Live Hacking Tutorial: How to Think Like a Bug Bounty Hunter
Вставка
- Опубліковано 12 лис 2023
- Learn how to hack like a bug bounty hunter in this live hacking tutorial! In this video, I will show you how to find and exploit vulnerabilities in real time, using the same techniques that bug bounty hunters use to earn thousands of dollars every year.
This tutorial is perfect for beginners, but even experienced hackers will learn something new. I will cover everything from the basics of web application security to more advanced techniques like SQL injection and XSS.
By the end of this video, you will be able to think like a bug bounty hunter and start finding vulnerabilities on your own.
what is your notion template? you mentioned that you use notion and Im curious
Would be great if you create the python program for retriving the values from the form.
"SEAN, professional pizza maker (and eater!), can cut your hair also if required."LMAO🤣
great work ! I hope you continue making clips like this
GREAT VIDEO!!!..... How did you kno to type that in the GET REQUEST in Burp Suite?
Thankyou, followed along and learnt a lot, keep up the awesome work , 👍
Would love to see a video like this where you implement/script a scraper tool to automate the process. Great content 👍🏻
Thanks m8! And that is a great video idea wil add that to the list 🙏😁
Yes would like to see
Thats how i exploited my university's website 🤣.
best method : learn from practical experiments. ❤
Whaha love it 😂
Ur a god teach me masterr
What did you do to the website
@@goblinninja1234 just got access of my classmate's account(with their permission). and then reported to our HOD, about it.
I did that too when i was in my school, i got access to the admin cpanel acc through sql injection
Thank you so much for the good information!👍👍 I'm a bugbounty novice, and it's been a great help. By the way, are there any restrictions on the scan tools you use to run a bugbounty? I'd like you to let me know if you've experienced any examples
Hey m8 that depends from
The company, like some just doesn’t like automated scans and then they are restricted to 1 request a sec😁
Great introduction to this type of activity
I like your style!
Thank you 😊
That's a very good tutorial, really appreciate it. Anyway, could you share your wordlist you usually use when doing bug bounty?
You can use seclist for a lot of labs and in real the best is to make custom list for a target you can use a Python program or a language model 😁
You could use cewl to create a wordlist specific to the target.
Great 👍🏿
amazing job, i learned a lot. PLS DO MORE VIDEO LIKE THIS!!!!
Thanks a lot yes I wil try and focus more and more and these videos 😁
I love how much fun your having while hacking, I'm the same way I get excited every time I come across an anomaly I can exploit 👏👍
Amazing Vide! Loved it:)
im beginner bug hunter new to this channel want more videos about mindset and manuel aproach for bug bounty & more vidoes related to bug bounty i really hate automation i love manuel work and dig deep thank you brother
Thanks mate working on some more!!
doesn't scanning puts a pressure on the webpage server? don't we send requests continously while scanning ?
Good job bro. Thanks for this information.
Thanks for watching and supporting 🙏
awesome video. quality content.
Big thanks m8! Getting better every day but still a long way to go😃
are there other areas in cybersecurity except for bug bounty hunting? I really like infrastructure network bug hunting but not sure if they have a similar type of bounty programs.
Yea you can become a network expert and protect networks or try to find some bugs in it. Euh that is mostly done by a company because it has a lot more risk to just let everyone in the network. But there are great courses with labs😁
@@CyberSquad-JoinTheSquadagreed. Cause it kind pf related to the LAW. One wrong step then might go inside
@@shubhambajaj4939dude said teach him one to one lmaooo
Wonderful Hacking Tutorial Brother. Learned a lot. Tnx
Thanks m8🙏
ur videos are really helpfull thanks u will be soon big W guy
Thanks m8 loved the response! Just wanne help people to change their lives 😁
What i don't understand is even tho you found that xxs valun but since there is no way to make you js add to the website source code unlike having xxs valun when placing a order or something which results in our malicious js code being saved into data base and getting executed whenever someone opens out order but in this website case there nothing like that so can someone please explain me how it will help us? Yeah it a valn but not that useful since we just can't go and hijack someone user or admin session using this , I'm a beginner so please help if I'm not seeing the bigger picture here
Produto da ferramenta e paga correto?
Cool
Just do more video like this.
Thanks a lot
Thanks for the support I wil 😁
What if the Bug Bounty Program only allows me to scan like, 2 requests per second? This all is gonna take ages
Rare content, thank you i like it :)
Thanks you m8 😁
this good - here take joint bro
its awesome!
Very nice video 🎉
Thanks m8🙏
Will try the export target= It seems Nice
Yeah it helps a lot you command always stays the same 😁
I'm not a pro, but I immediately thought about exploiting ssrf with that redirection url...
Can you make a video on how to start, explore and find career path in cybersecurity.?
Yea sure maybe I call
Tell my story I got hired because of a project I made en the motivation 😁
After downloaded a bootatble kali linux distro. Then watching this is 👌
excellent
Thank you m8 🙏
i was like why does he not check order number 1-3 it would probally be snowy or the other guy emails
One question sir i wanted to come into bug bounty does i need to learn networking or just strt with practicals and tut on UA-cam
Nice video can you make more videos on SQL injection,ssrf and xss
Yes pls do
Thanks m8! Yes I I wil 😁
how many bugs have you found doing bug bounties?
admin.php is a file, so there is no use of doing dirb on it because its not a folder…am i right?
It depends on the dirb-busting tool used. GoBuster does not support file extensions, but there are tools that do e.g. FeroxBuster, which you can specify extensions to search for (e.g. php,html,asp,aspx, txt). Ferox will use the words in the specified wordlist, and append the extensions when fuzzing.
Top!
🙏🙏
Pls part 2
Yes I hope to record today and publish but my main pc broke 😅
in reality, burp will intercept one million useless request and just create an account recquire a lot of patience
How to hack Aviator
How to hack aviator game round plz help me
can you talk more about your origins 😃
Sure what you like to know? Discord wil be up soon to have a chat 😁
20:30 You missed multiple times that you use the wrong url on dir buster, and I notice this on smartphone...
19:30
Hello bro
Hello 😁
is this is how we perform Bunty Bounty?
are you a professional hacker??
Hey I’m a junior application security engineer so yes but still learning every day😁
you missed many more vulnerabilities
Imagine hacking someone via a UA-cam comment 😂
ua-cam.com/video/mALRt5SXMeI/v-deo.html
Can you help me hack an application lovley pet؟؟
Only if it is legal 😆
@@CyberSquad-JoinTheSquad😂😂😂🎉🎉🎉
honestly a horrible video, you talk through it and do stuff as if we fully understand everything you are using and talking about, but that is far from the truth. I don't know much about this stuff at all and I'm trying to learn how to do it, but if you don't explain how to use every single thing piece of everything than I get completely lost and want to close the video because I cant follow along. For example, I don't know how to work burpsuite or set it up, so when you're clicking around and doing things i cant follow along. You should include the entire process of EVERYTHING I don't care how long the video gets, I need you to talk to me like I know nothing about this stuff at all, because that's kind of the case.
I will try making some more basic vids mate 😁
Skill issue
There are other resources to learn how to use the tools you are unfamiliar with. You could look up a video on setting up a Kali Linux VM to start.. learning is a process.
guy thinks hes a hacker using typical programs. Dude cmon your brain smaller then your biceps for sure
I don’t think aim a hacker, I work in the field of cybersecurity and I don’t ask you to watch my videos. I love to see some videos where you show your skills and maybe I can learn some of that😁
Order ID 42069 lol
nice bro
Thank bro means a lot 🙏
ua-cam.com/video/mALRt5SXMeI/v-deo.html