Loading...
Loading...
Loading...

real world Bug-Bounty hunting

about program

In this course, you will learn the approaches to Hunt Bugs in a website, its exploitation process and understand the process of bug submission. Start as a beginner in bug bounty hunting and by the end of the course, you’ll be able to pursue bug bounty on your own.

Bug bounties are the act of finding vulnerabilities in a website, this setup is initiated by organizations to encourage individuals to report potential issues identified on their sites. In exchange, the company offers a bounty, mention in their hall-of-fame list, or swag. This course includes all the necessary information needed to start earning as a bug bounty hunter.

Not sure which training program
you need ?

let us contact you now

who should attend ?

  • IT Professionals
  • Network Administrators
  • System Administrators
  • Security Professionals
  • Any information security enthusiast
  • one who wants to become penetration tester/Ethical Hacker
  • Any one who want to better understand offensive methodologies, tools, and techniques

laptop required

1. CPU 64-bit Intel having Minimum 4 cores
2. BIOS Enabled "Intel-VT"
3. USB USB 3.0 Type A port
4. RAM 16GB RAM(8GB Minimum)
5. HDD 200GB Free Space
6. Operating System Linux Compatible Laptop

course objective

  • get your hands dirty with command-line
  • setup lab and practice hacking
  • understand website Technologies and its attack vectors
  • understand network and its attack vectors
  • understand importance of OSINT in penetration testing
  • learn social engineering attacks
  • learn also post exploitation phases

prerequisites

  • Solid understanding of Web Application Technologies
  • Solid understanding of Web Application Security
  • Tools Required - Python 2.7 | Burpsuite Community OR PRO and Browser

 course curriculum 

module-1 Introduction to Bug Bounty hunting
Lorem ipsum dolor sit amet, consectetur adipisicing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
module-2 Risk of Web applications
Lorem ipsum dolor sit amet, consectetur adipisicing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
module-3 Web Server Hacking module-4 Broken authentication and session management module-5 Denial of service (DOS) module-6 Mastery on Burp suite module-7 Cross site scripting aka XSS finding and Exploitation module-8 Host Header Injection module-9 URL redirection module-10 Parameter Tampering module-11 HTML Injection module-12 File inclusion module-13 Missing SPF record module-14 Insecure Cross Origin Resource Sharing module-15 Server-Side Request Forgery aka SSRF module-16 Critical file disclosure
Lorem ipsum dolor sit amet, consectetur adipisicing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
module-17 Source code disclosure
Lorem ipsum dolor sit amet, consectetur adipisicing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
module-18 Cross site requestforgery aka CSRF
Lorem ipsum dolor sit amet, consectetur adipisicing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
module-19 Subdomain takeover
Lorem ipsum dolor sit amet, consectetur adipisicing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
module-20 Wargames/Hands-on Challenges - 20 SQL injection
Lorem ipsum dolor sit amet, consectetur adipisicing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
module-21 Remote code execution aka RCE
Lorem ipsum dolor sit amet, consectetur adipisicing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
module-22 Wargames/Hands-on Challenges - 20 File upload injection
Lorem ipsum dolor sit amet, consectetur adipisicing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
module-23 XML (Extensible Markup Language) External Entity aka XXE
Lorem ipsum dolor sit amet, consectetur adipisicing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
module-24 Wargames/Hands-on Challenges - 20 Miscellaneous
Lorem ipsum dolor sit amet, consectetur adipisicing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
.

why choose us

Latest Technology Coverage

Be it cloud security or IoT security or the use of Big Data for Security Analytics, our training programs are always being updated to cover the latest trends in cybersecurity.

Cybersecurity Industry Alignment

Our training programs are developed and vetted by hands-on practitioners who ensure that the content is closely aligned to the market needs of the cybersecurity industry.

Emphasis on Hands-on Practicals

Across all our courses, more than 90% of time is spent on practical hands-on activities designed to help participants gain confidence via assignments, hands-on exercises and labs that simulate real-world scenarios.

Flexible Delivery Models

Our trainings are available as standard courses delivered at our various branches, as well as customized programs that can be delivered on-premises or virtually.

Delivery Method

Method Duration Days Practical | Theory Ratio
Classroom Training
(Mon - Fri)
60 Hours 40 Days 8:2

Fee structure

Module Name Training(INR) Tax(18%) Total(INR)
Bug Bounty Hunting 25000 4500 29500

 take away

  • Certification : Each Participant will get a participation certificate and a training completion letter.
  • CyberTron Tool Kit : Each participant will get a toolkit containing tools used during the training, white papers, videos and other support software
  • Web Hacking 101 by Peter Yaworski
  • The Web Application Hacker's Handbook: Finding and Exploiting Security Flaws
  • Mastering Modern Web Penetration Testing - Book by Prakhar Prasad

why CyberTron training

Career guidance and support
Career guidance and support
100% placements
One-on-one Mentoring & counselling
More than 90% practical approach
Real-World Projects & Case Studies
every student will get a cookbook
Industry-driven curriculum

Live interaction with Professionals

100% placement assistance

placement assistance after course completion

Cybersecurity is a growing issue. The greater frequency of attacks and their higher sophistication require companies to utilize the services of true subject matter experts readily available to apply best practices for securing business assets.

profiles in CyberSecurity

  • information security analyst
  • security Administrator
  • penetration tester
  • security architect
  • cyber security consultant
  • malware analyst

We have a dedicated placement portal which caters to the needs of the students during placements. CyberTron conducts development sessions including mock interviews, presentation skills to prepare students to face a challenging interview situation with ease. we have over 90% placement record. And successfully assisted 150+ interviews.

pay less get more

Card image cap
Ethical Hacking
EXPLORE

INR19800 INR10900

Card image cap
BugBounty hunting
EXPLORE

INR25000 INR13500