Practical Bug Bounty Course Launch
Key Takeaways
The Cyber Mentor launches a Practical Bug Bounty Course, covering topics such as penetration testing, security consulting, and bug bounty hunting, with resources including Intigriti's Program and The Cyber Mentor's academy and certifications.
Full Transcript
what's up everybody I'm very excited to announce a new course that we are launching at TCM Security in partnership with Integrity the course is called practical bug Bounty and it is for anybody that is interested in web application security or bug bounty hunting which focuses a lot of the time on web applications if I just scroll down a little bit to the curriculum you get some really awesome training here and it is made for everybody there's 9 and 1 half hours here and we start out very basic we say hey what's web applications security what is the best practices here what's the difference between bug bounty hunting and a penetration test and we go through and just do a little bit at a time kind of getting your feet wet getting you introduced to web application Technologies and the cool thing is we've got this lab here you've got a custom lab for all the training so all this is unique never seen before anywhere else and we go through hey how do you do reconnaissance and then we get into our attacks all kinds of attacks here what are Brute Force attacks how do we attack multiactor authentication what are ey doors what's broken Access Control what are injection attacks and oh my gosh how many injection attacks are there there squel injection cross- side scripting ssti xxe file upload attacks and we cover all of that we talk about automated tools and scanners how do you use those what's the concept how do we automate some of our things we go into scripting a little bit we talk about other vulnerabilities that you're going to see like csrf and ssrf which is awesome subdomain takeovers open redirects all the fun stuff now this would not be a complete course if we did not also include how to actually report these things so how do we write a pentest report how do we disclose to a VDP or vulnerability disclosure program how do we write a bug Bounty report how do we communicate with clients and triers and the cool thing about this course is it's not just TCM security made we are partnered with Integrity on this so we've got course content not just from myself but from Alex olon on our team and Jonah Burgess who is cryptocat on YouTube if you've never seen him before he does a lot of great content and he does a lot of great content for integrity as well so to actually see from their perspective especially from a bug Bounty platform hey what mistakes are people making how do you not make those same mistakes how do you get invited to programs and do better as a bug Bounty Hunter we've got you all covered with this now the cool thing at the very end when you complete this course you get your certificate of completion you can upload that certific ific of completion to your integrity bug Bounty profile and if you do that it increases your chances of getting invited to a private program if you're not familiar bug buny programs have public programs and private programs private programs make up 90% of the programs on a bug Bounty platform so if you're only looking at 10% of the programs you're really selling yourself short and private programs have a limited amount of hackers not everybody can access them so you have greater access better chances better odds at Landing a bug through these platforms so if you come through and you show that hey I've got this skill set I'm able to do this course I've learned a lot let me upload my certificate maybe you've written a blog or something about it you upload that as well you have greater chances not 100% guarantee but significantly greater chances of getting invited to a private program which is where all the platforms are at right 90% of the platforms are hidden in private so that is an awesome benefit there are no other courses that are like this in my opinion out there right now this is a great collaboration between TCM security and integrity and I highly highly recommend checking it out I will leave a link in the description below both to the course and to Integrity please do consider signing up for integrity even if you don't do the course sign up for integrity it's a great platform it's free it's a great way to earn money side income whatever it might be if you got some extra time you want to learn how to hack fantastic platform as well so that is it very short video just wanted to cover this new course launch very excited about it if you want to hear more detail there's also a live stream from Monday this video is being released on Wednesday so if you just look 2 days back currently from this video you'll see a live stream that we did that covers this answers any additional questions from the audience all that stuff if you just want to find out a little bit more about the course plus it has Jonah and has inie who are awesome people on the stream along with Alex and myself so that's it for the video hopefully you find this useful and until the next video peace out
Original Description
You can check the course out here: https://www.tcm.rocks/PracticalBugBounty
You can sign up for Intigriti's Program here: https://www.tcm.rocks/IntigritiSignUp
Pentests & Security Consulting: https://tcm-sec.com
Get Trained: https://academy.tcm-sec.com
Get Certified: https://certifications.tcm-sec.com
Merch: https://merch.tcm-sec.com
Sponsorship Inquiries: info@thecybermentor.com
📱Social Media📱
___________________________________________
Twitter: https://twitter.com/thecybermentor
Twitch: https://www.twitch.tv/thecybermentor
Instagram: https://instagram.com/thecybermentor
LinkedIn: https://www.linkedin.com/in/heathadams
TikTok: https://tiktok.com/@thecybermentor
Discord: https://discord.gg/tcm
💸Donate💸
___________________________________________
Like the channel? Please consider supporting me on Patreon:
https://www.patreon.com/thecybermentor
Support the stream (one-time): https://streamlabs.com/thecybermentor
Hacker Books:
Penetration Testing: A Hands-On Introduction to Hacking: https://amzn.to/31GN7iX
The Hacker Playbook 3: https://amzn.to/34XkIY2
Hacking: The Art of Exploitation: https://amzn.to/2VchDyL
The Web Application Hacker's Handbook: https://amzn.to/30Fj21S
Real-World Bug Hunting: A Field Guide to Web Hacking: https://amzn.to/2V9srOe
Social Engineering: The Science of Human Hacking: https://amzn.to/31HAmVx
Linux Basics for Hackers: https://amzn.to/34WvcXP
Python Crash Course, 2nd Edition: https://amzn.to/30gINu0
Violent Python: https://amzn.to/2QoGoJn
Black Hat Python: https://amzn.to/2V9GpQk
My Build:
lg 32gk850g-b 32" Gaming Monitor:https://amzn.to/30C0qzV
darkFlash Phantom Black ATX Mid-Tower Case: https://amzn.to/30d1UW1
EVGA 2080TI: https://amzn.to/30d2lj7
MSI Z390 MotherBoard: https://amzn.to/30eu5TL
Intel 9700K: https://amzn.to/2M7hM2p
G.SKILL 32GB DDR4 RAM: https://amzn.to/2M638Zb
Razer Nommo Chroma Speakers: https://amzn.to/30bWjiK
Razer BlackWidow Chroma Keyboard: https://amzn.to/2V7A0or
CORSAIR Pro RBG Gaming Mouse: https://amzn.to/30
Watch on YouTube ↗
(saves to browser)
Sign in to unlock AI tutor explanation · ⚡30
Playlist
Uploads from The Cyber Mentor · The Cyber Mentor · 0 of 60
← Previous
Next →
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
Buffer Overflows Made Easy - Part 1: Introduction
The Cyber Mentor
Buffer Overflows Made Easy - Part 2: Spiking
The Cyber Mentor
Buffer Overflows Made Easy - Part 3: Fuzzing
The Cyber Mentor
Buffer Overflows Made Easy - Part 4: Finding the Offset
The Cyber Mentor
Buffer Overflows Made Easy - Part 5: Overwriting the EIP
The Cyber Mentor
Buffer Overflows Made Easy - Part 6: Finding Bad Characters
The Cyber Mentor
Buffer Overflows Made Easy - Part 7: Finding the Right Module
The Cyber Mentor
Buffer Overflows Made Easy - Part 8: Generating Shellcode and Gaining Shells
The Cyber Mentor
HackTheBox - Sunday Walkthrough (Re-Up)
The Cyber Mentor
Networking for Ethical Hackers - TCP, UDP, and the Three-Way Handshake (Re-Up)
The Cyber Mentor
Networking for Ethical Hackers - Network Subnetting (Re-Up)
The Cyber Mentor
Networking for Ethical Hackers - Network Subnetting Part 2: The Challenge (Re-Up)
The Cyber Mentor
Networking for Ethical Hackers - Building A Basic Network with Cisco Packet Tracer (Re-Up)
The Cyber Mentor
HackTheBox - Fighter Walkthrough (Re-Up)
The Cyber Mentor
Beginner Linux for Ethical Hackers - Navigating the File System
The Cyber Mentor
Beginner Linux for Ethical Hackers - Users and Privileges
The Cyber Mentor
Beginner Linux for Ethical Hackers - Common Network Commands
The Cyber Mentor
Beginner Linux for Ethical Hackers - Viewing, Creating, and Editing Files
The Cyber Mentor
Beginner Linux for Ethical Hackers - Controlling Kali Services
The Cyber Mentor
Beginner Linux for Ethical Hackers - Scripting with Bash
The Cyber Mentor
Beginner Linux for Ethical Hackers - Installing and Updating Tools
The Cyber Mentor
Cracking Linux Password Hashes with Hashcat
The Cyber Mentor
Reminder: Twitch Hacking Live Stream Tonight! 2/26/19 at 8PM EST
The Cyber Mentor
Hacking Live Stream: Episode 1 - Kioptrix Level 1, HackTheBox Jerry, and Career Q&A / AMA
The Cyber Mentor
Hacking Live Stream: Episode 2 - HackTheBox Active, Vulnserver Buffer Overflow, and Career Q&A / AMA
The Cyber Mentor
Hacking Live Stream: Episode 3 - Hack The Box Blue, Devel, and Career Q&A / AMA
The Cyber Mentor
New Zero to Hero Pentest Course, New Website, and 2K Subs?!
The Cyber Mentor
Zero to Hero Pentesting: Episode 1 - Course Introduction, Notekeeping, Introductory Linux, and AMA
The Cyber Mentor
Zero to Hero Pentesting: Episode 2 - Python 101
The Cyber Mentor
Zero to Hero Pentesting: Episode 3 - Python 102, Building a Terrible Port Scanner, and a Giveaway
The Cyber Mentor
Zero to Hero Pentesting: Episode 4 - Five Phases of Hacking + Passive OSINT
The Cyber Mentor
Zero to Hero Pentesting: Episode 5 - Scanning Tools (Nmap, Nessus, BurpSuite, etc.) & Tactics
The Cyber Mentor
Zero to Hero Pentesting: Episode 6 - Enumeration (Kioptrix & Hack The Box)
The Cyber Mentor
Zero to Hero Pentesting: Episode 7 - Exploitation, Shells, and Some Credential Stuffing
The Cyber Mentor
Installing Windows Server 2016 on VMWare in 5 Minutes
The Cyber Mentor
Zero to Hero: Week 8 - Building an AD Lab, LLMNR Poisoning, and NTLMv2 Cracking with Hashcat
The Cyber Mentor
A Day in the Life of an Ethical Hacker / Penetration Tester
The Cyber Mentor
Active Directory Exploitation - LLMNR/NBT-NS Poisoning
The Cyber Mentor
Zero to Hero: Week 9 - NTLM Relay, Token Impersonation, Pass the Hash, PsExec, and more
The Cyber Mentor
Zero to Hero: Episode 10 - MS17-010/EternalBlue, GPP/cPasswords, and Kerberoasting
The Cyber Mentor
Writing a Pentest Report
The Cyber Mentor
Zero to Hero: Week 11 - File Transfers, Pivoting, and Reporting Writing
The Cyber Mentor
The Complete Linux for Ethical Hackers Course for 2019
The Cyber Mentor
Full Ethical Hacking Course - Beginner Network Penetration Testing (2019)
The Cyber Mentor
Popping a Shell with SMB Relay and Empire
The Cyber Mentor
Pentesting for n00bs: Episode 1 - Legacy (hackthebox)
The Cyber Mentor
Pentesting for n00bs: Episode 2 - Lame
The Cyber Mentor
Pentesting for n00bs: Episode 3 - Blue
The Cyber Mentor
Web App Testing: Episode 1 - Enumeration
The Cyber Mentor
Pentesting for n00bs: Episode 4 - Devel
The Cyber Mentor
Pentesting for n00bs: Episode 5 - Jerry
The Cyber Mentor
Web App Testing: Episode 2 - Enumeration, XSS, and UI Bypassing
The Cyber Mentor
Pentesting for n00bs: Episode 6 - Nibbles
The Cyber Mentor
Web App Testing: Episode 3 - XSS, SQL Injection, and Broken Access Control
The Cyber Mentor
How NOT to Approach a Cybersecurity Mentor
The Cyber Mentor
Web App Testing: Episode 4 - XXE, Input Validation, Broken Access Control, and More XSS
The Cyber Mentor
Pentesting for n00bs: Episode 7 - Optimum (hackthebox)
The Cyber Mentor
Pentesting for n00bs: Episode 8 - Bashed (hackthebox)
The Cyber Mentor
Pentesting for n00bs: Episode 9 - Grandpa
The Cyber Mentor
Top 5 Internal Pentesting Methods
The Cyber Mentor
More on: Security Basics
View skill →Related Reads
📰
📰
📰
📰
The Silent Killer in Your Node.js APIs: Mass Assignment & How to Catch It Before Production
Medium · AI
The Silent Killer in Your Node.js APIs: Mass Assignment & How to Catch It Before Production
Medium · Cybersecurity
How to Protect Your Crypto Wallet: Self-Custody Security
Medium · Cybersecurity
Australian Cyber Security Centre Issues Alert on Mass Exploitation of CMS Vulnerabilities
Dev.to · NetSecOpsIO
🎓
Tutor Explanation
DeepCamp AI