PacktPub | Web Hacking Secrets: How to Hack Legally and Earn Thousands of Dollars at HackerOne [Video] [FCO]
- CategoryOther
- TypeTutorials
- LanguageEnglish
- Total size868.6 MB
- Uploaded BySunRiseZone
- Downloads535
- Last checkedDec. 27th '20
- Date uploadedDec. 25th '20
- Seeders 55
- Leechers7
Lynda and other Courses >>> https://www.freecoursesonline.me/
For Developer Tools & Apps >>> https://ftuapps.com/
Forum for discussion >>> https://1hack.us/
By : Dawid Czagan
Released : September 2019
Course Source : https://www.packtpub.com/product/web-hacking-secrets-how-to-hack-legally-and-earn-thousands-of-dollars-at-hackerone-video/9781839214684
Video Details
ISBN 9781839214684
Course Length 6 hours 12 minute
About
HackerOne is your big opportunity. This is the platform where you can hack legally and at the same time you can make money. You can hack many different companies like Twitter, Yahoo, Uber, Coinbase, and a lot more. And you can get paid for your findings, for example $100, $1,000, or even $10,000 per one bug. It’s just amazing. All you need is Internet connection and knowledge. Yes - you need knowledge to go from zero to thousands of dollars at HackerOne, and in this online training I’m going to share my knowledge with you.
I’m one of the top hackers at HackerOne and I know quite a lot about hacking and making money that way. In this self-paced online training, I’ll present many award-winning bugs. The more you play with award-winning-bugs the more knowledge you get and the more knowledge you have, the more money you can make. I’ll also discuss a successful bug hunting strategy that I have been using in the recent years. What’s more, I’ll present a lot of demos, because I want you to see how all these things work in practice.
This self-paced online training is composed of 6 different courses:
• Start Hacking and Making Money Today at HackerOne
• Keep Hacking and Making Money at HackerOne
• Case Studies of Award-Winning XSS Attacks: Part 1
• Case Studies of Award-Winning XSS Attacks: Part 2
• DOUBLE Your Web Hacking Rewards with Fuzzing
• How Web Hackers Make BIG MONEY: Remote Code Execution
In the 1st course I will discuss the 5 bugs that I recommend you start with and I’ll introduce you to the strategy that I have been using successfully for a long time. In the 2nd course, you’ll master the strategy and you’ll play with the next 5 bugs. In the 3rd course I’ll demonstrate award-winning XSS attacks (cross-site scripting). It turns out, that you can get a 4-digit ($$$$) reward per single XSS, but to make it happen you need to learn about non-standard XSS attacks, and this is exactly what I’ll present to you. Next, in course No. 4 I’ll demonstrate more award-winning XSS attacks, because I want you to become a professional XSS hunter earning more and and more money. In course No. 5, I will present fuzzing, which is one of the most powerful vulnerability detection techniques, and I’ll show you how you can use this technique to double your web hacking rewards. And finally, I’ll tell you how to make big money with RCE, which stands for remote code execution. This is the most dangerous attack and companies are willing to give you a 5-digit reward ($$$$$) per single RCE, which is just awesome. What you need, to make this amount of money, is knowledge about non-standard RCE attacks and this is what I’ll present to you in course No. 6.
You can really go from zero to thousands of dollars at HackerOne. As one of the top hackers at HackerOne I know very well how it works and I want to share my knowledge with you. I want you to become the next successful web hacker and that’s the reason why I created "Web Hacking Secrets: How to Hack Legally and Earn Thousands of Dollars at Hackerone".
Author
Dawid Czagan
Dawid Czagan is listed among Top 10 Hackers (among more than 100,000 registered hackers at HackerOne). He has found security vulnerabilities in Google, Yahoo, Mozilla, Microsoft, Twitter, and other companies. Due to the severity of many bugs, he received numerous awards for his findings. Dawid Czagan shares his security bug hunting experience in his hands-on training “Hacking Web Applications – Case Studies of Award-Winning Bugs in Google, Yahoo, Mozilla and More” and “Bug Hunting Millionaire: Mastering Web Attacks with Full-Stack Exploitation”. He delivered security training courses at key industry conferences such as Hack In The Box (Amsterdam), CanSecWest (Vancouver), 44CON (London), Hack In Paris (Paris), DeepSec (Vienna), HITB GSEC (Singapore), BruCON (Ghent) and for many corporate clients. His students include security specialists from Oracle, Adobe, ESET, ING, Red Hat, Trend Micro, Philips and government sector. Dawid Czagan is a founder and CEO at Silesia Security Lab – a company which delivers specialized security testing and training services. To find out about his latest works, you can follow him on Linkedin: https://www.linkedin.com/in/dawid-czagan-85ba3666/en Twitter: https://twitter.com/dawidczagan Official website: https://silesiasecuritylab.com/200000-in-bug-bounty-programs-award-winning-bugs-in-facebook-google-coinbase-and-more/
Files:
[FreeCoursesOnline.Me] PacktPub - Web Hacking Secrets How to Hack Legally and Earn Thousands of Dollars at HackerOne 0. Websites you may like- 0. (1Hack.Us) Premium Tutorials-Guides-Articles _ Community based Forum.url (0.4 KB)
- 1. (FreeCoursesOnline.Me) Download Udacity, Masterclass, Lynda, PHLearn, Pluralsight Free.url (0.3 KB)
- 3. (FTUApps.com) Download Cracked Developers Applications For Free.url (0.2 KB)
- How you can help our Group!.txt (0.2 KB)
- 01 Overview of Course Bundle.mp4 (5.5 MB)
- 02 Introduction.mp4 (12.5 MB)
- 03 HackerOne Your Big Opportunity.mp4 (14.0 MB)
- 04 Getting Started with 5 Bugs.mp4 (15.0 MB)
- 05 Automatic Leakage of Password Reset Link - Overview.mp4 (13.3 MB)
- 06 Automatic Leakage of Password Reset Link - Demo.mp4 (18.5 MB)
- 07 How to Get Access to the Account of the Logged-Out User - Overview.mp4 (8.6 MB)
- 08 How to Get Access to the Account of the Logged-Out User - Demo.mp4 (14.0 MB)
- 09 Insecure Processing of Credit Card Data - Overview.mp4 (4.8 MB)
- 10 Insecure Processing of Credit Card Data - Demo.mp4 (12.6 MB)
- 11 Disclosure of Authentication Cookie - Overview.mp4 (7.8 MB)
- 12 Disclosure of Authentication Cookie - Demo.mp4 (21.5 MB)
- 13 User Enumeration Overview.mp4 (7.5 MB)
- 14 User Enumeration Demo.mp4 (9.2 MB)
- 15 Summary.mp4 (8.8 MB)
- 01 Introduction.mp4 (15.2 MB)
- 02 How to Impersonate a User via Insecure Log In - Overview.mp4 (9.2 MB)
- 03 How to Impersonate a User via Insecure Log In - Demo.mp4 (11.4 MB)
- 04 Sensitive Information in Metadata - Overview.mp4 (6.5 MB)
- 05 Sensitive Information in Metadata - Demo.mp4 (18.8 MB)
- 06 Disclosure of Credentials - Overview.mp4 (9.8 MB)
- 07 Disclosure of Credentials - Demo.mp4 (13.4 MB)
- 08 Insecure Password Change - Overview.mp4 (7.4 MB)
- 09 Insecure Password Change - Demo.mp4 (7.7 MB)
- 10 Dictionary Attack - Overview.mp4 (10.2 MB)
- 11 Dictionary Attack - Demo.mp4 (7.2 MB)
- 12 Summary.mp4 (8.2 MB)
- 01 Introduction.mp4 (19.6 MB)
- 02 XSS via Image - Overview.mp4 (6.7 MB)
- 03 XSS via Image - Demo.mp4 (14.2 MB)
- 04 XSS via HTTP Response Splitting - Overview.mp4 (10.3 MB)
- 05 XSS via HTTP Response Splitting - Demo.mp4 (30.9 MB)
- 06 XSS via Cookie - Overview.mp4 (17.8 MB)
- 07 XSS via Cookie - Demo.mp4 (28.0 MB)
- 08 XSS via AngularJS Template Injection - Overview.mp4 (12.4 MB)
- 09 XSS via AngularJS Template Injection - Demo.mp4 (12.8 MB)
- 10 Summary.mp4 (8.0 MB)
- 01 Introduction.mp4 (8.3 MB)
- 02 XSS via XML - Overview.mp4 (4.2 MB)
- 03 XSS via XML - Demo.mp4 (11.7 MB)
- 04 XSS via Location.href - Overview.mp4 (11.8 MB)
- 05 XSS via Location.href - Demo.mp4 (12.0 MB)
- 06 XSS via Vbscript - Overview.mp4 (9.8 MB)
- 07 XSS via Vbscript - Demo.mp4 (18.4 MB)
- 08 From XSS to Remote Code Execution - Overview.mp4 (10.6 MB)
- 09 From XSS to Remote Code Execution - Demo.mp4 (10.9 MB)
- 10 Summary.mp4 (5.7 MB)
- 01 Introduction.mp4 (11.0 MB)
- 02 The Basics of Fuzzing.mp4 (8.6 MB)
- 03 Fuzzing with Burp Suite Intruder - Overview.mp4 (13.0 MB)
- 04 Fuzzing for SQL Injection - Demo.mp4 (43.6 MB)
- 05 Fuzzing for Path Traversal - Demo.mp4 (31.1 MB)
- 06 Fuzzing with Burp Suite Intruder Tips and Tricks.mp4 (13.3 MB)
- 07 Summary.mp4 (7.8 MB)
- 01 Introduction.mp4 (11.2 MB)
- 02 From SQL Injection to Remote Code Execution - Overview.mp4 (4.3 MB)
- 03 From SQL Injection to Remote Code Execution - Demo.mp4 (26.8 MB)
- 04 From Disclosure of Software Version to Remote Code Execution - Overview.mp4 (8.5 MB)
- 05 From Disclosure of Software Version to Remote Code Execution - Demo.mp4 (34.1 MB)
- 06 Remote Code Execution via File Upload - Overview.mp4 (18.5 MB)
- 07 Remote Code Execution via File Upload - Demo.mp4 (24.9 MB)
- 08 Remote Code Execution via Deserialization - Overview.mp4 (18.9 MB)
- 09 Remote Code Execution via Deserialization - Demo.mp4.avi (20.9 MB)
- 10 Summary.mp4.avi (9.6 MB)
Code:
- udp://opentor.org:2710/announce
- udp://p4p.arenabg.com:1337/announce
- udp://tracker.torrent.eu.org:451/announce
- udp://tracker.cyberia.is:6969/announce
- udp://9.rarbg.to:2710/announce
- udp://exodus.desync.com:6969/announce
- udp://explodie.org:6969/announce
- udp://tracker.moeking.me:6969/announce
- udp://tracker.opentrackr.org:1337/announce
- udp://tracker.tiny-vps.com:6969/announce
- udp://ipv4.tracker.harry.lu:80/announce
- http://tracker.foreverpirates.co:80/announce
- udp://tracker.leechers-paradise.org:6969/announce
- udp://open.stealth.si:80/announce
- udp://tracker.internetwarriors.net:1337/announce