Bug Bounty Hunting for Beginners in English

Learn Bug Bounty online at your own pace. Start today and improve your skills. Join millions of learners from around the world already learning on DICC INSTITUTE.

Beginner 5(29 Ratings) 39 Students enrolled English
Created by Rohit
Last updated Wed, 25-Jan-2023
+ View more
Course overview

Let start Learning the  Bug Bounty For Beginners Course. In this comprehensive training program we will cover web application security attacks and how to earn bug bounties. This course is highly practical and is made on Live websites it's very helpful when you start your bug hunting journey.

No special skills are required as the course covers everything from the very basics.

You will start as a beginner with no hands-on experience on bug bounty hunting and Penetration testing.

What will i learn?

  • A rewards program for ethical hackers, where companies invite hackers to analyze their systems for vulnerabilities, is gaining popularity as an innovative security solution.
Requirements
  • Basic Computer Knowledge
  • Online Connectivity
  • Laptop or Computer
  • Dedicated to Learning
Curriculum for this course
104 Lessons 08:35:17 Hours
Overview of Course
2 Lessons 00:03:34 Hours
  • Overview of Course
    Preview 00:02:31
  • Disclaimer
    00:01:03
OWASP Top Ten for Bug Hunting
10 Lessons 00:38:38 Hours
  • What is OWASP and How it Works
    00:09:54
  • What is Broken Authentication
    00:02:55
  • What is Senstive Data Exposure
    00:05:30
  • What is XML External Entities
    00:02:42
  • What is Broken Access Control
    00:04:09
  • What is Security Misconfiguration
    00:02:22
  • What is Cross Site Scripting (XSS)
    00:03:48
  • What is Insecure Deserialization
    00:02:05
  • What are Known Vulnerabilities
    00:02:09
  • What is Insufficient Logging and Monitoring
    00:03:04
Lab Setup
1 Lessons 00:17:09 Hours
  • Burp Suite Setup and Configuration
    00:17:09
Authentication Bypass
15 Lessons 01:00:46 Hours
  • Proof of Concept - Authentication Bypass -1
    00:05:41
  • Proof of Concept - Authentication Bypass -2
    00:04:20
  • Proof of Concept - Authentication Bypass -2
    00:04:20
  • Proof of Concept - Authentication Bypass -3
    00:02:52
  • Proof of Concept - Authentication Bypass -4
    00:03:37
  • Proof of Concept - Authentication Bypass -5
    00:04:32
  • Proof of Concept - Captcha Bypass
    00:02:47
  • Account Takeover -1
    00:05:34
  • Account Takeover -2
    00:03:51
  • One Time Password Disclosure -1
    Preview 00:04:09
  • One Time Password Disclosure -2
    00:03:13
  • 2 Factor Authentication Bypass (2FA)
    00:03:41
  • Email Takeover
    00:05:57
  • Mitigations
    00:01:55
  • Interview Preparation
    00:04:17
No Rate-Limit Attacks
15 Lessons 01:23:29 Hours
  • Account Takeover Type -1
    00:12:31
  • Account Takeover Type -2
    00:09:54
  • Account Takeover Type -3
    00:05:35
  • Account Takeover Type -4
    00:05:16
  • Account Takeover Type -5
    00:05:27
  • Account Takeover Type -6
    00:06:59
  • Account Takeover Type -7
    00:06:11
  • Instagram Bug Report -1
    00:00:56
  • Instagram Bug Report -2
    00:04:16
  • No Rate Limit Bypass Report -1
    00:05:30
  • No Rate Limit Bypass Report -2
    00:05:22
  • Fake IP Extension
    00:04:03
  • Realtime Example on CloudFare
    00:04:09
  • Mitigations
    00:02:04
  • Hackerone Reports
    00:05:16
Cross Site Scripting - XSS
37 Lessons 03:14:22 Hours
  • CORS Test Cases
    00:08:52
  • How does XSS work
    00:06:16
  • Reflected XSS - 1
    00:03:13
  • Reflected XSS - 2
    00:01:37
  • Reflected XSS - 3
    00:03:41
  • Reflected XSS - 4
    00:09:53
  • XSS on Limited Inputs - 1
    00:03:21
  • XSS on Limited Inputs - 2
    00:02:52
  • XSS in Request Headers
    00:03:48
  • Reflected XSS Useragent and Caching
    00:06:42
  • Reflected XSS Email Validator
    00:04:50
  • Reflected XSS Protection Bypass - Base64
    00:05:37
  • Reflected XSS Protection Bypass -2
    00:05:19
  • XSS using Spider
    00:06:32
  • Blind XSS Exploitation
    00:05:55
  • Stored XSS Exploitation
    00:09:22
  • XSS Bypass Right Click Disabled
    00:04:17
  • DOM XSS Name
    00:06:12
  • DOM XSS Redirection
    00:02:21
  • DOM XSS Index
    00:02:51
  • DOM XSS Automated Scanner
    00:12:06
  • Realtime XSS on Adding Parameters
    00:03:24
  • Onmouseover XSS - 1
    00:02:55
  • Onmouseover XSS - 2
    00:01:45
  • All Types of Events on XSS Mouseover
    00:03:26
  • Realtime XSS Polyglots
    00:06:55
  • XSS Polyglots Explained
    00:02:18
  • URL Redirection with XSS
    00:04:39
  • Phishing with XSS
    00:04:06
  • Cookie Stealer in Lab
    00:10:15
  • Cookie Stealer in Realtime
    00:08:36
  • File Upload Type- 1
    00:03:24
  • File Upload Type- 2
    00:03:09
  • XSS Mitigations
    00:02:20
  • XSS More Ways
    00:05:14
  • Hackerone Reports Explained
    00:08:32
  • Interview Preparation on XSS
    00:07:47
Cross Site Request Forgery - CSRF
15 Lessons 01:21:16 Hours
  • How CSRF Works
    00:04:54
  • CSRF Example -1
    00:02:55
  • CSRF Example -2
    00:09:10
  • CSRF in Realtime -1
    00:01:31
  • CSRF in Realtime -2
    00:10:14
  • Passoword Change Example
    00:03:29
  • Funds Transfer Example
    00:03:06
  • CSRF Request Methods
    00:03:33
  • CSRF to Account Takeover -1
    00:07:13
  • CSRF to Account Takeover -2
    00:07:39
  • CSRF Chaining Attack
    00:02:28
  • Mitigations CSRF
    00:03:27
  • Extras
    00:02:12
  • Hackerone Reports
    00:13:18
  • Interview Preparation for CSRF
    00:06:07
Cross Origin Resource Sharing - CORS
9 Lessons 00:36:03 Hours
  • How CORS Works
    00:03:17
  • Realtime CORS Exploit Realtime -1
    00:02:32
  • Realtime CORS Exploit Realtime -2
    00:05:00
  • Realtime CORS Exploit Realtime -3
    00:01:46
  • Facebook Realtime Exploitation -CORS
    00:02:05
  • Prefix Match CORS
    00:04:01
  • Suffix Match CORS
    00:04:12
  • Mitigations of CORS
    00:02:14
  • Reports Summary
    00:10:56
+ View more
Other related courses
10:20:18 Hours
Ethical Hacking Course (A to Z) in English
Updated Wed, 10-Aug-2022
5 18 ₹10000 ₹499
About instructor

Rohit

29 Reviews | 39 Students | 1 Courses
Student feedback
5
29 Reviews
  • (0)
  • (0)
  • (0)
  • (4)
  • (25)

Reviews

  • Kavita Sharma
    It is a super get to know Bug hunting, specifically with regard to DICC teaching, dicc institute is the BEST.
  • Irshad ali
    If you want to build a career in the field of Bug Hunting, dicc institute is the perfect place for you. There are plenty of attacks that they teach apply in real-world operation, so it's easy to know the attack vectors.
  • Ritika Ahuja
    One of the great Bug hunting institutions in india. The instructors Videos are very pleasant and will answer all your questions with real life experience.
  • Om Prakash
    Great coaching in an innovative way. five stars to main trainer with software update version.
  • Suman Singh
    Joined dicc bug hunting course on web application security and able find new bugs, Highly Recommended
  • danish kumar
    It was a very useful course.hope that i join your interactive sessions. Peace.
  • Ritwik kumar
    Awesome bug hunting Training and CTF.
  • mukaul yadav
    I'm a bcom understudy. Currently, Now I have to learn something unused for cybersecurity. I was really pleased with my encounter while attending. Thank you very much for making this Bug Hunting Course.
  • deepiinder singh
    Iam excited to tell you that I have taken a bug hacking course from the DICC Institute. After completing this course, I can say one thing. DICC is one of the leading bug hacking unparalleled trainings across India. I'm happy to say "I can hack and I can be secure". Dicc has taught me a great way to do DICC INSTITUTE in a basic and simple way.
  • himani yadav
    All topics were explained really well. Each session was followed by a question-and-answer session.
  • krishan kumar
    As I needed to change my job I searched for Bug Bounty Hunting in Delhi and was able to jointly improve my cyber security skills. I came on DICC INSTITUTE and decided that after really first assembly I needed them ready. They made the difference in turning my hypothetical information to Practical.
  • nikita Sharma
    Bug Bounty Hunting made the difference to get my career off the ground! This is made possible thanks to dicc institute.
  • urfi khan
    Great experience with dicc bug hunting. Great course.
  • sabina Ahuja
    Thanks to dicc for such a awesome training. Great challenges and course material.
  • ruby goel
    I am very happy with my purchase of the Bug Hunting Course.
  • shivraj kumar
    I joined the Bug bounty Hunting course and really enjoyed it.
  • deepak yadav
    Learning was made easy with video lectures properly explaining the use of the Tools. Thank you very much.
  • anil yadav
    When I started this course, I knew very little about bugs. But I knew very little about bugs when I attended this course. The strong preparation that DICC INSTITUTE gives you will make you Skilled.
  • monika Sharma
    Extraordinary course on Bug bounty hunting and aspects of it. DICC is a great source of information.
  • mukesh arora
    Saved my money and time. I took this course, went on the fast track and had a really great time.
  • rahul goel
    Preparing for the BUg Bounty Hunting. I have tried udemy and other sources but have never been satisfied. But this engagement was really great, given the best of individual preparation.
  • ayesha sharma
    The knowledge provided is reasonable, All over great experience & so much knowledge to gain.
  • khushi sharma
    Best Course for an beginner to learn bug bounty hunting.
  • tina sharma
    The course content and teaching was very good
  • kamaljeet singh
    I would like to thank you for the helpful guidance provided by zybeak DICC INSTITUTE . I am happy with my instructor who is very efficient and shared their knowledge and experience with me.
  • harendra kumar
    Professional approach and training
  • soham singh
    I've been a fan of the web apps for years and was looking forward to hunting bug bounties, I can say I found the best place dicc. The trainer is very good at conveying the topic and will answer any questions clearly! Best experience ever.
  • ajit kumar
    Good course content and well trained teachers
  • seema kaur
    Definitely...! If you're looking to take an information security course, this is the place. An interactive and hands-on course. I learned BUG BOUNTY here. Each module of the course is theory first, then practice.
Preview this course
₹3500 ₹799
Includes:
Free Demo
Call Us