Hey! everyone
I just want to give you an overview of what are the prerequisites to find bugs and how can you start bug hunting
Learn the basics of networking
Learn Linux and how to use linux
When you are done with above you can proceed with web application security basics…
Learn the building blocks of web applications and how everything works behind the scenes including HTTP Methods, web design patterns, client and server-side components.
Understand modern deployment architectures such as single-page applications, microservices and serverless architecture
- Client-side Languages and Concepts
- Server-side Concepts
- Web Servers
- Web Communication — HTTP verbs
a. HTTP request method
b. HTTP response codes
c. HTTP headers and security
d. HTTP access control
e. HTTP authentication
f. HTTP cookies
5. HTTPS vs HTTP
6. Data Storage — Database Servers
a. SQL
b. NoSQL
7. Web Application Architecture
a. Monolithic architecture
b. Single page applications
c. Microservices
d. Serverless architecture
Reconnaissance
“It is nothing but gathering complete information about the target”
- Domain Reconnaissance
a. Whois lookup
b. DNS lookup/reconnaissance
2. Network Scanning and Live Host Identification
3. Open Ports and Running Services
4. Identifying Architectures, Operating Systems and Frameworks
5. Spidering/Crawling Websites
6. Performing Directory Enumeration
7. Discovering Protected Resources
You can even use many tools I listed some of the tools which helps you while doing recon
1)Enumerating Common/Framework-specific Directories
→ DirBuster
→ Burpsuite
2) Cracking Webpages
→ Owasp Zap
→ Burpsuite
→ HTTrack
3) Web application vulnerability scanners
→ Nikto
→ OpenVAS
→ Nessus
→ Acutenix
4) XSS Scanner
→ XSSer
→ XSStrike by S0md3v
5) Attacking webservers
→ SQlmap
→ jSQl
6) Subdomain enumeration
→ Knockpy
→ Sublist3r
…. and the list goes on
When you got the good grip over web security and application you can move to OWASP top 10
●A1 Injection Attacks
● A2 Broken Authentication
● A3 Sensitive Data Exposure
● A4 XML External Entity
● A5 Broken Access Control
● A6 Security Misconfigurations
● A7 Cross-Site Scripting
● A8 Insecure Deserialization
● A9 Using Components with Known Vulnerabilities
● A10 Insufficient Logging & Monitoring
And the most important thing is always to practice things
Just by reading everything and watching tutorials doesn't make any sense Make sure you approach the things practically
Some of the best places to practice are
Owasp juice shop
Portswigger labs
TryHackme
pentesterlab
Webgoat
Have fun!!
Enjoy the journey
Make sure you are updating your knowledge
Follow security guys on Twitter
join discord servers and participate in the chat
Prepare your notes
Always ask your questions to google only!
