Ethical hacking and pentesting guide

4.3

Learners: 6,208

Instructor: Wesley ThijsBrian McGee

Duration:

This course is perfect for beginner bug bounty hunters who want to learn ethical hacking and pentesting. Uncle Rat, an experienced pen-tester, will provide a solid methodology to build upon and help you take the next step. Learn the basics of networking, the web, and hacking, OSCP based enumeration techniques, API testing, mobile testing, web application testing and more. Download video files, slides and extra cheat sheets to help you write your own legend. ▼▲

Course Feature Course Overview Pros & Cons Course Provider Discussion and Reviews

Go to class

Course Feature

Cost:

Paid

Provider:

Udemy

Certificate:

Paid Certification

Language:

English

Start Date:

2022-02-20

Course Overview

❗The content presented here is sourced directly from Udemy platform. For comprehensive course details, including enrollment information, simply click on the 'Go to class' link on our website.

Updated in [July 17th, 2023]

This course, Ethical Hacking and Pentesting Guide, is designed to provide students with a solid methodology and mindset to become successful bug bounty hunters. Uncle Rat, the instructor, will provide students with the basics of networking, the web, and hacking, as well as OSCP based enumeration techniques and an attack plan for foothold and priv esc. Additionally, students will learn about API testing, mobile testing, and web application testing. Each chapter will include a video file with slides to download and, where applicable, a full text PDF with extra information. All extra materials, such as cheat sheets, will be available for download. This course is suitable for beginner bug bounty hunters, experienced pen-testers looking to get into bug bounties, and companies training their cybersecurity staff.

Course Syllabus

00x00 Syllabus

0x01 - Introduction

0x02 -Networking And Web Application basics

0x03 - Tools

0x04 Passive information gathering

00x05 Getting a foothold

00x06 Priviledge escalation

0x07 Vulnerability scanning

0x08 -Buffer overflows

0x09 Burp suite (Large section)

00x10-00 Introduction to JWT hacking

00x10-01 Open redirects

00x10-02 CSRF

00x10-03 Broken Access Control

00x10-04 IDOR

00x10-05 Business logic flaws

00x10-06 XXE

00x10-07 Template injections

00x10-08 XSS

00x10-09 Insecure deserilisation

00x10-10 Captcha bypasses

00x10-11 SSRF

00x10 OS Command Injection

00x10 SQLi

00x10/11 - 11 (Admin) Login pages

00x10-12 Introduction to JWT hacking

00x11-1 Broad scope web application methodology - General methodology

00x11-2 Broad scope web application methodology - Manual hacking

00x11-3 Broad scope web application methodology - Vulnerability scanning

00x11-4 Broad scope web application methodology - Practical methodology

00x11-5 Broad scope web application methodology - Extra's

0x12 API testing

00x12 OWASP API TOP 10

0x13 Mobile hacking

00x13 Mobile hacking - Setting up an android lab

0x16 -Password attacks

Extras

French translation

Pros & Cons

Pros Cons

Comprehensive content: Users appreciate that the course includes a majority of the instructor's other courses, providing a comprehensive learning experience.
Valuable principles and knowledge: Several users mention that they have gained good principles and knowledge on hacking, indicating that the course delivers valuable content.

Audio and visual improvements needed: Some users suggest that the audio should be reworked and the text on the terminal or page should be made larger for better readability.
Mixed quality and relevance of content: One user expresses disappointment, stating that a significant portion of the course consists of videos pulled from YouTube, and some of the taught techniques do not work on their Linux system. This suggests that the course may have inconsistent quality and relevance in its content.