Hi, I’m Rohit Gautam
CEO & Founder of Hacktify Cyber Security
I am into Cyber Security Training for many years. Students have loved my courses and given 5 ★ Ratings for years.
My students have been in the Top 15 Cyber Security Researchers of India twice in a Row.
Apart from training's, I'm a security researcher with special interest in network exploitation and web application security analysis and Red Teaming
I have worked for all the topmost banks of India in their VAPT Team and have helped them secure their infra.
I'm highly passionate about training students for cyber security & make them industry ready.
What our Students says
We believe in giving the best experience to students in terms of learning, We just do not provide a bunch of videos but coach you for your better future.
Students have got Hall of Fames, Ceritification Letters, Bounties and even Jobs.
Dont take our words, read students reviews and try it your self 😃
Shweta Dash
⭐⭐⭐⭐⭐
Very well explained with examples , good command on language and knowledge shared.. well researched and prepared with each lectures... It’s motivating for students to pursue their career in IT field for a better and safe digital/virtual world... And Hats off Rohit Gautam for coming up with great topics , please do come up with more lectures on ethical hacking
Ronit Bhatt
⭐⭐⭐⭐⭐
One of THE BEST courses available to get started in bug bounty hunting. The live website practicals just makes it even more easier to learn and grasp the concepts. !!!! Very well explained and designed !
Pranav Bhandari
⭐⭐⭐⭐⭐
Amazing course on bug bounty and ethical hacking.No other course has come up with live practical attacks on Owasp's as I have seen.Yes recommended to other students,professional as well.Awesome :)
Vidhi Waghela
⭐⭐⭐⭐⭐
Thankyou, For this Amazing course. As a student I found this course very beneficial for starting my journey in cyber security. As, I was able to understand the basic concepts to the difficult ones that too very easily.. With great live examples and tips and tricks. 😌
Piyush Jadhav
⭐⭐⭐⭐⭐
This course has really helped me in building my bug hunting process and approach towards pentesting of projects. Along with Hack the Box, I learned How to test for web application attacks and it has turned out to be very helpful. Highly recommended
Jerry Nissan
⭐⭐⭐⭐⭐
Even a Zero experienced one can understand so clearly. Well and clearly explained. Recommend to a beginner and advance level too.
Course Curriculum
- 3_What_is_OWASP_and_Injection (9:55)
- 4_What_is_Broken_Authentication (2:57)
- 5_What_is_Senstive_Data_Exposure (5:33)
- 6_What_is_XML_External_Entities (2:43)
- 7_What_is_Broken_Access_Control (4:11)
- 8_What_is_Security_Misconfiguration (2:24)
- 9_What_is_Cross_Site_Scripting_(XSS) (3:52)
- 10_What_is_Insecure_Deserialization (2:07)
- 11_What_is_Using_Components_with_Known_Vulnerabilities (2:11)
- 12_What_is_Insufficient_Logging_and_Monitoring (3:03)
- 14_Authentication_Bypass_Exploitation_Live_-1 (5:46)
- 15_Authentication_Bypass_Exploitation_Live_-2 (4:23)
- 16_Authentication_Bypass_Exploitation_Live_-3 (2:51)
- 17_Authentication_Bypass_Exploitation_Live_-4 (3:40)
- 18_Authentication_Bypass_Exploitation_Live_-5 (4:33)
- 19_Authentication_Bypass_Exploitation_Captcha (2:48)
- 20_Authentication_Bypass_to_Account_Takeover_Live_-1 (5:35)
- 21_Authentication_Bypass_to_Account_Takeover_Live_-2 (3:52)
- 22_Authentication_Bypass_due_to_OTP_Exposure_Live_-1 (4:10)
- 23_Authentication_Bypass_due_to_OTP_Exposure_Live_-2 (3:14)
- 24_Authentication_Bypass_2FA_Bypass_Live (3:40)
- 25_Authentication_Bypass_-_Email_Takeover_Live (5:58)
- 26_Authentication_Bypass_Mitigations (1:58)
- 27_Authentication_Bypass_Interview_Questions_and_Answers (4:16)
- 28_No_Rate-Limit_leads_to_Account_Takeover_Live_Type-1 (12:30)
- 29_No_Rate-Limit_leads_to_Account_Takeover_Live_Type_-2 (9:53)
- 30_No_Rate-Limit_leads_to_Account_Takeover_Live_Type_-3 (5:34)
- 31_No_Rate-Limit_leads_to_Account_Takeover_Live_Type_-4 (5:15)
- 32_No_Rate-Limit_leads_to_Account_Takeover_Live_Type_-5 (5:26)
- 33_No_Rate-Limit_to_Account_Takeover_Live_-_Type_6 (6:58)
- 34_No_Rate-Limit_to_Account_Takeover_Live_-_Type_7 (6:10)
- 35_No_Rate-Limit_Instagram_Report_Breakdown (0:55)
- 36_No_Rate-Limit_Instagram_Report_Breakdown_2 (4:15)
- 37_No_Rate_Limit_Bypass_Report_Breakdown (5:29)
- 38_No_Rate_Limit_Bypass_Report_Breakdown_2 (5:21)
- 39_No_Rate-Limit_to_Tool_Fake_IP_Practical (4:02)
- 40_No_Rate-Limit_test_on_CloudFare (4:08)
- 41_No_Rate-Limit_Mitigations (2:03)
- 42_No_Rate-Limit_All_Hackerone_Reports_Breakdown (5:15)
- 43_How_XSS_Works (6:15)
- 40.1_XSS_Manula_Balancingg (9:52)
- 44_Reflected_XSS_on_Live_1 (9:52)
- 45_Reflected_XSS_on_Live_2 (1:36)
- 47_Reflected_XSS_on_Live_3_Balanced (3:40)
- 48_XSS_on_Limited_Inputs_Live_1 (3:20)
- 49_XSS_on_Limited_Inputs_Live_2 (2:51)
- 50_XSS_in_Request_Headers_-_Live (3:47)
- 51_Reflected_XSS_Useragent_and_Caching (6:41)
- 52_Reflected_XSS_Email_Validator_Live (4:49)
- 53_Reflected_XSS_Protection_Bypass_Live_1_-_Base64 (5:36)
- 54_Reflected_XSS_Protection_Bypass_Live_-2 (5:18)
- 55_XSS_using_Spider (6:30)
- 56_XSS_Bypass_Right_Click_Disabled (4:16)
- 57_Blind_XSS_Exploitation (5:54)
- 58_Stored_XSS_Exploitation_Live (9:19)
- 59_DOM_XSS_Name (6:11)
- 60_DOM_XSS_Redirect (2:20)
- 61_DOM_XSS_Index (2:50)
- 62_XSS_on_Live_by_Adding_Parameters (3:22)
- 63_XSS_Mouse_on_Lab (2:54)
- 64_XSS_Mouse_Live (1:44)
- 65_XSS_Mouse_Events_All_Types (3:25)
- 66_XSS_Cookie_Stealer_LAB (10:14)
- 66_XSS_Polyglots_Live (6:54)
- 67_XSS_Polyglots_Breakdown (2:17)
- 68_XSS_Exploitation_-_URL_Redirection (4:38)
- 69_XSS_Exploitation_-_Phishing (4:05)
- 70_XSS_Exploitation_Cookie_Stealer_Lab (10:14)
- 71_XSS_Exploitation_Cookie_Stealer_Live (8:35)
- 72_XSS_Exploitation_File_Upload_Type_-2 (3:08)
- 73_XSS_Exploitation_File_Upload_Type_-3 (6:32)
- 74_XSS_Exploitation_File_Upload_Type-_1 (3:23)
- 75_XSS_Mitigations (2:19)
- 76_XSS_Bonus_TIPS_and_TRICKS (5:13)
- 77_XSS_Hackerone_ALL_Reports_Breakdown (8:31)
- 78_XSS_Interview_Questions_and_Answers (7:46)
- XSS_Quiz
- XSS_Mouse_payloads
- XSS_Payloads
- 79_How_CSRF_Works (4:53)
- 80_CSRF_on_LAB (2:54)
- 81_CSRF_on_LAB_-_2 (9:09)
- 82_CSRF_on_Live_-1 (1:30)
- 83_CSRF_on_Live_-2 (10:12)
- 85_CSRF_Funds_Transfer_Lab (3:05)
- 86_CSRF_Request_Methods_Trick_-_Lab (3:32)
- 87_CSRF_to_Account_Takeover_Live_-1 (7:12)
- 88_CSRF_to_Account_Takeover_Live_-2 (7:38)
- 89_Chaining_CSRF_with_XSS (2:27)
- 90_CSRF_Mitigations (3:26)
- 91_CSRF_BONUS_Tips_and_Tricks (2:11)
- 92_CSRF_ALL_Hackerone_Reports_Breakdown (13:17)
- 93_CSRF_Interview_Questions_and_Answers (6:06)
- 94_How_CORS_Works (3:16)
- 95_CORS_3_Test_Cases_Fundamentals (8:51)
- 96_CORS_Exploitation_Live_-2_Exfiltration_of_Account_Details (2:31)
- 97_CORS_Exploitation_Live_-3_Exfiltration_of_Account_Details (4:59)
- 98_CORS_Live_Exploitation_-4 (1:45)
- 99_CORS_Exploitation_Facebook_Live (2:04)
- 100_CORS_Live_Prefix_Match (4:00)
- 101_CORS_Live_Suffix_Match (4:11)
- 102_CORS_Mitigations (2:13)
- 103_CORS_Breakdown_of_ALL_Hackerone_Reports (10:55)
- CORSExploit