Will be Covering On Weekends Through Live classes.

1. Master the Basics:

Understand Web Applications

• Grasp how the web works:
  • HTTP/HTTPS: requests, responses, headers, cookies.
  • HTML, CSS, JavaScript basics.

Learn Vulnerabilities

• Get familiar with the OWASP Top 10:
  • XSS, SQL Injection, CSRF, IDOR, etc.
• Understand each vulnerability:
  • What it is, how to identify it, and how to exploit it.

Use Essential Tools

• Start with these tools:
  • Burp Suite (Community Edition works for now).
  • FFUF/Dirsearch for directory fuzzing.
• Learn basic tool configurations and how to analyze results.

2. Build Recon Skills

Start with Recon Basics

• Learn subdomain enumeration:
  • Tools like Subfinder, Assetfinder.
• Directory brute-forcing:
  • FFUF, Dirbuster.

Automate the Process

• Create simple scripts to chain tools together.
• Use platforms like Shodan and Censys for asset discovery.