Cody Brocious

New Hacker101 Content: Threat modeling, Burp basics, and more

New Hacker101 Content: Threat modeling, Burp basics, and more

Since January, thousands of hackers have expressed their enthusiasm for the first Hacker101 content drop (almost 80,000 total video views and more than 8,800 stars on GitHub in just five months!). Now it's time to take things to the next level. We've prepared amazing content through the end of the year and will be releasing one lesson a month, starting this month. Our early content demonstrates how to identify and exploit some of the most common bugs.

Now we're expanding with two big goals: teaching you how to explore an application to find deeper and more interesting bugs and showing you how to get paid the highest possible bounty by writing the best possible reports. Proper application of these techniques will help you find better bugs, make more money, and make the internet safer.

Planned Content for the remainder of 2018 (download the syllabus):

  • May                           Lightweight Threat Modeling
  • June                         Writing Good Reports
  • July                            Introduction to Burp Suite
  • August                     Intermediate Burp Suite Techniques
  • August                     Advanced Burp Hacks for Bounty Hunters
  • September           Secure Architecture Review
  • October                  SSRF
  • November             Source Review Techniques
  • December             Cookie Tampering Techniques & XML External Entity Attack

I hope you're as excited as I am about the lessons to come! You can view all the lessons on GitHub.

Happy breaking,

- Cody Brocious (Daeken)


HackerOne is the #1 hacker-powered security platform, helping organizations find and fix critical vulnerabilities before they can be criminally exploited. As the contemporary alternative to traditional penetration testing, our bug bounty program solutions encompass vulnerability assessment, crowdsourced testing and responsible disclosure management. Discover more about our security testing solutions or Contact Us today.

The 7th Annual Hacker-Powered Security Report

Hacker-Powered Security Report