Recon for Ethical Hacking / Penetration Testing & Bug Bounty

  • CategoryOther
  • TypeTutorials
  • LanguageEnglish
  • Total size7.5 GB
  • Uploaded BySource1337
  • Downloads205
  • Last checkedAug. 05th '21
  • Date uploadedAug. 02nd '21
  • Seeders 15
  • Leechers6

Infohash : 9E490F7C9F28CE7C783537E67707F2915BBEF0EA

Quote:

We upload these learning materials for the people from all over the world, who have the talent and motivation to sharpen their skills/knowledge but do not have the financial support to afford the materials. If you like this content and if you are truly in a position that you can actually buy the materials, then Please, we repeat, Please, Support Authors. They Deserve it! Because always remember, without “Them”, you and we won’t be here having this conversation. Think about it! ☮️ Peace.✌️


https://t.me/Source1337x



Code:

Description

Welcome to Recon for Bug Bounty, Pentesting & Ethical Hacking.


This course starts with the Basics of Recon & Bug Bounty Hunting Fundamentals to Advance Exploitation.

This course starts with basics with Web and Web Server Works and how it can be used in our day to day life. We will also learn about DNS, URL vs URN vs URI and Recon for Bug Bounties to make our base stronger and then further move on to Target Expansion, Content Discovery, Fuzzing CMS Identification, Certificate Transparency, Visual Recon , Github Recon , Custom Wordlists , Mind maps, Bug Bounty Automation, Bug Bounty Platforms with practicals.

This course covers All the Tools & Techniques for Penetration Testing & Bug Bounties for a better understanding of what’s happening behind the hood.

The course also includes in depth approach towards any target and increases the scope for mass hunting and success.

With this course, we will learn Target Selection Techniques for Host, Subnet Scans & Host Discovery, Content Discovery, Subdomain Enumeration Horizontal & Vertical, CMS Identification, Fuzzing the target for finding web vulnerabilities like XSS, Open Redirect, SSRF, Sql Injection etc. How to increase the scope and take screenshots for large number for hosts for better visualisation. We will also learn How to use Shodan for Bug Bounties to find critical vulnerabilities in targets. We will also see Github Recon to find sensitive information for targets like API keys from GitHub Repositories. Next we will see How to perform Automation for daily day to day tasks and easier ways to run tools, We will also see How to write Bug Bounty & pentesting Reports. We will also cover mind maps by other hackers for a better approach towards any target and also we will see mindmap created by us. We will also see Bug Bounty Platforms and how to kick start our journey on them.

Here’s a more detailed breakdown of the course content:

In all the sections we will start the fundamental principle of How the scan works and How can we perform Exploitation.

In Introduction, We will cover What is Web, What are Web Servers, DNS and We will also learn about DNS and How DNS works and also How DNS is important in our day to day life.We will also see the difference between URL, URN and URI, We will also see the complete breakdown of URL to understand better. We will also learn about Bug-Bounty Hunting and Understand the Importance of Recon in Bug-Bounty Hunting and Pentesting.
Before starting the journey, We will see Top-10 rules for Bug-Bounty Hunting and we will understand the psychology of the Hackers.
In Shodan for Bug-Bounties we will start with the installation of Shodan and we will learn about Shodan Queries such as Info, Count downloads and many more and will run them from our command line. We will also learn Host Enumeration, Parse dataset, Search Queries, Scan commands using Shodan. The Section cannot be completed without learning about Shodan GUI which is very simple and easily understandable. We will also see Shodan Images, Exploits , Report generation and alot more.In the end, we will see the summary and revision of the section to remember the important queries and key points.
We will see live hunting with Shodan and understand about latest CVE’s and perform exploits. We will see Jenkins Exploitation Logs, Jenkins Exploitation Credentials, ADB under Shodan LIVE Hunting.
In Certificate Transparency for Subdomain Enumeration we will learn about crt[dot]sh, wildcards of crt[dot]sh and We will learn automation for crt[dot]shto enumerate subdomains for a target. We will also learn about Shodan, Censys for Subdomain Enumeration, We will learn about Google and Facebook Certificate Transparency. We will also learn to find out Subdomains using DNS Dumpster and enumerate all the DNS records as well as save the hosts in a xlsx format. We will also see the workflow for dnsdumpster to know about the whole target server from its DNS records like A, CNAME, MX, TXT etc.
In Scope Expansion we will learn about ASN Lookup, Pentest tools, VirusTotal. We will also learn about some awesome tools like Sublister, Subfinder, knockpy, Asset Finder, Amass, Findomain, Sublert, Project Discovery Nmmapper and a lot more.
We will also understand how to use them effectively for expanding the scope to walk on less travelled road and achieve success in bug bounties
In DNS Enumeration for Bug-Bounties we will learn and understand about DNS Dumpster, DNS Goodies, Altdns, Massdns, Vertical & Horizontal Correlation (Viewdns.info) and enumerate the subdomains from the recursive DNS.
We will start with Introduction to Fuzzing, Its importance and Step by Step process, We will see fuzzing practically on LAB and LIVE websites to understand better.
We will Learn, Understand and Use tools like Wfuzz and FFUF and also see how we can perform recursive fuzzing on the target. We will also perform HTTP Basic Auth Fuzz to crack the login of the dashboards and also do Login Authentication Cracking with the help of useful wordlists.
We will utilise some of the wordlists like Seclists, FuzzDB, Jhaddix All.txt and will also see how to make our own custom wordlists for the targets.
Content Discovery covers tools like Dirsearch, Gobuster which will be helpful for finding out sensitive endpoints of the targets like db.conf or env files which may contain the DB username and passwords. Also sensitive information like periodic backups or source code and can also be identified which can lead to compromise of the whole server.
In CMS Identification we will learn and understand about Wappalyzer, Builtwith, Netcraft, Whatweb, Retire.jsAs Banner Grabbing and identifying information about the target is the foremost step, we will identify the underlying technologies which will enable us to narrow down the approach which will lead to success.
In WAF Identification we will see WAF Detection with Nmap, WAF Fingerprinting with Nmap, WafW00f vs Nmap.We will know, If there are any firewalls running on the target and accordingly send our payloads to the targets and throttle our requests so we can evade them successfully.
The Mindmaps for Recon and Bug-Bounty section will cover the approach and methodology towards the target for pentesting and bug bounty. A strong and clear visual building block visual representation will help in performing the attack process with more clarity and will help in knowing the next steps.
The Bug-Bounty Platforms section contains a Roadmap of How to start your Bug-Bounty Journey on different Platforms like Hackerone, Bugcrowd, Integrity, Synack, It also covers how to Report Private RVDP Programs.


Files:

Recon for Ethical Hacking Penetration Testing & Bug Bounty 4. Shodan for Bug Bounties
  • 17. Exploitation of CVE 2020-3452 File Read.mp4 (310.4 MB)
  • 1. Shodan Installation & Lab Setup-en_US.srt (3.9 KB)
  • 1. Shodan Installation & Lab Setup.mp4 (24.9 MB)
  • 2. Shodan API-en_US.srt (2.9 KB)
  • 2. Shodan API.mp4 (25.7 MB)
  • 3. Shodan Info & Count-en_US.srt (6.0 KB)
  • 3. Shodan Info & Count.mp4 (13.1 MB)
  • 4. Shodan Scan Downloads-en_US.srt (7.6 KB)
  • 4. Shodan Scan Downloads.mp4 (122.2 MB)
  • 5. Shodan Host Enumeration-en_US.srt (6.5 KB)
  • 5. Shodan Host Enumeration.mp4 (46.0 MB)
  • 6. Shodan Parse Dataset-en_US.srt (3.7 KB)
  • 6. Shodan Parse Dataset.mp4 (41.0 MB)
  • 7. Shodan Search Query-en_US.srt (3.5 KB)
  • 7. Shodan Search Query.mp4 (44.6 MB)
  • 8. Shodan Scan Commands-en_US.srt (8.6 KB)
  • 8. Shodan Scan Commands.mp4 (40.0 MB)
  • 9. Shodan Stats-en_US.srt (3.2 KB)
  • 9. Shodan Stats.mp4 (11.5 MB)
  • 10. Shodan GUI-en_US.srt (7.0 KB)
  • 10. Shodan GUI.mp4 (32.3 MB)
  • 11. Shodan Report Generation-en_US.srt (4.6 KB)
  • 11. Shodan Report Generation.mp4 (31.9 MB)
  • 12. Shodan Report Generation - Part 2-en_US.srt (5.5 KB)
  • 12. Shodan Report Generation - Part 2.mp4 (34.3 MB)
  • 13. Shodan Images-en_US.srt (5.6 KB)
  • 13. Shodan Images.mp4 (38.4 MB)
  • 14. Shodan Exploits-en_US.srt (4.9 KB)
  • 14. Shodan Exploits.mp4 (38.6 MB)
  • 15. Shodan Live Hunting - Remote Code Execution-en_US.srt (12.8 KB)
  • 15. Shodan Live Hunting - Remote Code Execution.mp4 (93.8 MB)
  • 16. Shodan Live Hunting - Sensitive Data Exposure-en_US.srt (8.6 KB)
  • 16. Shodan Live Hunting - Sensitive Data Exposure.mp4 (81.0 MB)
  • 17. Exploitation of CVE 2020-3452 File Read-en_US.srt (23.3 KB)
  • 18. Exploitation of CVE 2020-3187 File Delete-en_US.srt (9.7 KB)
  • 18. Exploitation of CVE 2020-3187 File Delete.mp4 (107.0 MB)
  • 19. Shodan Live Hunting - Jenkins Exploitation Logs-en_US.srt (9.3 KB)
  • 19. Shodan Live Hunting - Jenkins Exploitation Logs.mp4 (85.1 MB)
  • 20. Shodan Live Hunting - Jenkins Exploitation Credentials-en_US.srt (6.6 KB)
  • 20. Shodan Live Hunting - Jenkins Exploitation Credentials.mp4 (38.9 MB)
  • 21. Shodan Live Hunting - ADB-en_US.srt (16.2 KB)
  • 21. Shodan Live Hunting - ADB.mp4 (258.4 MB)
  • 22. BONUS Shodan Extension-en_US.srt (3.6 KB)
  • 22. BONUS Shodan Extension.mp4 (21.3 MB)
  • Assets-for-CVE-3452.txt (1.4 KB)
  • Read me for more courses.txt (0.2 KB)
  • Shodan Revision.html (2.2 KB)
  • telegram channel for Hackers.html (0.1 KB)
  • telegram channel for Hackers.html (0.1 KB)
  • 1. Introduction
    • 1. Introduction-en_US.srt (7.4 KB)
    • 1. Introduction.mp4 (34.6 MB)
    • 2. Motivation & Importance-en_US.srt (8.1 KB)
    • 2. Motivation & Importance.mp4 (55.8 MB)
    • 3. Future Updates-en_US.srt (3.9 KB)
    • 3. Future Updates.mp4 (16.9 MB)
    • 4. Disclaimer-en_US.srt (1.1 KB)
    • 4. Disclaimer.mp4 (4.2 MB)
    • Course FAQ.html (1.5 KB)
    • Rules for asking Questions.html (1.6 KB)
    2. Note Keeping
    • 1. Note Keeping Importance-en_US.srt (6.0 KB)
    • 1. Note Keeping Importance.mp4 (14.7 MB)
    • 2. How to make Notes-en_US.srt (10.8 KB)
    • 2. How to make Notes.mp4 (56.1 MB)
    • 3. Effective Note Keeping for Pentest & Bug Bounties-en_US.srt (13.6 KB)
    • 3. Effective Note Keeping for Pentest & Bug Bounties.mp4 (74.2 MB)
    • 4. Visual Notes-en_US.srt (8.8 KB)
    • 4. Visual Notes.mp4 (79.8 MB)
    3. Bug Bounty Recon Introduction
    • 1. Top 10 Rules for Bug Bounties-en_US.srt (7.3 KB)
    • 1. Top 10 Rules for Bug Bounties.mp4 (26.5 MB)
    • 2. Zen Poem-en_US.srt (2.0 KB)
    • 2. Zen Poem.mp4 (4.9 MB)
    • 3. What is Web-en_US.srt (5.8 KB)
    • 3. What is Web.mp4 (29.7 MB)
    • 4. What is DNS-en_US.srt (9.1 KB)
    • 4. What is DNS.mp4 (76.6 MB)
    • 5. How does Web Server Work-en_US.srt (8.4 KB)
    • 5. How does Web Server Work.mp4 (86.0 MB)
    • 6. URL vs URN vs URI-en_US.srt (7.2 KB)
    • 6. URL vs URN vs URI.mp4 (17.3 MB)
    • 7. Breakdown of URL-en_US.srt (6.3 KB)
    • 7. Breakdown of URL.mp4 (26.2 MB)
    • Course FAQ.html (1.5 KB)
    • Feedback Time!.html (0.5 KB)
    • How to make the best out of this course.html (1.0 KB)
    • Revision of URL.html (1.3 KB)
    • Revision of Web, DNS and Server.html (2.5 KB)
    • Rules for asking Questions.html (1.6 KB)
  • Read me for more courses.txt (0.2 KB)
  • 5. Certificate Transparency for Subdomain Enumeration
    • 1. Certificate Transparency Crt.sh-en_US.srt (11.6 KB)
    • 1. Certificate Transparency Crt.sh.mp4 (193.8 MB)
    • 2. Certificate Transparency Crt.sh Wildcards-en_US.srt (12.6 KB)
    • 2. Certificate Transparency Crt.sh Wildcards.mp4 (252.8 MB)
    • 3. Certificate Transparency Crt.sh Automation-en_US.srt (7.3 KB)
    • 3. Certificate Transparency Crt.sh Automation.mp4 (47.1 MB)
    • 4. Shodan Subdomain Enumeration-en_US.srt (8.7 KB)
    • 4. Shodan Subdomain Enumeration.mp4 (98.7 MB)
    • 5. Shodan Subdomain Enumeration Automation-en_US.srt (3.3 KB)
    • 5. Shodan Subdomain Enumeration Automation.mp4 (20.6 MB)
    • 6. Censys Subdomain Enumeration-en_US.srt (7.4 KB)
    • 6. Censys Subdomain Enumeration.mp4 (31.2 MB)
    • 7. Censys Subdomain Enumeration Automation-en_US.srt (11.2 KB)
    • 7. Censys Subdomain Enumeration Automation.mp4 (145.1 MB)
    • 8. Facebook Certificate Transparency-en_US.srt (5.0 KB)
    • 8. Facebook Certificate Transparency.mp4 (31.4 MB)
    • 9. Google Certificate Transparency-en_US.srt (4.4 KB)
    • 9. Google Certificate Transparency.mp4 (40.0 MB)
    • Certificate Transparency Revision.html (1.5 KB)
    6. Scope Expansion
    • 1. Pentest Tools-en_US

Code:

  • http://p4p.arenabg.com:1337/announce
  • udp://tracker.opentrackr.org:1337/announce
  • udp://9.rarbg.com:2810/announce
  • udp://exodus.desync.com:6969/announce
  • http://openbittorrent.com:80/announce
  • udp://www.torrent.eu.org:451/announce
  • udp://tracker.torrent.eu.org:451/announce
  • udp://tracker.openbittorrent.com:6969/announce
  • udp://wassermann.online:6969/announce
  • udp://vibe.sleepyinternetfun.xyz:1738/announce