Jhaddix – The Bug Hunter’s Methodology Live Course (2023)


Jhaddix – The Bug Hunter’s Methodology Live Course (2023)
English | Size: 5.41 GB
Genre: eLearning

Full syllabus:

Day 1 – Recon
Recon Part 1: Recon Concepts

Introduction to Recon

Recon Part 2: Acquisitions and Domains

Scope

Shodan

ASN Analysis

Crunchbase ++

ReconGTP

Reverse WHOIS

Certificate Analysis

Add and Analytics Relationships

Supply chain investigation and SaaS

Google-fu (trademark & Priv Pol)

TLDs Scanning

0365 Enumeration for Apex Domains

Recon Part 3: Subdomain Enumeration

Subdomain Scraping (all the best sources and why to use them)

Security Trails + Netlas

Brute force

Wildcards

Permutation Scanning

Linked Discovery

Wordlists

Advantageous Subs (WAF bypass – Origins)

Favicon analysis

Sub sub domains

Esoteric techniques

Dnssec / nsec / nsec3 walking

Recon Part 4: Server & App Level Analysis

Port Scanning

Service Bruteforce

Tech Stack

Screenshotting

Recon Part 5: Profiling People for Social Engineering

Linkedin (people, tech)

Hunter.io

Hiring Sites

Recon Part 6: Recon Adjacent Vulnerability Analysis

CVE scanners vs Dynamic Analysis

Subtakover

S3 buckets

Quick Hits (swagger, .git, configs, panel analysis)

Recon Part 7: Recon Frameworks and Helpers

Frameworks

Understanding your framework

Tips for success (keys)

Distribution and Stealth

Day 2 – Application Analysis
Application Analysis Part 1: Analysis Concepts

Indented usage (not holistic, contextual)

Analysis Layers

Application Layers as related to success.

Tech profiling

The Big Questions

Change monitoring

Application Analysis Part 2: Vulnerability Automation

More on CVE and Dynamic Scanners

Dependencies

Early running so you can focus on manual.

Secrets of automation kings

Application Analysis Part 3: Content Discovery

Intro to CD (walking, brute/fuzz, historical, JS, spider, mobile, params)

Importance of walking the app

Bruteforce Tooling

Bruteforce Tooling Lists: based on tech

Bruteforce Tooling Lists: make your own (from-install, dockerhub, trials, from word analysis)

Bruteforce Tooling Lists: generic/big

Bruteforce Tooling Lists: quick configs

Bruteforce Tooling Lists: API

Bruteforce Tooling Tips: Recursion

Bruteforce Tooling Tips: sub as path

Bruteforce Tooling Tips: 403 bypass

Historical Content Discovery

Newschool JavaScript Analysis

Spidering

Mobile Content Discovery

Parameter Content Discovery

Application Analysis Part 4: The Big Questions

How does the app pass data?

How/where does the app talk about users?

Does the site have multi-tenancy or user levels?

Does the site have a unique threat model?

Abuse Primitives

Has there been past security research & vulns?

How does the app handle common vuln classes?

Where does the app store data?

Application Analysis Part 5: Application Heat Mapping

Common Issue Place: Upload functions

Common Issue Place: Content type multipart-form

Common Issue Place: Content type XML / JSON

Common Issue Place: Account section and integrations

Common Issue Place: Errors

Common Issue Place: Paths/URLs passed in parameters

Common Issues Place: chatbots

Application Analysis Part 6: Web Fuzzing & Analyzing Fuzzing Results

Parameters and Paths (generic fuzzing)

Reducing Similar URLs

Dynamic only fuzzing

Fuzzing resources SSWLR – “Sensitive Secrets Were Leaked Recently”

Backslash powered Scanner

Application Analysis Part 7: Introduction to Vulnerability Types

Indented usage (not holistic. Tips and Contextual)

Covered vulns and why

Application Analysis Part 8: XSS Tips and Tricks

Stored and Reflected

Polyglots

Blind

DOM

Common Parameters

Automation and Tools

Application Analysis Part 9: IDOR Tips and Tricks

IDOR, Access, Authorization, MLAC, Direct browsing Business logic, parameter manipulation

Numeric IDOR

Identifying user tokens GUID IDOR

Common Parameters

Application Analysis Part 10: SSRF Tips and Tricks

SSRF intro

schemas

Alternate IP encoding

Common Parameters

Application Analysis Part 11: XXE

Common areas of exploitation

Payloads

Common Parameters

Application Analysis Part 12: File Upload Vulnerabilities Tips and Tricks

Common bypasses

Common Parameters

Application Analysis Part 13: SQL Injection Tips and Tricks

Manual Identification

SQLmap tamper

Common Parameters

Application Analysis Part 14: Command Injection Tips and Tricks

Common Parameters

Application Analysis Part 15: COTS and Framework Scanning

Default Creds

CMS’s WordPress + Adobe Experience Manager

Others

Application Analysis Part 16: Bypass of security controls

Subdomains where controls are not applied

Origins

TLDs (.jp, .uk, .xx)

Red Team Analysis
Red Teaming Analysis Part 1: Initial Access Primer

Phishing Tips and Tricks

Threat Intel + Levels

Credential Stuffing

Open discussion of C2

SaaS

Cloud

Red Teaming Analysis Part 2: Post Initial Access

Open Discussion of common internal methods to succeed

Attendees should have:

Burp Suite (PRO preferably), VM or equivalent access to *nix command line.

Pre-requisites for attendees: General Web application and network security testing knowledge required. Some topics will assume some knowledge of OWASP Top Ten type vulnerabilities and previous experience.

A full list of tools needed will be posted in the class discord before class.

DOWNLOAD FROM RAPIDGATOR

rapidgator.net/file/4716d50b991f09ba386cf7774318ddf7/Bug-Hunters-Methodology.part1.rar.html
rapidgator.net/file/6bdd89e71c9650f41266ceafc84224e5/Bug-Hunters-Methodology.part2.rar.html
rapidgator.net/file/c34ea49c53a7f394450b565ed6a1b7c6/Bug-Hunters-Methodology.part3.rar.html
rapidgator.net/file/310e43e477b5ffb8081402333f9b0131/Bug-Hunters-Methodology.part4.rar.html
rapidgator.net/file/bf96ae291309d1292302fe9ed4fea227/Bug-Hunters-Methodology.part5.rar.html
rapidgator.net/file/677c9de7eb71754f089569078b2bc3d1/Bug-Hunters-Methodology.part6.rar.html

DOWNLOAD FROM TURBOBIT

trbbt.net/dd9mo4zybk7m/Bug-Hunters-Methodology.part1.rar.html
trbbt.net/lgslshsy365i/Bug-Hunters-Methodology.part2.rar.html
trbbt.net/7okuczbw8ar3/Bug-Hunters-Methodology.part3.rar.html
trbbt.net/s436aq0ir87j/Bug-Hunters-Methodology.part4.rar.html
trbbt.net/4h23f5aivial/Bug-Hunters-Methodology.part5.rar.html
trbbt.net/gld9um7tk7a0/Bug-Hunters-Methodology.part6.rar.html

If any links die or problem unrar, send request to
forms.gle/e557HbjJ5vatekDV9

Leave a Comment