Description
This course is fully made for website reconnaissance for bug bounty hunters, penetration testers & ethical hackers. This is a intermediate level course all the topics are discussed here regarding recon on websites.
Some of the topics are what is reconnaissance, what is recon , recon for bug bounty hunters and penetration testers, Subdomain enumeration, URL enumeration, parameter bruteforcing, Creating your own recon tools and many more…
This course is fully focused on website recon and vulnerability assessment.
There will be full methodology of website reconnaissance, bug bounty hunting, penetration testing. The videos are divided into small sections for the students to learn.
All the resources are provided in the resource section including links, pdf, payloads that are used in course.
Course Curriculum :
Introduction
Introduction to recon
Subdomain enumeration from tools
Subdomain enumeration #1
Subdomain enumeration #2
Subdomain enumeration #3
Subdomain enumeration #4
Subdomain bruteforcing
Filtering unique domains
Subdomain generator
Subdomain enumeration from websites
Subdomain enumeration from website #1
Subdomain enumeration from website #2
Subdomain enumeration from website #3
Subdomain enumeration from website #4
Filtering live domains
Filtering live domains
URL extraction from the internet
URL extraction from the internet #1
URL extraction from the internet #2
Finding parameters
Finding parameters
Parameter bruteforcer
Finding URL from past
URL from past
Sorting urls
Sorting url for vulnerabilities
Automation for replacing parameters with Payloads
Automation for replacing parameters with Payloads
Footprinting websites ( Website recon )
Whatweb recon
Netcraft
Security headers
Dnsdumpmaster
Whois recon
Mxtoolbox
OSINT
Maltego
Browser addons for recon
wappalyzer
retire.js
shodan
Knoxx
Hack-tools addon
WAF idetification
WAF identification
Subdomain takeover
HostileSubBruteForcer
Sub404
Subjack
Fuzzing (Content-Discovery)
dirb
ffuf
Port scanning
Introduction to nmap
Port specification in nmap
Service and version detection from nmap
Firewall bypass technique
Fast port scanning
nabbu
masscan
Visual recon
Gowitness
Google dorking
Introduction to google dorking
Understnding the URL structure
Syntax of google dorking
Google dorking operators
Google search operators ( Part – 1 )
Google search operators ( Part – 2 )
Google dorking practical
Introduction to practical google dorking
How to find directory listing vulnerabilities ?
How to dork for wordpress plugins and thems ?
How to dork for web servers versions ?
How to dork for application generated system reports ?
Dorking for SQLi
Reading materials for google dorking
Tips for advance google dorking
Tip #1
Tip #2
Tip #3
Shodan dorking
Intro to shodan dorking
Shodan web interface
Shodan search filters
Shodan dorking practical
Finding server
Finding fIles and directories
Finding operating systems
Finding compromised devices and websites
Shodan command line
Introduction to shodan command line
Practical shodan in command line
Github dorking
Introduction to github dorking
Github dorking practical
Vulnerability scanning
Nuclei
Wp-Scan
Scanning with burpsuite
Metasploit for recon
DNS recon using metasploit
Sub-domain enumeration using metasploit
E-mail address finding
Port scanning using metasploit
TCP SYN port scan using metasploit
SSH version detection
FTP version enumeration
MySQL version detection
HTTP enumeration
Payloads for bug bounty hunters
Payloads for bug hunters and enetration testers
How to create tools for recon ?
SSRF finder tool
XSS finding too
URL extractor from javascript files
Full website recon tool
Bonus
Bonus video
Thank you
Vivek Pandit
Who this course is for:
Bug bounty hunters, penetration testers, ethical hackers and etc.
Requirements
Basic knowledge of linux is required
Basic knowledge of vulnerabilities
Last Updated 1/2023