Course curriculum

  • 1

    Day 1

    • Notes : Day -1

    • Assignment -1

    • Quiz- 1

    • September Batch - Cyber Security, VA PT and Bug Bounties, OWASP, Google Dorking, XSS and Types

    • October Batch - Cyber Security, VA PT and Bug Bounties, OWASP, Google Dorking, XSS and Types

    • November Batch - Cyber Security, VA PT and Bug Bounties, Google Dorking, XSS and Types

    • December Batch - Cyber Security, VA PT & Bug Bounties, Google Dorking, XSS and Types

    • January Batch- Cyber Security, VA PT & Bug Bounties, Google Dorking, XSS and Types

    • February Batch: Cyber Security, VA/PT & Bug Bounties, Google Dorking, XSS and Types

    • March Batch: Cyber Security, VA/PT & Bug Bounties, Google Dorking, XSS and Types
  • 2

    Day 2

    • Notes: Day 2

    • Assignment -2

    • Quiz -2

    • September Batch - Stored XSS, DOM XSS, Burpsuite Installation, Authentication Bypass techniques

    • October Batch - Stored XSS, DOM XSS, Burpsuite Installation, Authentication Bypass techniques

    • November Batch - Stored XSS, DOM XSS, Burpsuite Installation, Authentication Bypass techniques

    • December Batch- XSS Stored, XSS Dom, Burpsuite, Bugcrowd VRT, Project Discovery Bug Bounty Platform Datasets

    • January Batch- XSS Stored, XSS Dom, Burpsuite, Bugcrowd VRT, Project Discovery Bug Bounty Platform Datasets

    • February Batch- XSS Stored, XSS Dom, Burpsuite, Bugcrowd VRT, Project Discovery Bug Bounty Platform Datasets, Auth Bypass Technqiues

    • March Batch- XSS Stored, XSS Dom, Burpsuit, Bugcrowd VRT, Project Discovery Bug Bounty Platform Datasets, Auth Bypass Technqiues
  • 3

    Day 3

    • Notes: Day 3

    • Quiz - 3

    • Assignment -3

    • September Batch Auth Bypass Techniques, Open Redirect, No Rate-Limit, Open Bug Bounty, Waybackurls

    • October Batch - Auth Bypass Techniques, No Rate Limit Attacks, Open Bug Bounty, Race Conditons

    • November Batch - Auth Bypass Techniques, No Rate Limit Bypass Technquies & Subdomain Enumeration

    • December Batch: Auth Bypass Technquies, Project Discovery Datasets, Waybackurls

    • February Batch: Auth Bypass Technquies, Project Discovery Datasets, Waybackurls, No Rate Limiting

    • March Batch: Auth Bypass Technquies, Project Discovery Datasets, Waybackurls, No Rate Limiting
  • 4

    Day 4

    • Notes: Day 4

    • Assignment -4

    • Quiz -4

    • September Batch No Rate-Limit Bypass Techniques, IP Rotation, Race Conditions, CSRF, CORS, ClickJacking, EXIF data not stripped.

    • October Batch - No Rate Limit Bypass Techniques, IP Rotation, Race Conditions, CSRF, CORS, EXIF data not stripped.

    • November Batch - Open Redirect, CORS -3 Test Cases , CSRF

    • December Batch: Auth bypass Technquies, No Rate Limit, Chaos Bug Bounty Datasets, IP Rotate

    • January Batch: Auth bypass Technquies, No Rate Limit, Chaos Bug Bounty Datasets, IP Rotate

    • March Batch: Auth bypass Techniques, No Rate Limit, Chaos Bug Bounty datasets, IP Rotate
  • 5

    Day 5

    • Notes : Day 5

    • Assignment - 5

    • Quiz -5

    • September Batch: SSRF, SQL Injection, Local File Inclusion, Broken Link Hijacking

    • October Batch: SSRF, SQL Injection, Local File Inclusion, Broken Link Hijacking

    • November Batch: SQL Injection, CSRF, SSRF, Blind XSS

    • December Batch: Open Redirect, CSRF, EXIF & CORS Attacks

    • January Batch: Open Redirect, CSRF, EXIF & CORS Attacks

    • February Batch: Broken Link Hijacking, Local File Inclusion, GF Patterns, Session Hjacking, Session Fixation, SQL Injection GET & POST

    • March Batch: Broken Link Hijacking, Local File Inclusion, Gf Patterns, Session Hijacking, Session Fixation, SQL Injection GET & POST
  • 6

    Day 6

    • Notes : Day 6

    • Assignment -6

    • Quiz -6

    • September Batch: Subdomain Enumeration , Subdomain Takeovers, Censys, Shodan, Bash Automation

    • October Batch: Subdomain Enumeration , Subdomain Takeovers, Censys, Shodan, Bash Automation

    • November Batch: Clickjacking, Local File Inclusion, Session Issues, Broken Link Hijacking, HTMLi, Race conditions, IP Rotate

    • Decemeber Batch: SSRF, Reverse Whois , Visual Recon, Shodan, Censys, Clickjacking, Google Cloud free VPS

    • January Batch: SSRF, Reverse Whois , Visual Recon, Shodan, Censys, Clickjacking, Google Cloud free VPS

    • February Batch: Subdomain Enumeration Active & Passive, SSRF, Bash Automation, Visual Recon, Chaos Datasets

  • 7

    Day 7

    • Notes: Day 7

    • Assignment - 7

    • Fuzzing, Bug Bounty VPS, Tips & Tricks, Reporting Templates

    • Fuzzing with FFUF, Reverse Whois, Google Cloud Shell VPS, Pentesting Report & Templates & RCE

    • Subdomain Takeovers - Shopify, AWS, Session Fixation, Fuzzing with FFUF, Github Recon, Shodan & Censys, Mindmap, Checklist

    • December Batch: Subdomain Takeovers, Fuzzing with FFUF, SQL Injection with Sqlmap, Session Hijacking, Session Fixation, Remote Code Execution, Checklist

    • Local File Inclusion, Active Subdomain Enumeration, Robots.txt, Assetnote Wordlists

    • January Batch: Fuzzing with FFUF, Seclists, Bypass-403, kxss, Gxss, DOM XSS
  • 8

    Capstone Project

    • Capstone Project

    • Pentest Report

    • Pentesting & Bug Bounty Checklist