Bug bounty methodology V4.0 — Demonstrated

Introduction

Hello All

Welcome to Practical Demonstration of Web Application Hacking here we are going to learn about various web vulnerabilities and how to hunt them on a target and how to exploit them .

Before we begin to hunt we should choose a target that is in scope here we are going to choose our target as OWASP (Open Web Application Security Project) Juice Shop Project which is an insecure web application.

When we hunt, it’s important to look at every target in it’s own right. We are going to look at the OWASP juice shop. In this demonstration you will be show all the topic we went over and which parameters we will be using to test. Not all of our tests will lead to existing issues but still we Have to do all these tests. We are no longer practicing right now, this is bug bounties.

OWASP Juice Shop

Installation

In general if we want to hunt bugs on a target we will search for the application, and then we will start hunting but here we are choosing our web target as OWASP Juice Shop which is an insecure application this website requires installation now we will see how to install this application.

Here I am choosing Heroku for installing our Juice Shop as this is free and easy to use, you can also choose other ways like installing Docker Images.

Step 1