1.

About Cyber Security Industry

o What is Bug Bounty
o What is Penetration Testing
o What is Red Teaming
o What is SOC
o Needs to be a Professional Bug Hunter
2. Setting up Hacking Machine
o Introduction to Linux Environment
3. Introduction to Networking
4. Web Application Fundamentals & Configurations
o HTTP and HTTPS Protocol
o HTTP Requests & HTTP Response
o URL & URI
o HTTP Methods
o HTTP Response Status Codes
o SOP & CORS
5. Introduction to Web Application Security Testing
o Types of Web Application Security Testing
o Approach for Web App Penetration Testing
6. Web Application Reconnaissance
7. Working with Burp suite
8. Exploiting Traditional Web Application Vulnerabilities
o Sub Domain Take Over o Click Jacking
o Checking Necessary Security Headers
o Checking SPF & DMARC Record
o CORS (Cross-Origin Resource Sharing)
o Testing Rate Limit
9. Introduction to Session Managements
o What is Session Management
o Testing Weak Session Logout Policy
o Testing For Session Timeout
o Session Fixation Vulnerability
10. Introduction to XSS (Cross-Site Scripting)
o Exploiting Reflected XSS
o Exploiting Stored XSS
 o Exploiting DOM XSS
11. Introduction to SQL injection
o Logic behind SQL injection
o Authentication Bypass using SQL injection
o Error Balancing in SQLi
o Information Disclosure (Exploiting Database) through SQL injection
o Automate SQL injection Process
12. Introduction to File Inclusion Vulnerability
o Exploiting LFI
o Exploiting RFI
13. CSRF (Cross-Site Request Forgery Attack)
14. SSRF (Server-Side Request Forgery Attack)
o Exploiting Blind SSRF
15. IDOR (Insecure Direct Object Reference)
16. OS Command injection
17. Response Manipulation
18. Host Header Injection
19. Parameter Tampering
20. XXE (XML External Entity)
21. RCE (Remote Code Execution)
22. Introduction to Bug Bounty Platforms
o Hackerone
o Bug Crowd
o Open Bug Bounty Programs
23. Preparation for Cyber Security Interview
that they are endorsed. Please contact us for additional details.