodology
Attack techniques: CSRF
Attack techniques: CSRF – Video
Attack techniques: CSRF demonstration – video
Attack techniques: CSRF
Quiz: CSRF
Lab: CSRF on impactful functionality
Solutions: CSRF on impactful functionality
Attack techniques – Broken Access Control
Attack techniques – Broken Access Control – video
Attack techniques – Broken Access Control
Attack techniques – Broken Access Control – Overview
Quiz: Broken Access Control
Lab: Broken Access Control
Solutions: Broken Access Control
Attack techniques – IDOR By Uncle Rat
Attack techniques – IDOR By Uncle Rat – Video
Attack techniques – IDOR By Uncle Rat
Quiz: IDOR
Labs: Attack techniques – IDOR By Uncle Rat
Solutions: Attack techniques – IDOR By Uncle Rat
Attack techniques – Business logic flaws
Video: Attack techniques – Business logic flaws
Attack techniques – Business logic flaws
Quiz: Business logic flaws
Labs: Attack techniques – Business logic flaws
Solutions: Attack techniques – Business logic flaws
Attack techniques – XXE
Video: Attack techniques – XXE
Attack techniques – XXE
XXE
Attack techniques – Template injections
Video: Attack techniques – Template injections – SSTI
Attack techniques – Template injections – SSTI
SSTI overview
Video: Attack techniques – Template injections – CSTI
Attack techniques – Template injections – CSTI
Quiz: Template Injections
Attack techniques – XSS
Video: Ultimate beginner XSS guide
Video: Analyzing JS files
Analyzing JS files
Quiz: Analyzins JS files
Video: Advanced XSS Testing
Video: How to test for reflected XSS
How to test for stored XSS
What is DOM XSS
Labs: Reflected XSS
Solutions: Reflected XSS
Lab: Stored XSS
Solutions: Stored XSS
Cheat sheet: XSS
Attack techniques – SSRF
Video: Attack techniques – SSRF
SSRF
Extra video: Blind SSRF, what is it and how to exploit it
Quiz: SSRF
Attack techniques – OS Command injection
Video: Attack techniques – OS Command injection
Attack techniques – OS Command injection
Tools
Video: Full guide on How Burp Suite works
Video: Burp suite zero to hero
Video: My Top 10 Burp Suite extensions
Video: Authorize for automating IDORs and BAC
Reporting
Video: Reporting
What now?
Next steps
Uncle Rat’s Recommended public bug bounty targets
Master Labs
How to enter the master labs
Enroll for Free

Share This Course on:
Ads Blocker Image Powered by Code Help Pro

Ads Blocker Detected!!!

We have detected that you are using extensions to block ads. Please support us by disabling these ads blocker.

Powered By
Best Wordpress Adblock Detecting Plugin | CHP Adblock