Uncle Rat’s Bug Bounty Guide

Category Other
Type Tutorials
Language English
Total size 7.7 GB
Uploaded By tutsnode

Downloads 607
Last checked 6 days ago
Date uploaded 4 years ago
Seeders 11
Leechers 7

Infohash : 63BC0351344FC8C6C676E6E9E5E9BD154257AAD6

Description

SUDO

I can not promise this course will find you bugs. I can promise i will leave you with a solid methodology that’s netted me a few nice extra monthly salaries. This method is not guaranteed to work for you. You will need to adept. You will need to work.

If any course promises you that they WILL find you bugs, run as fast as you can.

WHOAMI

My name is uncle rat and i am here to help you take the next step. I am not here to hold your hand, i am here to push you over the edge. You’ve been practicing on pratice platforms for long enough now, don’t you think? It’s time.

I will provide you with a solid methodology to build upon. I don’t want you to follow in my footsteps, i want you write your own legend. This is after all the place where legends are born.

Every chapter has at least a video file with slides to download and where applicable a full text PDF with extra information. All extra’s like cheat sheets are seperatly downloadeable for your comfort.

– The XSS Rat

CAT ‘goals.txt’

I can hack, but i can only hack one target at a time. My passion is teaching so why not hit two birds with one stone?

I created this course because i strongly believe that if i hack 1 target i am just me but if i train 1000 hackers, we are an army.

This is my goal, i want to make the internet a safer place but i can’t do it alone.
Who this course is for:

Beginner bug bounty hunters who are looking for a solid methodology and mindset
Experienced pentesters looking to get into bug bounties
Companies training their cybersecurity staff to withstand even the toughest of logic attacks

Requirements

Be farmiliar with the basics of web communication like GET,POST,PUT,DELETE… calls
A computer that can run burp suite, OS doesn’t matter

Last Updated 7/2021

                Files: 

                Uncle Rat's Bug Bounty Guide
[TutsNode.com] - Uncle Rat's Bug Bounty Guide
Tools
Video_ Full guide on How Burp Suite works.mp4 (684.0 MB)
03_Burp_Match_and_replace.pdf (691.4 KB)
08_Burp_Suite_Comparer.pdf (237.6 KB)
04_Burp_suite_Intruder.pdf (521.5 KB)
01_Burp_Suite_Dashboard.pdf (384.9 KB)
00_Burp_Suite_Do_i_need_the_profesional_edition.pdf (57.3 KB)
09_Burp_Suite_Extender.pdf (51.4 KB)
02_Burp_suite_Target.pdf (252.7 KB)
06_Burp_Suite_Sequencer.pdf (214.7 KB)
05_Burp_Suite_repeater.pdf (201.4 KB)
07_Burp_Suite_Decoder.pdf (113.2 KB)
Video_ Full guide on How Burp Suite works.en.srt (90.0 KB)
Video_ Burp suite zero to hero.en.srt (18.4 KB)
Video_ My Top 10 Burp Suite extensions.en.srt (13.7 KB)
Video_ Authorize for automating IDORs and BAC.en.srt (6.7 KB)
Video_ Burp suite zero to hero.mp4 (145.9 MB)
Video_ My Top 10 Burp Suite extensions.mp4 (84.4 MB)
Video_ Authorize for automating IDORs and BAC.mp4 (53.7 MB)

Introduction
discord invite link.txt (0.0 KB)
Introduction.en.srt (1.2 KB)
Discord invite link.html (0.9 KB)
Discord Invite link.rtf (0.4 KB)
What you need to know about bug bounties.pdf (310.3 KB)
What you need to know about bug bounties.pdf (310.3 KB)
What you need to know about bug bounties - Video.en.srt (15.8 KB)
A look at bug bounties from all perspectives.en.srt (10.9 KB)
A look at bug bounties from all perspectives.mp4 (157.5 MB)
What you need to know about bug bounties - Video.mp4 (133.3 MB)
Introduction.mp4 (13.0 MB)

Attack techniques - SQLi By PinkDraconian
Excercises_ 6 SQLi, XSS and XXE all in one payload.en.srt (25.2 KB)
6 References & Exercises.en.srt (5.9 KB)
Slides.pdf (984.3 KB)
3 Types of SQLi.mp4 (206.1 MB)
Excercises_ 6 SQLi, XSS and XXE all in one payload.mp4 (192.1 MB)
Excercises_ 2 Union Based SQLi To RCE!.mp4 (188.8 MB)
Excercises_ 4 Boolean Based SQLi.en.srt (9.8 KB)
3 Types of SQLi.en.srt (16.2 KB)
Excercises_ 5 SQLi WAF Bypass.en.srt (21.6 KB)
Excercises_ 2 Union Based SQLi To RCE!.en.srt (13.6 KB)
Excercises_ 3 MSSQL injection to RCE.en.srt (11.7 KB)
2 Detecting SQLi.en.srt (8.3 KB)
1 What are SQLi.en.srt (6.4 KB)
4 WAF Bypasses.en.srt (2.8 KB)
5 SQLMap.en.srt (5.2 KB)
Excercises_ 1 Portswigger Simple Login Bypass.en.srt (4.5 KB)
0 Intro.en.srt (3.3 KB)
Excercises_ 3 MSSQL injection to RCE.mp4 (151.0 MB)
Excercises_ 5 SQLi WAF Bypass.mp4 (133.0 MB)
Excercises_ 4 Boolean Based SQLi.mp4 (115.2 MB)
2 Detecting SQLi.mp4 (105.7 MB)
1 What are SQLi.mp4 (89.3 MB)
6 References & Exercises.mp4 (74.3 MB)
5 SQLMap.mp4 (64.3 MB)
Excercises_ 1 Portswigger Simple Login Bypass.mp4 (62.3 MB)
0 Intro.mp4 (44.7 MB)
4 WAF Bypasses.mp4 (37.3 MB)

XXE according to OWASP (Optional)
0 Intro.en.srt (3.6 KB)
4_XML_eXternal_Entities.pdf (183.7 KB)
2 Finding XXE attack vectors.en.srt (7.4 KB)
1 What is XXE.en.srt (7.0 KB)
5 Tools and Mitigations.en.srt (7.0 KB)
3 Exploiting XXEs.en.srt (6.4 KB)
4 WAFs and Filters.en.srt (3.1 KB)
2 Finding XXE attack vectors.mp4 (43.4 MB)
5 Tools and Mitigations.mp4 (41.2 MB)
3 Exploiting XXEs.mp4 (36.8 MB)
1 What is XXE.mp4 (34.9 MB)
0 Intro.mp4 (19.0 MB)
4 WAFs and Filters.mp4 (16.4 MB)

Burp Suite practical examples
BurpSuite with 2FA links.txt (0.1 KB)
BurpSuite with IDOR links.txt (0.1 KB)
BurpSuite with SQLi links.txt (0.2 KB)
BurpSuite with WS links.txt (0.1 KB)
Testing for IDORs with Burp Suite.html (4.4 KB)
Testing a 2FA bypass in burp.html (5.5 KB)
Testing for SQLi with burp suite.html (5.4 KB)
Testing websockets in burp.html (3.5 KB)
96_Burp_Authorize.pdf (1.3 MB)

Attack techniques - Business logic flaws
The origin of Business logic flaws.mp4 (474.3 MB)
The origin of Business logic flaws.en.srt (32.3 KB)
Business logic flaws - Slides.pdf (267.4 KB)
Article_ The origin of Business logic flaws.html (15.0 KB)
Attack techniques - Business logic flaws.html (4.8 KB)
Labs_ Attack techniques - Business logic flaws.html (1.3 KB)
Solutions_ Attack techniques - Business logic flaws.html (1.2 KB)
Video_ Attack techniques - Business logic flaws.en.srt (7.7 KB)
Video_ Attack techniques - Business logic flaws.mp4 (70.9 MB)

Attack techniques - SSRF
Extra video_ Blind SSRF, what is it and how to exploit it.en.srt (6.1 KB)
SSRF-Slides.pdf (385.4 KB)
Video_ Attack techniques - SSRF.mp4 (189.8 MB)
Video_ Attack techniques - SSRF.en.srt (11.8 KB)
SSRF.html (6.4 KB)
Extra video_ Blind SSRF, what is it and how to exploit it.mp4 (48.6 MB)

The Intricacies of bug bounties
The Intricacies of bug bounties.mp4 (361.8 MB)
The intricaties of bug bounties.pdf (436.5 KB)
The Intricacies of bug bounties.en.srt (41.9 KB)

Attack techniques - File Inclusions By PinkDraconian
5 Wrapper Magic.en.srt (3.4 KB)
4 File Inclusion to RCE.en.srt (12.5 KB)
0 Introduction.en.srt (3.2 KB)
4 File Inclusion to RCE.mp4 (166.8 MB)
Excercises_ Dogcat.mp4 (160.7 MB)
Excercises_ Dogcat.en.srt (12.2 KB)
Excercises_ Book.en.srt (8.8 KB)
3 Is The Target Vulnerable.en.srt (8.3 KB)
Excercises_ Sniper.en.srt (7.3 KB)
6 Tools Wordlists Exercises.en.srt (6.7 KB)
Excercises_ SKFLFI2.en.srt (6.1 KB)
1 What are File Inclusions.en.srt (5.6 KB)
2 Finding a target.en.srt (5.2 KB)
Excercises_ Book.mp4 (124.0 MB)
3 Is The Target Vulnerable.mp4 (108.0 MB)
Excercises_ Sniper.mp4 (104.7 MB)
Excercises_ SKFLFI2.mp4 (92.6 MB)
6 Tools Wordlists Exercises.mp4 (92.2 MB)
1 What are File Inclusions.mp4 (74.9 MB)
2 Finding a target.mp4 (69.5 MB)
5 Wrapper Magic.mp4 (44.7 MB)
0 Introduction.mp4 (44.1 MB)
File Inclusion.pdf (1.3 MB)

Main app methodology
Main app methodology - Video.mp4 (359.6 MB)
Main app methodology - Demonstrated.mp4 (316.7 MB)
Main app methodology - Demonstrated.en.srt (43.9 KB)
Main app methodology - Video.en.srt (39.3 KB)
Main app methodology demonstration on the owasp juice shop.html (22.5 KB)
Main app methodology.html (18.5 KB)
Main app methodology.pdf (1.2 MB)

Master Labs
master labs download links.txt (0.2 KB)
How to enter the master labs.html (1.3 KB)
Ratnightmare2.pdf (10.6 MB)
Tempus Fugit 5 - Walkthrough.pdf (7.4 MB)

Broad scope methodology
Birdseye view of broad scope methodology.html (1.1 KB)
Broad scope manual methodology - Video.en.srt (16.7 KB)
Broad scope methodology (1).pdf (520.4 KB)
Broad scope methodology - Slides.pdf (520.4 KB)
Broad Scope Methodology.png (322.5 KB)
Broad scope automated methodology - video.en.srt (15.7 KB)
Broad scope manual methodology.html (7.6 KB)
Extra video_ Quickly identify a target from a list of subdomains.en.srt (4.6 KB)
Broad scope manual methodology - Video.mp4 (107.1 MB)
Broad scope automated methodology - video.mp4 (72.3 MB)
Extra video_ Quickly identify a target from a list of subdomains.mp4 (42.6 MB)

Attack techniques - XSS
Video_ Ultimate beginner XSS guide.mp4 (276.1 MB)
Solutions_ Reflected XSS.html (1.6 KB)
Lab_ Stored XSS.html (1.4 KB)
Analysing javascript files.pdf (374.6 KB)
Labs_ Reflected XSS.html (1.6 KB)
Solutions_ Stored XSS.html (1.5 KB)
Video_ Advanced XSS Testing.mp4 (166.1 MB)
Video_ Ultimate beginner XSS guide.en.srt (40.5 KB)
Video_ Advanced XSS Testing.en.srt (24.4 KB)
Video_ How to test for reflected XSS.en.srt (20.6 KB)
How to test for stored XSS.en.srt (18.8 KB)
Video_ Analyzing JS files.en.srt (11.9 KB)
What is DOM XSS.html (8.1 KB)
Analyzing JS files.html (5.9 KB)
Cheat sheet_ XSS.html (1.4 KB)
Labs_ User submitted reflected XSS.html (1.5 KB)
Video_ How to test for reflected XSS.mp4 (142.5 MB)
How to test for stored XSS.mp4 (125.4 MB)
Video_ Analyzing JS files.mp4 (71.3 MB)
Ultimate XSS Guide - Slides.pdf (1.0 MB)

Attack techniques_ CSRF
Attack techniques_ CSRF - Video.mp4 (214.5 MB)
Lab_ CSRF on impactful functionality.html (1.5 KB)
Solutions_ CSRF on impactful functionality.html (1.9 KB)
Attack techniques_ CSRF demonstration - video.en.srt (15.1 KB)
Attack techniques_ CSRF - Video.en.srt (13.2 KB)
Attack techniques_ CSRF.html (11.4 KB)
Attack techniques_ CSRF demonstration - video.mp4 (102.2 MB)

Attack techniques - Broken Access Control
Attack techniques - Broken Access Control - Overview.html (1.0 KB)
Lab_ Broken Access Control.html (1.2 KB)
Solutions_ Broken Access Control.html (1.0 KB)
BAC - Slides.pdf (334.8 KB)
Attack techniques - Broken Access Control - video.en.srt (14.0 KB)
Attack techniques - Broken Access Control.html (5.3 KB)
Attack techniques - Broken Access Control - video.mp4 (98.8 MB)

Attack techniques - IDOR By Uncle Rat
IDOR - Slides.pdf (436.1 KB)
Labs_ Attack techniques - IDOR By Uncle Rat.html (1.2 KB)
Solutions_ Attack techniques - IDOR By Uncle Rat.html (1.0 KB)
Attack techniques - IDOR By Uncle Rat - Video.en.srt (21.9 KB)
Attack techniques - IDOR By Uncle Rat.html (5.1 KB)
Attack techniques - IDOR By Uncle Rat - Video.mp4 (154.5 MB)

Attack techniques - XXE
XXE - Slides.pdf (419.6 KB)
Video_ Attack techniques - XXE.en.srt (13.1 KB)
Attack techniques - XXE.html (6.4 KB)
Video_ Attack techniques - XXE.mp4 (88.5 MB)

Attack techniques - Template injections
SSTI.pdf (46.9 KB)
CSTI - Slides.pdf (154.9 KB)
Video_ Attack techniques - Template injections - SSTI.en.srt (15.3 KB)
SSTI overview.html (1.0 KB)
Attack techniques - Template injections - CSTI.html (2.8 KB)
Attack techniques - Template injections - SSTI.html (5.8 KB)
Video_ Attack techniques - Template injections - CSTI.en.srt (4.3 KB)
Video_ Attack techniques - Template injections - SSTI.mp4 (107.3 MB)
Video_ Attack techniques - Template injections - CSTI.mp4 (24.4 MB)

Attack techniques - WAF evasion techniques
Video_ Attack techniques - WAF evasion techniques.en.srt (31.0 KB)
WAF_evasion_techniques.pdf (321.0 KB)
Video_ Attack techniques - WAF evasion techniques.mp4 (108.6 MB)

What now_
Main app methodology 06-04-2021.txt (1.8 KB)
Next steps.html (1.2 KB)
broad scope methodology 06-04-2021.txt (1.2 KB)
Uncle Rat's Recommended public bug bounty targets.html (1.1 KB)

Attack techniques - OS Command injection
Video_ Attack techniques - OS Command injection.en.srt (8.4 KB)
Attack techniques - OS Command injection.html (4.0 KB)
Video_ Attack techniques - OS Command injection.mp4 (48.8 MB)

Reporting
Video_ Reporting.en.srt (4.6 KB)
Bug_Report_Template_markdown.txt (1.3 KB)
Video_ Reporting.mp4 (34.2 MB)

TutsNode.com.txt (0.1 KB)
.pad0 (0.0 KB)
(0.0 KB)
(0.1 KB)
(0.0 KB)
(0.2 KB)
(0.1 KB)
(0.0 KB)
(0.1 KB)
(0.0 KB)
(0.5 KB)
(0.4 KB)
(0.5 KB)
(0.1 KB)
(657.5 KB)
(555.6 KB)
(472.7 KB)
(2.6 KB)
(58.6 KB)
(501.8 KB)
(763.1 KB)
(9.2 KB)
(574.7 KB)
(1,000.2 KB)
(787.5 KB)
(394.2 KB)
(992.5 KB)
(684.0 KB)
(875.8 KB)
(300.7 KB)
(357.8 KB)
(801.5 KB)
(217.4 KB)
(383.8 KB)
(789.0 KB)
(673.9 KB)
(469.6 KB)
(640.1 KB)
(80.5 KB)
(746.7 KB)
(694.2 KB)
(751.4 KB)
(110.3 KB)
(517.8 KB)
(732.9 KB)
(688.1 KB)
(345.8 KB)
(214.2 KB)
(363.1 KB)
(328.3 KB)
(348.3 KB)
(966.1 KB)
(612.5 KB)
(441.5 KB)
(786.2 KB)
(673.6 KB)
(160.9 KB)
(137.7 KB)
(825.4 KB)
(632.5 KB)
(6.3 KB)
(613.9 KB)
(988.4 KB)
(447.0 KB)
(576.3 KB)
(685.8 KB)
(743.2 KB)
(799.1 KB)
[TGx]Downloaded from torrentgalaxy.to .txt (0.6 KB)

There are currently no comments. Feel free to leave one :)

Code:

udp://inferno.demonoid.pw:3391/announce
udp://tracker.openbittorrent.com:80/announce
udp://tracker.opentrackr.org:1337/announce
udp://torrent.gresille.org:80/announce
udp://glotorrents.pw:6969/announce
udp://tracker.leechers-paradise.org:6969/announce
udp://tracker.pirateparty.gr:6969/announce
udp://tracker.coppersurfer.tk:6969/announce
udp://ipv4.tracker.harry.lu:80/announce
udp://9.rarbg.to:2710/announce
udp://shadowshq.yi.org:6969/announce
udp://tracker.zer0day.to:1337/announce