<div style="margin:20px 0 0 200px"> To view the site, enable JavaScript by changing your browser options, then <a href="">Try Again</a>.</div>
EC-Council Accredited Training Center

Bug Bounty Hunting - Offensive Approach to Hunt Bugs. This course will cover most of the vulnerabilities of OWASP TOP 10 & Web Application Penetration Testing. You will start as a beginner with no hands-on experience on bug bounty hunting and Penetration testing, after this course you will emerge as stealth Bug Bounty Hunter.

Course Rating

View All Reviews »

Students Enrolled and Counting…

Full List of Alumni »

Why learn Bug Bounty Hunting?

Bug Bounty
Bug Bounty Hunting

Course Syllabus »

Hall of Fame
Rewards & Appreciation

Cyber Security

Web Application Penetration Testing



40 hours - 2 classes per week



Anyone who wants to take part in too big bounty sites and earn money

Course Fees

Course Fees

Class Room Training

Inclusive of all taxes

Online Training

Inclusive of all taxes

What You Will Get?

40 Hours
of in depth training by the best bug bounty hunter

Study Materials

Bug Bounty Hunting
Certificate of Completion after examination and alumni status

Course Details

  1. The duration of the course is 40 hours at 2 classes per week
  2. The course fee is Rs.30,000/- for classroom and Rs.40,000/- Rs.30,000/- for online
  3. The curriculum is taught combining theory and practical
Module 1: 2 Hours - 3 Topics
  • Introduction (Day 1)
  • Introduction Burpsuit (Day 1)
  • Information Gathering (Day 1)
  • XSS (Day 2)
  • Blind XSS (Day 2)
  • Host header Injection (Day 3)
  • Data Tampering (Day 3)
  • Vulnerability Related to SPF (Day 4)
  • HTML Injection (Day 4)
  • File Inclusion (Day 5)
  • Forced Browsing (Day 5)
  • Server Side Request Forgery (SSRF) (Day 6)
  • Source Code Disclosure Vunerability (Day 7)
  • SQL Injection (Day 8)
  • Advance SQL Injection (Day 8)
  • Advance SQL Injection (Day 9)
  • Cross Site Request Forgery (CSRF) (Day 10)
  • XML External (Day 11)
  • Rate Limiting Attack (Day 11)
  • Long Password Dos attack (Day 12)
  • Buffer overflow (Day 12)
  • IDOR (Day 13)
  • Account Takeover (Day 13)
  • CMS Vulnerability (Day 14)
  • Drupal (Day 14)
  • Information Disclosure (Day 15)
  • Cryptographic related vulnerability (Day 15)
  • Command Injection (Day 16)
  • Different types of RCE (Remote Code Execution) (Day 16)
  • Web cache deception (Day 17)
  • SSTI (Server-Side Template Injection) (Day 18)
  • DNS Zone transfer (Day 19)
  • Session Puzzling (Day 19)
  • HSTS (HTTP Strict Transport Security) (Day 20)
  • GraphSQL (Day 20)

Hacking Tutorials

Read All Tutorials »
Building a career in Digital Forensics - How promising is the future? A thorough career guide
Building a career in Digital Forensics - How promising is the future? A thorough career guide
Read Details »

Hacking Videos

Explore All Videos »
How to Hiding Your Secret File using Steganography?
View On Youtube »

Get In Touch


Related Course

Enroll Now »
Know Your Faculty
Mr. Sandeep Sengupta
Mr. Sandeep Sengupta
CISA, Certified Ethical Hacker, ISO 27001:2013 Lead Auditor, Lead Privacy auditor, GDPR Implementer

21 years of experience working in India, New Zealand & Singapore; in Information Security domain as Ethical Hacker, ISO 27001 Lead Auditor / Tutor, BS 10012 Privacy Lead Auditor, Mr. Sandeep Sengupta has conducted security audit in companies like ONGC, KPMG, PWC, Airtel, Vodafone, Accenture, Capgemini, Vedanta, PayU, Bandhan Bank, ABP, etc.

He has been invited as a speaker at FICCI, VIT (Vellore), Nasscom, CII, BCCI, ICAI, ISACA, FICCI, CeBIT, US High Commission (Kolkata), etc. He has taken part in several Television shows on ABP, ETV, NDTV, AajTak, Times Now, etc. In 2005, Sandeep founded the online community "Hackers Library"; which had 80,000+ members, making it the largest Indian online forum for cyber-security professionals at its time. Mr. Sengupta is the committee member at Nasscom (East) & CII ICT-East.

Mr. Kirit Sankar Gupta
Mr. Kirit Sankar Gupta
B. Tech (IT), OSCP, CEH 10.0, CHFI 9.0, ISO Certified Lead Security Incident Manager (ISO/IEC 27035), ISO Certified Lead Forensic Examiner (CLFE), CCNA, CCNP

A Penetration Tester with 6 years of experience, Kirit has the expertise in Mobile Application Pentesting Network, IoT Penetration Testing, Source-code review, Fuzzing, Red teaming, Social Engineering, Digital Forensics and Incident Response, Dev(Sec)Ops, Malware Analysis as well as SOC analysis. He has been acknowledged for reporting critical vulnerabilities to Uber, Apple, Flipkart, and MIT. Mr. Kirit Sankar Gupta is the member of Data Security Council of India (Kolkata).

Mr. Sanchayan Bhaumik
Mr. Sanchayan Bhaumik
ME (Jadavpur University), MCA (WBUT), CEH, CHFI, CEI

With 7 years of experience in Information Security audit and Forensic Investigation, Mr. Sanchayan Bhaumik is working as Information Security Analyst at ISOEH and has successfully conducted various Vulnerability Assessment and Penetration Testing / audit, as well as Forensic Investigation for leading corporate houses and Government entities.

He has worked as an Assistant Professor at Sikkim Manipal University & Guest Faculty at National Institute of Pharmaceutical Education and Research. His research domain is AI, Machine Learning and Cryptography. He has presented several research papers in international conferences. At ISOEH his job profile includes VAPT, Forensic Assignments & Teaching advance courses on penetration testing, creating hacking tools using python, AI & ML.

Mr. Saumitra Biswas
Mr. Saumitra Biswas
M Tech - Computer Science, MSc (Statistics), GATE qualified

Mr. Saumitra Biswas is M.Tech in computer science from Netaji Subhash Engineering College, GATE qualified in computer science and a MSC in statistics from Kalyani University. He has 20 years of experience. His technical interests include Machine Learning, Neural Networks, Genetic Algorithms and Object Oriented Programming. He is skilled in C, C++, C#, Dotnet, Java, Python, Matlab, Unix, MS Windows XP, Windows 7, My SQL, Oracle, MS Access, HTML, XML, CSS and PHP. He take classes on AI & ML in ISOAH, as well as act as mentors to interns & project trainees.

Ms. Amrita Acharya
Ms. Amrita Acharya
M Tech in CSE, ISO 27001 Lead Auditor (IRCA/BSI)

After completion of her Master degree, she has worked with ISOAH as an intern for few years before joining full time as security analyst. She has been involved in internal audit, policy design, ISMS consultancy for more than 2 years. She is well versed in Kali Linux, Nmap, Metasploit, ITGC, ISO 27001 & COBIT framework. ISOAH clients she has provided active consultancy are CESC, Diadem, Lexplosion, Diamond Beverages, etc. As part of her hobby, she has been a professional model in her free time.

Mr. Subhendu Bhadra
Mr. Subhendu Bhadra
ECSA, CEH, CCNA, Android Pentesting, Reverse Engineering

A Certified Ethical Hacker & CCNA, Mr. Subhendu Bhadra has expertise in exploit writing using Python, Ruby and Bash and is working as a Information Security Analyst and Faculty at ISOEH. Passionate about gadgets and technology, he has created several projects using Arduino. Well versed with networking and various programming languages, Suvendu is developing new hacking tools using Python.

Mr. Anubhav Kettry
Mr. Anubhav Khettry
Certificate EC-Council Instructor (CEIv2), CEH, CHFI

Anubhav Khettry is a Certified Ethical Hacker. His area of interest includes Network Penetration Testing (NPT), Web Application Penetration Testing (WAPT) & RDBMS concepts. He is currently a part of ISOEH as Information Security Analyst and faculty.

Mr. Saugata Sil
Mr. Saugata Sil

Saugata Sil is a Certified Ethical Hacker (CEH). His area of interest is Python, Networking, Ethical Hacking, Front-end Development, Vulnerability Assessment, Web Application Pentesting, Android Application Pentesting and API Pentesting. Previously he worked as a Front-end developer and Software developer. As well as he also bug hunting and he has been acknowledged for reporting critical vulnerabilities to Dell, TripAdvisor, HealthifyMe, Spacex and many more. He has a passion for teaching & likes to guide students to apply cyber security knowledge in real-life scenarios. He is currently a part of ISOAH as a faculty member & Security Researcher Analyst.

Mr. Sagar Neogi
Mr. Sagar Neogi

Sagar Neogi is a Certified Ethical Hacker (CEH). His area of interest is Python, Reverse Engineering, Vulnerability Assessment and Penetration Testing. He is proficient in network design & hardening. He has a passion for teaching & likes to guide students to apply cyber security knowledge in the real-life scenario. He is currently a part of ISOEH as a faculty member & research analyst.

Mr. Somdeb Chakraborty
Mr. Somdeb Chakraborty
MSc in Computer Application, CEH, CCNA, Android Development

Somdeb Chakraborty is a Certified Ethical Hacker (CEH), whose expertise lies in penetration testing. His areas of interest are Networking, Python, Vulnerability Assessment and Penetration Testing. He is also CCNA Global Certified (CISCO ID# CSCO13549504). Previously he worked as a software and web development trainer at The EDGE College in tie up with Vinayaka mission Sikkim University. He is working as an Information Security Analyst in the Indian School of Ethical Hacking.

Mr. Soummya Mukhopadhyay
Mr. Soummya Mukhopadhyay
BCA, CEH Master

Mr. Soummya Mukhopadhyay is a CEH Master. He has an interest in Network Penetration Testing, Web Application Penetration Testing and in 802.11 attacks and mitigation, as well as Advanced Persistent Threat mitigation. Previously worked as a Web Application Back end developer using PHP. Over the last one year he has been active as a bug bounty hunter. For ISOAH he has taken an active role in Developing CTF Challenges.

Mr. Debraj Basak
Mr. Debraj Basak
B.Tech (EE), CEH v11, CCNA 3.0

Debraj Basak is a Certified Ethical Hacker (CEH). His area of interest is Advance Python, C Programming, Networking, Ethical Hacking, Hacking Tools Development, Vulnerability Assessment, Web Application Pentesting and Network Pentesting. He is also skilled in HTML, CSS, PHP & DBMS. Currently he is doing research on Malware Analysis and Reverse Engineering. He has a passion for teaching & likes to guide students to apply cyber security knowledge in real-life scenarios. He writes technical content as a hobby.


Ratings & Reviews

Bug Bounty Hunting

Course Rating
Based On
100 Students Rating

Date: 28.01.2020
Course: Bug Bounty Hunting

The course is great in terms of practical knowledge it provides to actually hunt bugs on live websites, never heard those techniques before, very beneficial course for those who are stepping into the field of bug hunting. Nice course that covers all the basic aspects of web application penetration testing and the most common techniques for Bug Bounty Programs.



What is the course content?
  • History of Bug bounties
  • Difference between Penetration Test and Bug Bounties
  • How a Pentester turns into a bug bounty hunter?
  • Platforms, ways to participate
  • Bug Hunter Methodology Android
  • Bug Hunter Methodology Web
    • The tricks and tips
    • Practicals of approaching a target
    • Creating the best possible of the scope
    • Where to look and what to look for
    • XSS, CSRF, SQLi, IDOR…
    • How much important is the report?
    • Best tools to use
  • Bug Hunter Methodology IOS
  • Let's do it right now…
  • Legal issues and being safe
  • Best of the submissions - Hackerone
  • How to Learn and improvise
What is the course Duration?

The duration of the course is 40 hours at 2 classes per week.

What is the course Methodology?

The course is administered in theory as well as practical.

What is the course Prerequisites?

Anyone who wants to take part in too big bounty sites and earn money.

Enroll Now

Fields marked with * are mandatory.

Online Interactive Classroom with dedicated Faculty

Course Fees

Inclusive of all taxes

Weekday Batche:
Reg. Date
Start Date
End Date
Sep, 2021
Sep, 2021
Oct, 2021
Pay Now

Member of:

Data Security Council of India