o What is Bug Bounty o What is Penetration Testing o What is Red Teaming o What is SOC o Needs to be a Professional Bug Hunter 2. Setting up Hacking Machine o Introduction to Linux Environment 3. Introduction to Networking 4. Web Application Fundamentals & Configurations o HTTP and HTTPS Protocol o HTTP Requests & HTTP Response o URL & URI o HTTP Methods o HTTP Response Status Codes o SOP & CORS 5. Introduction to Web Application Security Testing o Types of Web Application Security Testing o Approach for Web App Penetration Testing 6. Web Application Reconnaissance 7. Working with Burp suite 8. Exploiting Traditional Web Application Vulnerabilities o Sub Domain Take Over o Click Jacking o Checking Necessary Security Headers o Checking SPF & DMARC Record o CORS (Cross-Origin Resource Sharing) o Testing Rate Limit 9. Introduction to Session Managements o What is Session Management o Testing Weak Session Logout Policy o Testing For Session Timeout o Session Fixation Vulnerability 10. Introduction to XSS (Cross-Site Scripting) o Exploiting Reflected XSS o Exploiting Stored XSS o Exploiting DOM XSS 11. Introduction to SQL injection o Logic behind SQL injection o Authentication Bypass using SQL injection o Error Balancing in SQLi o Information Disclosure (Exploiting Database) through SQL injection o Automate SQL injection Process 12. Introduction to File Inclusion Vulnerability o Exploiting LFI o Exploiting RFI 13. CSRF (Cross-Site Request Forgery Attack) 14. SSRF (Server-Side Request Forgery Attack) o Exploiting Blind SSRF 15. IDOR (Insecure Direct Object Reference) 16. OS Command injection 17. Response Manipulation 18. Host Header Injection 19. Parameter Tampering 20. XXE (XML External Entity) 21. RCE (Remote Code Execution) 22. Introduction to Bug Bounty Platforms o Hackerone o Bug Crowd o Open Bug Bounty Programs 23. Preparation for Cyber Security Interview that they are endorsed. Please contact us for additional details.