Course description

Many of the companies spending millions of $ to find bugs and vulnerabilities. in their web application. These companies are is really in need of Ethical Hacker like you. they want to hire for a secure there web application. According to the Report of 2018, 24 Million $ has been paid for hackers around the globe. And total 72k vulnerabilities where submitted.

What is important for taking these courses.?

I am especially concentration on your people, Empowering yourself is one of my core values. Hackers are naturally curious and My aim is to satisfy that curiosity by teaching you.

What all this you are going throughout the course?

In this course, every section has its own importance.

First and For most thing, you going to learn the top 10 owasp vulnerabilities of 2017 and upcoming.

A perfect lab setup for you. for your good practices.

Find the Different Types of vulnerabilities.

Login into the users accounts without authentication.

What happened if security is not set for user login.

Find the XSS and SQL vulnerabilities in a web application.

Browser Plugins used for Finding vulnerabilities.

manipulation of user data.

New vulnerabilities like XXE, Insecure Deserialization and more.

How did I found the vulnerabilities in web application and their reports?

Working behind the codes and Find the weak points.

For IT security you are going to learn, How to Find a loophole in Web Application.

Finally, I am really waiting for you to see what you are going to do by learning with courses.

Course curriculum

  • 1


  • 2

    SQL Injection for Web Application

    • Union Based SQL Injection

    • SQL Injection with login form Manually

    • SQL Injection in HTTP Header

    • SQL Injection for Jquery

  • 3

    Sensitive Data Exposure (Unvalidated, Forwarding, Open Redirect URL)

    • Open Redirecting of URL

    • Open Redirecting of URL Part 2

    • Unvalidated Redirecting of URL

  • 4

    Xml External Entities New 2017

  • 5

    Broken Access Control 2017 (New)

    • Broken Access Control Example

    • Admin Panel Access without Authentication

    • Introduction to broken access control

    • Introduction to IDOR

    • Bypass JavaScript and change user

    • Price Manipulation at Payment Getaway

    • Local file inclusion (LFI)

    • Local file inclusion (LFI) part 2

    • Introduction to Missing function level access control

    • Forgot to set the Secure flag for login (LIVE)

  • 6

    Authentication Session Mgt

    • Introduction to Auth and session mgnt

    • Captcha works for Authentication part 1

    • Captcha works for Authentication part 2

    • Captcha works for Authentication part 3

    • Session flaws in user login

    • Privilege Escalation

    • Bypass Authentication Burteforce

    • Bypass Authentication changing user name

    • Bypass Authentication login

    • Bypass Authentication Burteforce

  • 7

    Secure Mis-Configuration

    • Accessing Files and Directories

    • Misconfiguration of user details by SQL Injection

    • Web Tampering in url Method

    • Report of parameter tampering

    • HTTP Parameter Pollution in URL

    • SQL Injection Getting Access XML Details

    • Password guessing of User Login

  • 8

    XSS - (Cross Site Scripting Vul)

    • Live Example of XSS

    • Simple XSS injection for Get and Post Method

    • Header Information Injection

    • Evaluation method function

  • 9

    Subdomain Discovery Vul

    • Introduction to subdomain takeover

    • Enumeration of Sub-domainEthica

    • Discovery of Sub-domain Alteration and Permutation

    • Getting Sub-domains with Parallelism DNS Probes

    • Finding a CName

    • Found sub-domain service CNAME

    • Bypassing wildcard DNS Subdomains

Meet your instructor!

Sac Hackken
A beauty of ethical hacking

Hello, I'm Sac. I work on ethical hacking, organize security, windows penetration testing, Web Application Security and furthermore finding the bugs and answering to the organisations, so fundamentally we are ethical hackers.


I have a decent involvement in ethical hacking. I have gotten great criticism frame our customer since they asked how would you do these things I began making a video on moral hacking which leads them to self-finding out about ethical hacking. I  generally furnish you with up and coming information on security and ethical hacking.


I am giving you more case over security explore clarifying the hypothesis behind each technique. what's more, we will by what means these securities inquire about things can be utilized as a part of your genuine.

Take this course today!

"Bug Bounty Information Offensive Security"