Uncle Rat's Web Application Hacking and Bug Bounty Guide

$12.99
157 lessons
11.5 hours of video content

Learn advanced techniques to identify and exploit vulnerabilities in web applications,

BUY FOR $12.99 Join Networkchuck Academy

Join The Networkchuck ACADEMY

Unlock this course, plus access our library of 20+ courses and 1,200
lessons ($199 value) by joining as an Academy Member for $12/month today.

Join Networkchuck Academy

Course curriculum

1. 1. Introduction
2. 2. What you need to know about bug bounties
3. 3. A look at bug bounties from all perspectives
1. 5. The Intricacies of bug bounties
2. Quiz 1: The Intricacies of bug bounties
3. Quiz 2: Let's pick a target
1. 6. Main app methodology - Video
2. 7. Main app methodology
3. 8. Main app methodology demonstration on the owasp juice shop
4. 9. Main app methodology - Demonstrated
5. Quiz 3: Main app methodology
1. 10. Broad scope manual methodology
2. 11. Broad scope manual methodology
3. Quiz 4: Manual broad scope methodology
4. 12. Broad scope automated methodology
5. 13. Birdseye view of broad scope methodology
6. 14. Extra video: Quickly identify a target from a list of subdomains
7. Quiz 5: Broad scope automated methodology
1. 15. What exactly is CSRF and how does it happen?
2. 16. Attack techniques: CSRF
3. 17. Attack techniques: CSRF demonstration
4. 18. Attack techniques: CSRF
5. 19. Labs: CSRF basic labs
6. 20. Lab: CSRF on impactful functionality
7. 21. Solutions: CSRF on impactful functionality
8. 22. Video solution CSRF lab 5 - server does not check anything
9. Quiz 6: CSRF
1. 23. Open redirects: What are they and how abuse them
2. 24. Open redirects: What are they and how to abuse them
3. 25. Labs: Open Redirect
1. 26. JWT tokens explained
2. 27. Labs: JWT Attack techniques
3. 28. JWT Extra resources
1. 29. Captcha bypass
2. 30. Labs: Captcha bypass
3. 31. Labs: Instructions
4. 32. Extra resources
1. 33. Attack techniques - Broken Access Control
2. 34. Attack techniques - Broken Access Control
3. 35. Attack techniques - Broken Access Control - Overview
4. 36. Lab: Broken Access Control
5. 37. Solutions: Broken Access Control
6. 38. Extra resources
7. Quiz 7: Broken Access Control
1. 39. Attack techniques - IDOR By Uncle Rat
2. 40. Attack techniques - IDOR By Uncle Rat
3. Quiz 8: IDOR
4. 41. Labs: Attack techniques - IDOR By Uncle Rat
5. 42. Solutions: Attack techniques - IDOR By Uncle Rat
1. 43. Video: Attack techniques - Business logic flaws
2. 44. Article: The origin of Business logic flaws
3. 45. Attack techniques - Business logic flaws
4. 46. The origin of Business logic flaws
5. Quiz 9: Business logic flaws
6. 47. Labs: Attack techniques - Business logic flaws
7. 48. Solutions: Attack techniques - Business logic flaws
8. Assignment 1: Getting the webshop to pay you
9. 49. Extra resources
1. 50. 0 Introduction
2. 51. 1 What are File Inclusions
3. 52. 2 Finding a target
4. 53. 3 Is The Target Vulnerable
5. 54. 4 File Inclusion to RCE
6. 55. 5 Wrapper Magic
7. 56. 6 Tools Wordlists Exercises
8. 57. Excercises: Dogcat
9. 58. Excercises: Sniper
10. 59. Excercises: SKFLFI2
11. 60. Excercises: Book
12. 61. Extra resources
1. 62. 0 Intro
2. 63. 1 What are SQLi
3. 64. 2 Detecting SQLi
4. 65. 3 Types of SQLi
5. 66. 4 WAF Bypasses
6. 67. 5 SQLMap
7. 68. 6 References & Exercises
8. 69. Excercises: 1 Portswigger Simple Login Bypass
9. 70. Excercises: 2 Union Based SQLi To RCE!
10. 71. Excercises: 3 MSSQL injection to RCE
11. 72. Excercises: 4 Boolean Based SQLi
12. 73. Excercises: 5 SQLi WAF Bypass
13. 74. Excercises: 6 SQLi, XSS and XXE all in one payload
14. 75. Extra resources
1. 76. Video: Attack techniques - XXE
2. 77. Attack techniques - XXE
3. Quiz 10: XXE
4. 78. Labs: XXE
5. 79. Solution to the labs
6. 80. XXE Extra resources
1. 81. 0 Intro
2. 82. 1 What is XXE
3. 83. 2 Finding XXE attack vectors
4. 84. 3 Exploiting XXEs
5. 85. 4 WAFs and Filters
6. 86. 5 Tools and Mitigations
1. 87. What is XPATH injection and how to test for it
2. 88. Labs: XPath injection
1. 89. Video: Attack techniques - Template injections - SSTI
2. 90. Attack techniques - Template injections - SSTI
3. 91. SSTI overview
4. 92. Attack techniques - Template injections - CSTI
5. 93. Attack techniques - Template injections - CSTI
6. Quiz 11: Template Injections
1. 94. What you NEED to know about XSS
2. 95. Ultimate beginner XSS guide
3. 96. Analyzing JS files
4. 97. Analyzing JS files
5. Quiz 12: Analyzing JS files
6. 98. Advanced XSS Testing
7. 99. How to test for reflected XSS
8. 100. How to test for stored XSS
9. 101. What is DOM XSS
10. 102. Labs: Reflected XSS
11. 103. Solutions: Reflected XSS
12. 104. Lab: Stored XSS
13. 105. Solutions: Stored XSS
14. 106. Cheat sheet: XSS
15. 107. Labs: User submitted reflected XSS
1. 108. Lecture: Insecure deserilisation is not as hard as you may think
2. 109. Insecure deserilisation
3. Quiz 13: insecure deserilisation
1. 110. What is CSP?
2. 111. CSP Labs
3. 112. Solutions: CSP Labs
4. Assignment 2: Let's build some CSP
1. 113. Attack techniques - SSRF
2. 114. SSRF
3. 115. Extra video: Blind SSRF, what is it and how to exploit it
4. Quiz 14: SSRF
1. 116. Attack techniques - OS Command injection
2. 117. Attack techniques - OS Command injection
1. 118. Video: Attack techniques - WAF evasion techniques
1. 119. HTTP Parameter pollution
1. 120. API hacking with postman Part 1 - getting the basics down
2. 121. API hacking with postman Part 2 - importing the API description
3. 122. API hacking with postman Part 3 Pre-request scripts, tests and console
4. 123. API hacking with postman Part 4 - Getting dirty with data sources
1. 124. Let's build some APIs that we can hack!
2. 125. Let's build an API to hack - Part 1: The basics
3. 126. Let's build an API to hack - Part 2: Faking it before breaking it
4. 127. Let's build an API to hack - Part 3: Information disclosure
1. 128. Full guide on How Burp Suite works
2. 129. Burp suite zero to hero
3. 130. My Top 10 Burp Suite extensions
4. 131. Authorize for automating IDORs and BAC
5. 132. The truth about XSS scanners ... do they work or not?
1. 133. Testing for SQLi with burp suite
2. 134. Testing for IDORs with Burp Suite
3. 135. Testing websockets in burp
4. 136. Testing a 2FA bypass in burp
1. 137. Reporting
1. 138. Next steps
2. 139. Uncle Rat's Recommended public bug bounty targets
1. 140. There are 5 issues in here, can you find them all? - easy
2. 141. CheesyLabs solutions
1. 142. How to enter the master labs

Join NetworkChuck Academy

NetworkChuck
Academy Perks

$12

Monthly Membership
20+ on-demand courses at your fingertips

Over 1,300 educational lessons

200+ hours of expert content

Exclusive community chat forum
ENROLL FOR $12/MO
$120 ($10/mo)

Annual Membership
20+ on-demand courses at your fingertips

Over 1,300 educational lessons

200+ hours of expert content

Exclusive community chat forum

Special perks coming soon
Enroll for $120/Year

Uncle Rat's Web Application Hacking and Bug Bounty Guide

Join The Networkchuck ACADEMY

Course curriculum

Section 1: Introduction

Section 2: The Intricacies of Bug Bounties

Section 3: Main App Methodology

Section 4: Broad Scope Methodology

Section 5: Attack Techniques: CSRF

Section 6: Attack Technique: Open Redirect

Section 7: Attack Technique: Intro to JWT

Section 8: Attack Techniques: CAPTCHA Bypass

Section 9: Attack Techniques - Broken Access Control

Section 10: Attack Techniques: IDOR by Uncle Rat

Section 11: Attack Techniques - Business Logic flaws

Section 12: Attack Techniques- File Inclusions by PinkDraconian

Section 13: Attack Techniques - SQLi by PinkDraconian

Section 14: Attack Techniques - XXE

Section 15: XXE According to OWASP (optional)

Section 16: Attack Techniques - Xpath Injection

Section 17: Attack Techniques - Template Injections

Section 18: Attack Techniques - XSS

Section 19: Attack Techniques: Insecure Deserilisation

Section 20: CSP - Content security protection AKA why is my JS not executing?

Section 21: Attack Techniques - SSRF

Section 22: Attach Techniques - OS command Injection

Section 23: Attack Techniques - WAF Evasion Technique

Section 24: Attack Techniques - HTTP Parameter Pollution

Section 25: Using Postman to Hack APIs

Section 26: Practice: Let's Build Some APIs to hack

Section 27: Tools

Section 28: Burp Suite Practical Examples

Section 29: Reporting

Section 30: What Now?

Section 31: CheesyLabs

Section 32: Master Labs

NetworkChuck
Academy Perks

$12

$120 ($10/mo)