• Professional Development
  • Medicine & Nursing
  • Arts & Crafts
  • Health & Wellbeing
  • Personal Development

Course Images

Web Hacking Secrets - How to Hack Legally and Earn Thousands of Dollars at HackerOne

Web Hacking Secrets - How to Hack Legally and Earn Thousands of Dollars at HackerOne

  • 30 Day Money Back Guarantee
  • Completion Certificate
  • 24/7 Technical Support

Highlights

  • On-Demand course

  • 6 hours 12 minutes

  • All levels

Description

Master web application security testing and become a successful bug hunter

HackerOne is your big opportunity. This is the platform where you can hack legally and at the same time you can make money. You can hack many different companies like Twitter, Yahoo, Uber, Coinbase, and a lot more. And you can get paid for your findings, for example $100, $1,000, or even $10,000 per one bug. It's just amazing. All you need is Internet connection and knowledge. Yes - you need knowledge to go from zero to thousands of dollars at HackerOne, and in this online training I'm going to share my knowledge with you. I'm one of the top hackers at HackerOne and I know quite a lot about hacking and making money that way. In this self-paced online training, I'll present many award-winning bugs. The more you play with award-winning-bugs the more knowledge you get and the more knowledge you have, the more money you can make. I'll also discuss a successful bug hunting strategy that I have been using in the recent years. What's more, I'll present a lot of demos, because I want you to see how all these things work in practice. This self-paced online training is composed of 6 different courses: • Start Hacking and Making Money Today at HackerOne • Keep Hacking and Making Money at HackerOne • Case Studies of Award-Winning XSS Attacks: Part 1 • Case Studies of Award-Winning XSS Attacks: Part 2 • DOUBLE Your Web Hacking Rewards with Fuzzing • How Web Hackers Make BIG MONEY: Remote Code Execution In the 1st course I will discuss the 5 bugs that I recommend you start with and I'll introduce you to the strategy that I have been using successfully for a long time. In the 2nd course, you'll master the strategy and you'll play with the next 5 bugs. In the 3rd course I'll demonstrate award-winning XSS attacks (cross-site scripting). It turns out, that you can get a 4-digit ($$$$) reward per single XSS, but to make it happen you need to learn about non-standard XSS attacks, and this is exactly what I'll present to you. Next, in course No. 4 I'll demonstrate more award-winning XSS attacks, because I want you to become a professional XSS hunter earning more and and more money. In course No. 5, I will present fuzzing, which is one of the most powerful vulnerability detection techniques, and I'll show you how you can use this technique to double your web hacking rewards. And finally, I'll tell you how to make big money with RCE, which stands for remote code execution. This is the most dangerous attack and companies are willing to give you a 5-digit reward ($$$$$) per single RCE, which is just awesome. What you need, to make this amount of money, is knowledge about non-standard RCE attacks and this is what I'll present to you in course No. 6. You can really go from zero to thousands of dollars at HackerOne. As one of the top hackers at HackerOne I know very well how it works and I want to share my knowledge with you. I want you to become the next successful web hacker and that's the reason why I created "Web Hacking Secrets: How to Hack Legally and Earn Thousands of Dollars at Hackerone".

What You Will Learn

Master web application security testing
Become a successful bug hunter
Go from zero to thousands of dollars at HackerOne
Double your web hacking rewards with fuzzing

Audience

This course is designed for Penetration testers, Ethical hackers, Bug hunters and Security Engineers / Consultants

Approach

For every single attack presented in this course there is a demo so that you can see, step by step, how these attacks work in practice.

Key Features

Master web application security testing * Learn how hackers earn thousands of dollars per one bug * Discover how to find these bugs step-by-step in practice (demos)

About the Author
Dawid Czagan

Dawid Czagan is an internationally recognized security researcher and trainer. He is listed among the top hackers at HackerOne. Dawid Czagan has found security vulnerabilities in Google, Yahoo, Mozilla, Microsoft, Twitter, and other companies. Due to the severity of many bugs, he received numerous awards for his findings. Dawid Czagan shares his security experience in his hands-on training at key industry conferences worldwide. He is the founder and CEO of Silesia Security Lab.

Course Outline

1. Start Hacking and Making Money Today at HackerOne

This section describes an overview of Course bundle, HackerOne, Automatic Leakage of Password Reset Link and so on.

1. Overview of Course Bundle

Start Hacking and Making Money Today at HackerOne: Overview of Course Bundle

2. Introduction

Start Hacking and Making Money Today at HackerOne: Introduction

3. HackerOne: Your Big Opportunity

Start Hacking and Making Money Today at HackerOne: HackerOne: Your Big Opportunity

4. Getting Started with 5 Bugs

Start Hacking and Making Money Today at HackerOne: Getting Started with 5 Bugs

5. Automatic Leakage of Password Reset Link - Overview

Start Hacking and Making Money Today at HackerOne: Automatic Leakage of Password Reset Link - Overview

6. Automatic Leakage of Password Reset Link - Demo

Start Hacking and Making Money Today at HackerOne: Automatic Leakage of Password Reset Link - Demo

7. How to Get Access to the Account of the Logged-Out User - Overview

Start Hacking and Making Money Today at HackerOne: How to Get Access to the Account of the Logged-Out User - Overview

8. How to Get Access to the Account of the Logged-Out User - Demo

Start Hacking and Making Money Today at HackerOne: How to Get Access to the Account of the Logged-Out User - Demo

9. Insecure Processing of Credit Card Data - Overview

Start Hacking and Making Money Today at HackerOne: Insecure Processing of Credit Card Data - Overview

10. Insecure Processing of Credit Card Data - Demo

Start Hacking and Making Money Today at HackerOne: Insecure Processing of Credit Card Data - Demo

11. Disclosure of Authentication Cookie - Overview

Start Hacking and Making Money Today at HackerOne: Disclosure of Authentication Cookie - Overview

12. Disclosure of Authentication Cookie - Demo

Start Hacking and Making Money Today at HackerOne: Disclosure of Authentication Cookie - Demo

13. User Enumeration: Overview

Start Hacking and Making Money Today at HackerOne: User Enumeration: Overview

14. User Enumeration: Demo

Start Hacking and Making Money Today at HackerOne: User Enumeration: Demo

15. Summary

Start Hacking and Making Money Today at HackerOne: Summary

2. Keep Hacking and Making Money at HackerOne

In this section, you will know how to Impersonate a User via Insecure Log In, Sensitive Information in Metadata, Disclosure of Credentials etc

1. Introduction

Keep Hacking and Making Money at HackerOne: Introduction

2. How to Impersonate a User via Insecure Log In - Overview

Keep Hacking and Making Money at HackerOne: How to Impersonate a User via Insecure Log In - Overview

3. How to Impersonate a User via Insecure Log In - Demo

Keep Hacking and Making Money at HackerOne: How to Impersonate a User via Insecure Log In - Demo

4. Sensitive Information in Metadata - Overview

Keep Hacking and Making Money at HackerOne: Sensitive Information in Metadata - Overview

5. Sensitive Information in Metadata - Demo

Keep Hacking and Making Money at HackerOne: Sensitive Information in Metadata - Demo

6. Disclosure of Credentials - Overview

Keep Hacking and Making Money at HackerOne: Disclosure of Credentials - Overview

7. Disclosure of Credentials - Demo

Keep Hacking and Making Money at HackerOne: Disclosure of Credentials - Demo

8. Insecure Password Change - Overview

Keep Hacking and Making Money at HackerOne: Insecure Password Change - Overview

9. Insecure Password Change - Demo

Keep Hacking and Making Money at HackerOne: Insecure Password Change - Demo

10. Dictionary Attack - Overview

Keep Hacking and Making Money at HackerOne: Dictionary Attack - Overview

11. Dictionary Attack - Demo

Keep Hacking and Making Money at HackerOne: Dictionary Attack - Demo

12. Summary

Keep Hacking and Making Money at HackerOne: Summary

3. Case Studies of Award-Winning XSS Attacks: Part 1

This section includes Case Studies of Award Winning XSS Attacks. It includes XSS via Image, XSS via HTTP Response Splitting, XSS via Cookie etc.

1. Introduction

Case Studies of Award-Winning XSS Attacks: Part 1: Introduction

2. XSS via Image - Overview

Case Studies of Award-Winning XSS Attacks: Part 1: XSS via Image - Overview

3. XSS via Image - Demo

Case Studies of Award-Winning XSS Attacks: Part 1: XSS via Image - Demo

4. XSS via HTTP Response Splitting - Overview

Case Studies of Award-Winning XSS Attacks: XSS via HTTP Response Splitting - Overview

5. XSS via HTTP Response Splitting - Demo

Case Studies of Award-Winning XSS Attacks: Part 1: XSS via HTTP Response Splitting - Demo

6. XSS via Cookie - Overview

Case Studies of Award-Winning XSS Attacks: Part 1: XSS via Cookie - Overview

7. XSS via Cookie - Demo

Case Studies of Award-Winning XSS Attacks: Part 1: XSS via Cookie - Demo

8. XSS via AngularJS Template Injection - Overview

Case Studies of Award-Winning XSS Attacks: Part 1: XSS via AngularJS Template Injection - Overview

9. XSS via AngularJS Template Injection - Demo

Case Studies of Award-Winning XSS Attacks: Part 1: XSS via AngularJS Template Injection - Demo

10. Summary

Case Studies of Award-Winning XSS Attacks: Part 1: Summary

4. Case Studies of Award-Winning XSS Attacks: Part 2

This section includes case studies of Award-Winning XSS Attacks.

1. Introduction

Case Studies of Award-Winning XSS Attacks: Part 2: Introduction

2. XSS via XML - Overview

Case Studies of Award-Winning XSS Attacks: Part 2: XSS via XML - Overview

3. XSS via XML - Demo

Case Studies of Award-Winning XSS Attacks: Part 2: XSS via XML - Demo

4. XSS via Location.href - Overview

Case Studies of Award-Winning XSS Attacks: Part 2: XSS via Location.href - Overview

5. XSS via Location.href - Demo

Case Studies of Award-Winning XSS Attacks: Part 2: XSS via Location.href - Demo

6. XSS via Vbscript - Overview

Case Studies of Award-Winning XSS Attacks: Part 2: XSS via Vbscript - Overview

7. XSS via Vbscript - Demo

Case Studies of Award-Winning XSS Attacks: Part 2: XSS via Vbscript - Demo

8. From XSS to Remote Code Execution - Overview

Case Studies of Award-Winning XSS Attacks: Part 2: From XSS to Remote Code Execution - Overview

9. From XSS to Remote Code Execution - Demo

Case Studies of Award-Winning XSS Attacks: Part 2: From XSS to Remote Code Execution - Demo

10. Summary

Case Studies of Award-Winning XSS Attacks: Part 2: Summary

5. DOUBLE Your Web Hacking Rewards with Fuzzing

In this section, you will learn the basics of Fuzzing, Fuzzing with Burp Suite Intruder, Fuzzing with Burp Suite Intruder and so on.

1. Introduction

DOUBLE Your Web Hacking Rewards with Fuzzing: Introduction

2. The Basics of Fuzzing

DOUBLE Your Web Hacking Rewards with Fuzzing: The Basics of Fuzzing

3. Fuzzing with Burp Suite Intruder - Overview

DOUBLE Your Web Hacking Rewards with Fuzzing: Fuzzing with Burp Suite Intruder - Overview

4. Fuzzing for SQL Injection - Demo

DOUBLE Your Web Hacking Rewards with Fuzzing: Fuzzing for SQL Injection - Demo

5. Fuzzing for Path Traversal - Demo

DOUBLE Your Web Hacking Rewards with Fuzzing: Fuzzing for Path Traversal - Demo

6. Fuzzing with Burp Suite Intruder: Tips and Tricks

DOUBLE Your Web Hacking Rewards with Fuzzing: Fuzzing with Burp Suite Intruder: Tips and Tricks

7. Summary

DOUBLE Your Web Hacking Rewards with Fuzzing: Summary

6. How Web Hackers Make BIG MONEY with Remote Code Execution

This section shows how web hackers make money with remote code execution.

1. Introduction

How Web Hackers Make BIG MONEY with Remote Code Execution: Introduction

2. From SQL Injection to Remote Code Execution - Overview

How Web Hackers Make BIG MONEY with Remote Code Execution: From SQL Injection to Remote Code Execution - Overview

3. From SQL Injection to Remote Code Execution - Demo

How Web Hackers Make BIG MONEY with Remote Code Execution: From SQL Injection to Remote Code Execution - Demo

4. From Disclosure of Software Version to Remote Code Execution - Overview

How Web Hackers Make BIG MONEY with Remote Code Execution: From Disclosure of Software Version to Remote Code Execution - Overview

5. From Disclosure of Software Version to Remote Code Execution - Demo

How Web Hackers Make BIG MONEY with Remote Code Execution: From Disclosure of Software Version to Remote Code Execution - Demo

6. Remote Code Execution via File Upload - Overview

How Web Hackers Make BIG MONEY with Remote Code Execution: Remote Code Execution via File Upload - Overview

7. Remote Code Execution via File Upload - Demo

How Web Hackers Make BIG MONEY with Remote Code Execution: Remote Code Execution via File Upload - Demo

8. Remote Code Execution via Deserialization - Overview

How Web Hackers Make BIG MONEY with Remote Code Execution: Remote Code Execution via Deserialization - Overview

9. Remote Code Execution via Deserialization - Demo

How Web Hackers Make BIG MONEY with Remote Code Execution: Remote Code Execution via Deserialization - Demo

10. Summary

How Web Hackers Make BIG MONEY with Remote Code Execution: Summary

Course Content

  1. Web Hacking Secrets - How to Hack Legally and Earn Thousands of Dollars at HackerOne

About The Provider

Packt
Packt
Birmingham
Founded in 2004 in Birmingham, UK, Packt’s mission is to help the world put software to work in new ways, through the delivery of effective learning and i...
Read more about Packt

Tags

Reviews