Overview What You Will Learn Curriculum Instructor

Course Overview

This course starts with the basics of Recon and Bug Bounty Hunting Fundamentals to Advance Exploitation. Following this, the course covers the basics of how web and web servers work and how they can be used in our day-to-day life. You will also learn about DNS, URL vs URN vs URI, and Recon for Bug Bounties to make our base stronger and then further move on to Target Expansion, Content Discovery, Fuzzing CMS Identification, Certificate Transparency, Visual Recon, GitHub Recon, Custom Wordlists, Mind maps, Bug Bounty Automation, and Bug Bounty Platforms with practical. This course covers all tools and techniques for Penetration Testing and Bug Bounties for a better understanding of what’s happening behind the hood. The course also includes an in-depth approach toward any target and increases the scope for mass hunting and success. 

With this course, you will learn Target Selection Techniques for Host, Subnet Scans & Host Discovery, Content Discovery, Subdomain Enumeration Horizontal & Vertical, CMS Identification, Fuzzing the target for finding web vulnerabilities like XSS, Open Redirect, SSRF, and SQL Injection. etc. You will also learn how to use Shodan for bug bounties to find critical vulnerabilities in targets. We will also see GitHub Recon find sensitive information for targets like API keys from GitHub Repositories. Next, you will see how to perform automation for daily day-to-day tasks and easier ways to run tools. You will also see how to write Bug Bounty & pen-testing Reports. You will also see mind maps by other hackers for a better approach toward any target. You will also see Bug Bounty Platforms and how to kick-start our journey on them. 

By the end of this course, you will have gained in-depth knowledge of ethical hacking, pen-testing, and bug bounties by performing live examples. 

Note: This course is created for educational purposes only and all the websites I have performed attacks are ethically reported and fixed. Testing any website which doesn’t have a Responsible Disclosure Policy is unethical and against the law, the author doesn’t hold any responsibility. 

What You Will Learn

  • You will learn about Recon
  • Gain knowledge on Target Expansion
  • Explore content discovery
  • Gain in-depth knowledge on Fuzzing
  • Get to know about CMS Identification and Certificate Transparency
  • Learn about Visual Recon
  • GitHub Recon
  • Custom Wordlists
  • and Mindmaps
  • Explore Bug Bounty Automation
  • Bash Scripting
  • Bug Bounty Roadmap
  • and Report Writing
  • Master Shodan for Exploitation
  • Learn about Subdomain Enumeration
  • DNS Dumpster
  • FFUF
  • & WFUZZ
  • Explore Project Discovery
  • Determine Subjack for Bug bounties
  • Understand Amass for Bug bounties
  • Gain deep understanding on Dirsearch for Bug bounties
  • Get to know about Masscan for Bug bounties
  • Discover Nmap for Bug bounties
  • Perform CTF
  • Learn about Recon Methodologies
  • ASN Identification
  • and TLS Cert Extraction

Program Curriculum

  • Introduction
  • Motivation and Importance
  • Future Updates
  • Disclaimer
  • $7 Million Cybersecurity Scholarship by EC-Council
  • Chapter 01 Quiz

  • Note Keeping Importance
  • How to Make Notes
  • Effective Note Keeping for Pentest & Bug Bounties
  • Visual Notes
  • Chapter 02 Quiz

  • Top 10 Rules for Bug Bounties
  • Zen Poem
  • What is Web?
  • What is DNS?
  • How does Web Server Work?
  • URL vs. URN vs. URI
  • Breakdown of URL
  • Chapter 03 Quiz

  • Shodan Installation and Lab Setup
  • Shodan API
  • Shodan Info & Count
  • Shodan Scan Downloads
  • Shodan Host Enumeration
  • Shodan Parse Dataset
  • Shodan Search Query
  • Shodan Scan Commands
  • Shodan Stats
  • Shodan GUI
  • Shodan Report Generation
  • Shodan Report Generation - Part 2
  • Shodan Images
  • Shodan Exploits
  • Shodan Live Hunting – Remote Code Execution
  • Shodan Live Hunting - Sensitive Data Exposure
  • Exploitation of CVE 2020-3452 File Read
  • Exploitation of CVE 2020-3187 File Delete
  • Shodan Live Hunting - Jenkins Exploitation Logs
  • Shodan Live Hunting - Jenkins Exploitation Credentials
  • Shodan Live Hunting – ADB
  • BONUS Shodan Extension
  • Chapter 04 Quiz

  • Certificate Transparency Crt.sh
  • Certificate Transparency Crt.sh Wildcards
  • Certificate Transparency Crt.sh Automation
  • Shodan Subdomain Enumeration
  • Shodan Subdomain Enumeration Automation
  • Censys Subdomain Enumeration
  • Censys Subdomain Enumeration Automation
  • Facebook Certificate Transparency
  • Google Certificate Transparency
  • Chapter 05 Quiz

  • Pentest Tools
  • Virus Total
  • Sublister-1
  • Sublister-2
  • Sublister-3
  • Project Discovery Data Sets
  • Project Discovery Data Sets CLI
  • Project Discovery Data Sets CLI - 2
  • Nmmapper
  • Chapter 06 Quiz

  • Wayback URL Introduction
  • Wayback URL -2
  • Wayback URL Tool
  • Wayback Iframe
  • Wayback URL with Burp
  • Wayback URL Automation 1
  • Wayback URL Automation 2
  • Wayback URL Automation 3
  • Wayback URL Report Breakdown
  • Chapter 07 Quiz

  • DNS Dumpster for Subdomains
  • DNS Goodies
  • Chapter 08 Quiz

  • Wappalyzer for Technology Identification
  • Builtwith for Technology Identification
  • Whatweb Opensource Technology Identification
  • Netcraft Active Cyber Defence
  • Retire JS - Hunt Outdated JS Libraries
  • Retire JS - Burp Installation
  • Chapter 09 Quiz

  • Fuzzing Introduction
  • Fuzzing Importance
  • Fuzzing Process
  • Fuzzing Step-by-Step
  • Installation of Burpsuite
  • Fuzzing on Lab
  • Fuzzing on Live
  • Fuzzing for Sensitive Files
  • Fuzzing for Sensitive Files 2
  • Fuzzing Multiple Layers
  • Wfuzz Installation
  • Wfuzz Installation 2
  • Wfuzz Basic Fuzzing
  • WFuzz Login Authentication
  • FFUF Installation
  • FFUF Working
  • FFUF Directory Fuzzing with extensions
  • FFUF Login Authentication FUZZ
  • Chapter 10 Quiz

  • dirsearch
  • Chapter 11 Quiz

  • WAF Detection with Nmap
  • WAF Fingerprinting with Nmap
  • Chapter 14 Quiz

  • Google Dorks Manually
  • How to become author of Google Dork
  • Chapter 15 Quiz

  • Bucgrowd
  • Hackerone
  • Intigriti
  • Open Bug Bounty
  • Private RVDP Programs
  • NCIIPC Govt. of India
  • SynAck
  • Chapter 16 Quiz

  • What are Mindmaps
  • Life Mindmap Example
  • Breakdown of a Mindmap
  • Mindmap by Jhaddix
  • My Personal Mindmap by Rohit Gautam
  • Chapter 17 Quiz

Vote for the Next Module!

Load more modules

Instructor

RLBC

Founded in 2019, RLBC is a content production consulting company based in Versailles, France. RLBC works with a team of SME professionals in the fields of Fintech, IT, and content marketing. The company produces digital education content for on-trend SME topics. For the NFT data science subject matter the team, better known as the NFT Guys, includes George, an IT industry veteran leading and managing engineering teams in the cybersecurity-critical sector from Brussels, who is well-versed in creating NFTs, and Robert, a veteran Fintech lecturer and maître conferencier in finance & accounting from New York. Robert is the author of Fashion and Art Coins published on pages 115 – 120 of Edmunds, John C., Editor (2020) Rogue Money and the Underground Economy, An Encyclopedia of Alternative and Cryptocurrencies, Greenwood: ABC – CLIO.

Join over 1 Million professionals from the most renowned Companies in the world!

certificate

Empower Your Learning with Our Flexible Plans

Invest in your future with our flexible subscription plans. Whether you're just starting out or looking to enhance your expertise, there's a plan tailored to meet your needs. Gain access to in-demand skills and courses for your continuous learning needs.

Monthly Plans
Annual Plans
Save 20% with our annual plans!

Pro

Ideal for continuous learning, offering extensive resources with 600+ courses and diverse Learning Paths to enhance your skills.

$ 499.00
Billed annually or $59.00 billed monthly
Get Started Now
Start your 7-day trial for $1

What is included

  • 700+ Premium Short Courses
  • 50+ Structured Learning Paths
  • Validation of Completion with all courses and learning paths
  • New Courses added every month
Early Access Offer

Pro +

Experience immersive learning with Practice Labs, CTF Challenges, and exclusive EC-Council certifications for comprehensive skill-building.

$ 599.00
Billed annually or $69.00 billed monthly
Get Started Now
Start your 7-day trial for $1

Everything in Pro and

  • 800+ Practice Lab exercises with guided instructions
  • 150+ CTF Challenges with detailed walkthroughs
  • New Practice Labs and Challenges added every month
  • 3 Official EC-Council Essentials Certifications¹ (retails at $897!)
    Exclusive Bonus with Annual Plans

¹This plan includes Digital Forensics Essentials (DFE), Ethical Hacking Essentials (EHE), and Network Defense Essentials (NDE) certifications. No other EC-Council certifications are included.

Related Courses

  • Hands-on FortiGate Firewall

    Hands-on FortiGate Firewall

    Short Course

    Hands-on FortiGate Firewall

    Security Architecture and Operations

    Learn how to deploy the FortiGate NGFW and how to configure t...

    $99.99

    Intermediate

    3 hr 0 m

  • Hands-on SELinux

    Hands-on SELinux

    Short Course

    Hands-on SELinux

    Security Architecture and Operations

    Learn SELinux Basics: Implement Security Policies, Troublesho...

    $49.99

    Beginner

    5 hr 28 m

  • Complete Bash Shell Scripting

    Complete Bash Shell Scripting

    Short Course

    Complete Bash Shell Scripting

    Security Architecture and Operations

    Automate repetitive tasks with Bash Shell Scripting to save v...

    $79.99

    Intermediate

    18 hr 10 m

  • Installing and Mitigating Linux Rootkits

    Installing and Mitigating Linux Rootkits

    Short Course

    Installing and Mitigating Linux Rootkits

    Security Architecture and Operations

    Understanding the threat posed by rootkits in Linux and poten...

    $59.99

    Advanced

    3 hr 0 m

  • Start Hacking and Making Money Today at HackerOne

    Start Hacking and Making Money Today at HackerOne

    Short Course

    Start Hacking and Making Money Today at HackerOne

    Security Architecture and Operations

    Hack Legally and Get Paid for Your Findings

    $59.99

    Beginner

    1 hr 9 m

  • PowerShell Scripting Essentials: Anatomy of Logging – Developing a Logging Module

    PowerShell Scripting Essentials: Anatomy of Logging – Developing a Logging Module

    Short Course

    PowerShell Scripting Essentials: Anatomy of Logging – Developi...

    Security Architecture and Operations

    How to write a PowerShell module that contains functions to d...

    $69.99

    Intermediate

    6 hr 1 m

  • Machine Learning for Application in Digital Forensics

    Machine Learning for Application in Digital Forensics

    Short Course

    Machine Learning for Application in Digital Forensics

    Security Architecture and Operations

    Unlocking the Potential of Machine Learning: From Theory to P...

    $99.99

    Intermediate

    4 hr 0 m

  • Applied Python Cryptography

    Applied Python Cryptography

    Short Course

    Applied Python Cryptography

    Security Architecture and Operations

    Securing your Python code and protecting your users private i...

    $79.99

    Intermediate

    4 hr 0 m

1 8