Overview What You Will Learn Curriculum Instructor

Course Overview

Welcome to Ethical Hacking / Penetration Testing and Bug Bounty Hunting Course v2.0. This course covers web application attacks and how to earn bug bounties. There is no prerequisite of prior hacking knowledge, and you will be able to perform web attacks and hunt bugs on live websites and secure them. This course is not like other hacking or penetration testing course with outdated vulnerabilities and only lab attacks. This contains maximum live websites to make you comfortable with the Live Hunting Environment. 

This course will start with the basic principles of each vulnerability and how to attack them using multiple bypass techniques. In addition to exploitation, you will also learn how to fix them. This course is highly practical and is made on Live websites to give you the exact environment when you start your penetrating testing or bug-hunting journey. This course is divided into a number of sections, each section covers how to hunt, exploit and mitigate a vulnerability in an ethical manner. After the identification of a vulnerability, you will get to know how to perform an exploit to leverage the maximum severity out of it. You will also learn how to fix vulnerabilities that are commonly found on websites on the internet. In this course, you will also learn How can you start your journey on many famous bug-hunting platforms like Bugcrowd, Hackerone, Synack, Private RVDP, Intigriti, NCIIPC Govt of India, and Open Bug Bounty. Along with this, you will be able to hunt and report vulnerabilities to the NCIIPC Government of India, also to private companies, and their responsible disclosure programs. You will also learn Advance techniques to bypass filters and the developer’s logic for each kind of vulnerability. This course also includes the Breakdown of all HackerOne Reports which are found and submitted by other hackers for better understanding. 

This course also includes important interview questions and answers which will be helpful in any penetration testing job interview.

What You Will Learn

  • Tips and Tricks to hunt bugs
  • Interview Preparation Questions Answers and Approach
  • Intercepting requests using a BurpSuite proxy
  • Gaining full control over target server using SQL Injection Attacks
  • Discovering vulnerabilities
  • technologies
  • & services used on the target website
  • Hunting basic HTML Injection vulnerabilities on live environments
  • Hunting basic ClickJacking vulnerabilities on live environments
  • Exploiting and performing Local File Inclusion (LFI) on live websites
  • Exploiting and performing RemoteFile Inclusion (RFI) on live websites
  • Exploiting and performing Remote Code Execution (RCE) on live websites

Program Curriculum

  • Disclaimer
  • Adam Pearson
  • Chester Vaughn
  • $7 Million Cybersecurity Scholarship by EC-Council

Future Updates

Burp Suite Proxy Lab Setup

  • What are Subdomains?
  • Subdomain Enum
  • What is DNS?
  • Fastest Resolver
  • What are DNS Records?
  • Sublister
  • Findomain
  • Subfinder
  • Recursive Subdomain Enumeration
  • Can I Take Over XYZ
  • Can I Take Over ALL XYZ
  • AWS Subdomain Takeover Live - 1
  • AWS Subdomain Takeover Live - 2
  • AWS Bugcrowd Report Breakdown
  • Tumblr Subdomain Takeover
  • Shopify Subdomain Takeover
  • Cargo Subdomain Takeover
  • Subzy Tool Automation for Subdomain Takeovers
  • Subjack - Tool for Subdomain Takeovers
  • Chapter 4 Quiz

  • What is HTML?
  • Understanding HTML
  • HTML
  • HTML Injection - Lab
  • HTML Injection Live - 1
  • Chapter 5 Quiz

  • Click Jacking Live - 1
  • Click Jacking Live - 2
  • Click Jacking Live - 3
  • Click Jacking Live - 4
  • Clickjacking Exploitation
  • Clickjacking Live Target Exploitation
  • Clickjacking Automation Live Target Exploitation
  • Clickjacking - ClickBandit with Burpsuite
  • Chapter 6 Quiz

  • What is LFI?
  • LFI Exploitation on Lab
  • LFI Exploitation Live - 1
  • LFI Exploitation Live - 2
  • LFI Exploitation LFi to RCE
  • LFI vs. RFI
  • Chapter 7 Quiz

  • Introduction & Background Concept
  • BLH Exploitation Practical
  • BLH Exploitation Tool
  • BLH Instagram Report Breakdown
  • BLH Exploitation Practical Live
  • BLH HackerOne Report Breakdown
  • BLH Practical Tool Resource
  • BLH Exploitation Practical Extension Tool
  • BLH Command Injection
  • BLH Exploitation GitHub Repo - Live
  • Chapter 8 Quiz

  • SQL Injection Background Concept
  • SQL vs. Spreadsheets
  • SQL Database Importance
  • XAMPP Installation & Setup
  • SQL Practical Hands-on - First Table
  • SQL Practical Hands-on - Queries
  • SQL Practical Hands-on - Second Table
  • SQL Practical Hands-on - Exercise
  • Truth Table
  • Truth Table Practical
  • SQL Understanding the Logic
  • SQL Query Breakdown
  • SQL Injection Impact & Approach
  • SQLi on Lab - 1
  • SQL Query Breakdown Payload - 2
  • SQLi on Lab - 2
  • Burp suite Web Academy
  • SQLi Labs Data Retrieval Lab
  • SQLi Labs Data Retrieval Live
  • SQLi Login Bypass Lab
  • SQLi Login Bypass Live 1
  • SQLMap Installation & Setup
  • SQLMap Exploitation - Live 2
  • SQLMap Exploitation - Live 3
  • Shell Exploitation Techniques
  • SQL: Shell Exploitation - Live 4
  • Chapter 9 Quiz

  • SSRF Introduction & Principle
  • SSRF Practical
  • SSRF Bincatcher Listener
  • SSRF against Server Itself
  • SSRF against another Backend Server
  • SSRF Bypass Protection Blacklist Filter
  • SSRF Bypass Protection Whitelist Filter
  • SSRF Chaining with Open Redirect and Bypass Filter
  • SSRF Exploitation using MPEG - Live
  • SSRF Exploitation JIRA Chaining with XSS - Live
  • SSRF Exploitation JIRA Chaining with XSS - Live 2
  • SSRF Exploitation JIRA Automation with Python
  • SSRF Facebook Breakdown
  • SSRF Microstrategy Live - 1
  • SSRF PHP Filter Live
  • SSRF PHP Filter WordPress Config Live
  • Chapter 10 Quiz

  • Apache Unomi RCE Live
  • Chapter 11 Quiz

  • BugCrowd Roadmap
  • HackerOne ROADMAP
  • Open Bug Bounty ROADMAP
  • Synack ROADMAP
  • Intigriti ROADMAP
  • NCIIPC Govt of India ROADMAP
  • RVDP All Websites ROADMAP
Load more modules

Instructor

RLBC

Founded in 2019, RLBC is a content production consulting company based in Versailles, France. RLBC works with a team of SME professionals in the fields of Fintech, IT, and content marketing. The company produces digital education content for on-trend SME topics. For the NFT data science subject matter the team, better known as the NFT Guys, includes George, an IT industry veteran leading and managing engineering teams in the cybersecurity-critical sector from Brussels, who is well-versed in creating NFTs, and Robert, a veteran Fintech lecturer and maître conferencier in finance & accounting from New York. Robert is the author of Fashion and Art Coins published on pages 115 – 120 of Edmunds, John C., Editor (2020) Rogue Money and the Underground Economy, An Encyclopedia of Alternative and Cryptocurrencies, Greenwood: ABC – CLIO.

Join over 1 Million professionals from the most renowned Companies in the world!

certificate

Empower Your Learning with Our Flexible Plans

Invest in your future with our flexible subscription plans. Whether you're just starting out or looking to enhance your expertise, there's a plan tailored to meet your needs. Gain access to in-demand skills and courses for your continuous learning needs.

Monthly Plans
Annual Plans
Save 20% with our annual plans!

Pro

Ideal for continuous learning, offering extensive resources with 600+ courses and diverse Learning Paths to enhance your skills.

$ 499.00
Billed annually or $59.00 billed monthly
Get Started Now
Start your 7-day trial for $1

What is included

  • 700+ Premium Short Courses
  • 50+ Structured Learning Paths
  • Validation of Completion with all courses and learning paths
  • New Courses added every month
Early Access Offer

Pro +

Experience immersive learning with Practice Labs, CTF Challenges, and exclusive EC-Council certifications for comprehensive skill-building.

$ 599.00
Billed annually or $69.00 billed monthly
Get Started Now
Start your 7-day trial for $1

Everything in Pro and

  • 800+ Practice Lab exercises with guided instructions
  • 150+ CTF Challenges with detailed walkthroughs
  • New Practice Labs and Challenges added every month
  • 3 Official EC-Council Essentials Certifications¹ (retails at $897!)
    Exclusive Bonus with Annual Plans

¹This plan includes Digital Forensics Essentials (DFE), Ethical Hacking Essentials (EHE), and Network Defense Essentials (NDE) certifications. No other EC-Council certifications are included.

Related Courses

  • 15 Must Have Tools for Pentesters

    15 Must Have Tools for Pentesters

    Short Course

    15 Must Have Tools for Pentesters

    Vulnerability Assessment and Pentesting

    Upgrade your penetration testing skillset by adopting the bes...

    $59.99

    Intermediate

    9 hr 15 m

  • Kali for Penetration Testers

    Kali for Penetration Testers

    Short Course

    Kali for Penetration Testers

    Vulnerability Assessment and Pentesting

    Ethical Hacking with Kali Linux

    $69.99

    Beginner

    6 hr 49 m

  • Hacking WEP/WPA/WPA2 Wi-Fi Networks Using Kali Linux 2

    Hacking WEP/WPA/WPA2 Wi-Fi Networks Using Kali Linux 2

    Short Course

    Hacking WEP/WPA/WPA2 Wi-Fi Networks Using Kali Linux 2

    Vulnerability Assessment and Pentesting

    The comprehensive course to secure & crack WEP/WPA/WPA2 k...

    $69.99

    Intermediate

    5 hr 12 m

  • Getting Started with Bug Bounty Hunting

    Getting Started with Bug Bounty Hunting

    Short Course

    Getting Started with Bug Bounty Hunting

    Vulnerability Assessment and Pentesting

    Perfect Guide for Making You a Noob to Pro Bug Hunter

    $79.99

    Beginner

    2 hr 45 m

  • Web Hacker’s Toolbox: Tools Used by Successful Hackers

    Web Hacker’s Toolbox: Tools Used by Successful Hackers

    Short Course

    Web Hacker’s Toolbox: Tools Used by Successful Hackers

    Vulnerability Assessment and Pentesting

    Discover the Tools Used by Successful Hackers and Learn How t...

    $59.99

    Intermediate

    3 hr 4 m

  • Full-Stack Attacks on Modern Web Applications

    Full-Stack Attacks on Modern Web Applications

    Short Course

    Full-Stack Attacks on Modern Web Applications

    Vulnerability Assessment and Pentesting

    Learn About HTTP Parameter Pollution, Subdomain Takeover, and...

    $59.99

    Intermediate

    0 hr 59 m

  • Learn Hacking Using Raspberry Pi from Scratch

    Learn Hacking Using Raspberry Pi from Scratch

    Short Course

    Learn Hacking Using Raspberry Pi from Scratch

    Vulnerability Assessment and Pentesting

    Improve your Ethical Hacking Skills by using your portable Ra...

    $69.99

    Beginner

    8 hr 20 m

  • Digital Forensics for Pentesters - Hands-on Learning

    Digital Forensics for Pentesters - Hands-on Learning

    Short Course

    Digital Forensics for Pentesters - Hands-on Learning

    Vulnerability Assessment and Pentesting

    Detect and backtrack cyber criminals and hackers with digital...

    $69.99

    Beginner

    5 hr 10 m

1 8