Uncle Rat's Web Application Hacking And Bug Bounty Guide
- Description
- Curriculum
- FAQ
- Reviews
SUDO
I can not promise this course will find you bugs. I can promise I will leave you with a solid methodology that’s netted me a few nice extra monthly salaries. This method is not guaranteed to work for you. You will need to be adept. You will need to work.
If any course promises you that they WILL find you bugs, run as fast as you can.
WHOAMI
My name is uncle rat and i am here to help you take the next step. I am not here to hold your hand, I am here to push you over the edge. You’ve been practicing on practice platforms for long enough now, don’t you think? It’s time.
I will provide you with a solid methodology to build upon. I don’t want you to follow in my footsteps, I want you to write your own legend. This is after all the place where legends are born.
Every chapter has at least a video file with slides to download and where applicable a full-text PDF with extra information. All extra’s like cheat sheets are separately downloadable for your comfort.
– The XSS Rat
CAT ‘goals.txt’
I can hack, but i can only hack one target at a time. My passion is teaching so why not hit two birds with one stone?
I created this course because i strongly believe that if i hack 1 target i am just me but if i train 1000 hackers, we are an army.
This is my goal, I want to make the internet a safer place but I can’t do it alone.
-
1IntroductionVideo lesson
Bug bounties can be quite a strange topic. There are a couple of things you need to know so let's talk about them.
-
2What you need to know about bug bounties - VideoVideo lesson
-
3A look at bug bounties from all perspectivesVideo lesson
-
4Discord invite linkText lesson
-
13Broad scope manual methodology - VideoVideo lesson
-
14Broad scope manual methodologyText lesson
-
15Quiz: Manual broad scope methodologyQuiz
-
16Broad scope automated methodology - videoVideo lesson
-
17Birdseye view of broad scope methodologyText lesson
-
18Extra video: Quickly identify a target from a list of subdomainsVideo lesson
-
19Quiz: Broad scope automated methodologyQuiz
-
20What exactly is CSRF and how does it happen?Video lesson
-
21Attack techniques: CSRF - VideoVideo lesson
-
22Attack techniques: CSRF demonstration - videoVideo lesson
-
23Quiz: CSRFQuiz
-
24Attack techniques: CSRFText lesson
-
25Labs: CSRF basic labsText lesson
You can open the 0.php to begin with but that should not vulnerable
Start with the next challenge on the list (can be anything from 01.php to 10.php) The instructions are on the page
http://hackxpert.com/CSRF/
-
26Lab: CSRF on impactful functionalityText lesson
-
27Solutions: CSRF on impactful functionalityText lesson
-
28Video solution CSRF lab 5 - server does not check anythingVideo lesson
-
29Video solution: Creation a CSRF PoCVideo lesson
-
36Captcha bypassVideo lesson
-
37Labs: Captcha bypassText lesson
-
38Labs: InstructionsText lesson
The first few labs will have what i call "naked" issues, meaning it's just that functionality and nothing else.
The next labs you will find will have that functionality hidden among all other functionality to make it more bug bounty like. You might have to find other issues such as easy to guess credentials first.
More info at [email protected]
-
39Extra resourcesText lesson
-
40Attack techniques - Broken Access Control - videoVideo lesson
-
41Attack techniques - Broken Access ControlText lesson
-
42Attack techniques - Broken Access Control - OverviewText lesson
-
43Quiz: Broken Access ControlQuiz
-
44Lab: Broken Access ControlText lesson
-
45Solutions: Broken Access ControlText lesson
-
46Extra resourcesText lesson
-
52Video: Attack techniques - Business logic flawsVideo lesson
-
53Article: The origin of Business logic flawsText lesson
-
54Attack techniques - Business logic flawsText lesson
-
55The origin of Business logic flawsVideo lesson
-
56Quiz: Business logic flawsQuiz
-
57Labs: Attack techniques - Business logic flawsText lesson
-
58Solutions: Attack techniques - Business logic flawsText lesson
-
59Labs: Business logic issuesText lesson
-
60Extra resourcesText lesson
-
610 IntroductionVideo lesson
-
621 What are File InclusionsVideo lesson
-
632 Finding a targetVideo lesson
-
643 Is The Target VulnerableVideo lesson
-
654 File Inclusion to RCEVideo lesson
-
665 Wrapper MagicVideo lesson
-
676 Tools Wordlists ExercisesVideo lesson
-
68Excercises: DogcatVideo lesson
-
69Excercises: SniperVideo lesson
-
70Excercises: SKFLFI2Video lesson
-
71Excercises: BookVideo lesson
-
72Extra resourcesText lesson
-
730 IntroVideo lesson
-
741 What are SQLiVideo lesson
-
752 Detecting SQLiVideo lesson
-
763 Types of SQLiVideo lesson
-
774 WAF BypassesVideo lesson
-
785 SQLMapVideo lesson
-
796 References & ExercisesVideo lesson
-
80Excercises: 1 Portswigger Simple Login BypassVideo lesson
-
81Excercises: 2 Union Based SQLi To RCE!Video lesson
-
82Excercises: 3 MSSQL injection to RCEVideo lesson
-
83Excercises: 4 Boolean Based SQLiVideo lesson
-
84Excercises: 5 SQLi WAF BypassVideo lesson
-
85Excercises: 6 SQLi, XSS and XXE all in one payloadVideo lesson
-
86Extra resourcesText lesson

External Links May Contain Affiliate Links read more