May 2023
Beginner to intermediate
6h 55m
English
Closed Captioning available in English
Overview
Learn the essential tools and techniques for hunting and exploiting vulnerabilities in web and Android applications. Equip yourself with the knowledge and skills to find and responsibly disclose vulnerabilities to companies, gaining rewards through existing bug bounty programs. Master the best practices of ethical hacking to detect bugs and improve security.
This comprehensive, seven-hour course covers three key areas:
Fundamentals of OWASP Top 10 Vulnerabilities
We start the course with a look at the most common vulnerabilities currently present in web applications. The OWASP Top Ten, from the Open Web Application Security Project, helps bug bounty hunters to know what to look for in penetration tests. We break down these vulnerabilities and demonstrate what to look for in order to detect them.
Kali Linux and Web Application Hacking
Web applications are currently some of the most common targets for bug bounties, so we’ll see how to create meaningful attacks against them. We’ll use Kali Linux tools, which are popular with both attackers and the defenders trying to secure web apps against those attacks. We’ll work with Nmap, SQLmap, Commix, Wfuzz, Metasploit, and many other tools to gather information about targets and launch attacks to expose their vulnerabilities.
Foundations of Hacking and Penetration Testing Android Apps
Most companies now have apps that are included in bug bounty programs. Learning how to scan and exploit these apps can often be a lucrative way to gain bounties. Given the new focus on application development, apps make a great target for bug bounties.
Distributed by Manning Publications
This course was created independently by Scott Cosentino and is distributed by Manning through our exclusive liveVideo platform.
About the Technology
About the Video
What's Inside
- Vulnerability Detection
- OWASP Top Ten vulnerabilities
- Kali Linux tools for gathering information, vulnerability analysis, and web app analysis
- Injection Vulnerabilities
- Android hacking and penetration testing
- Bug-hunting tips
About the Reader
Basic knowledge of Linux and programming
About the Author
Scott Cosentino is a developer and teacher who works primarily in software development and computer security. He is passionate about teaching and has inspired students in large classes, one-on-one, and online video courses. He believes mathematics and computer science can be approachable and fun, and tailors his courses to be easy to comprehend, with exploration of the what, why, and how of every topic. Because computer science and programming topics are not spectator sports, he provides many examples and practice problems for students to learn and practice.
Quotes
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Watch now
Unlock full access
More than 5,000 organizations count on O’Reilly
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.Julian F.
I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.Addison B.
I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.Amir M.
I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.