It would be very helpful and interesting to have videos on: - How to quickly and efficiently write a bug report (templates, automation, AI and so on...) - What are the most common BBPs policies and practices for not breaking them (rate limit, automation limitations) - Burp suite: best extensions and when to use Thanks mate, love your videos and appreciate your work!
@@NahamSec yes we want demo, specially it would be great if you explain us XSS in deep like using the dev tools, inspecting the element, give us some deets about how backend XSS works, I really loved ur Bling XSS video :) it would be great if you build up on that
Am planning on being a full time bug bounty hunter this coming January, but my piggy bank is still behind ..if i could i would take your bug bounty course to fortify my skills..,gotta say your vids really motivate me..cheers!! from Botswana
Honestly, I care less about learning the hands-on-tutorials about specific vulns, I would much rather see a tutorial on how to enumerate a target and suggestions on how to learn the technology the target is using. What questions should I be looking to answer about that tech? How to check for previous CVEs on that specific tech? Then maybe most importantly, how can track data flow of the target with that specific tech in mind. The issue with seeing tutorials on specific attack types seems to be trying to attack the same few input fields for hours but ignoring the all the technology used on that webpage that would likely tell me, "Hey, this page is pretty secure, maybe keep digging into other subs/ends."
I love ya dude and you do a lot of for the community! But as someone who heard the same information from different sources what I would love to see is training, the secret sauce, and technique sharing. I know in bug bounty those things are held close to the chest but for someone stuck in the middle from beginner to practitioner, it would really help all us in that position to advance and level up. I would even be willing to pay. Thank you my friend Let's see that demo!
@@mugstep I'm sure jason haddix's course is full of information like that. At least enough for one to develop their own secret sauce but also I want to hear from different sources.
Yes, can we get a demo video showing how to look for these vulnerabilities. I just got my Sec+ and have been interested in learning more about bug bounty. Thanks for the video and get up the great work.
Hey Ben, It will be better to share step by step resources to learn, master and get confidence of hunting for a specific bug. :) It would be a really awesome content. People like me sometimes get confused how they could master a bug and how to learn that at an insane level to get out of average hackers. So I hope you'll make this content in near future.
Yes demos for all of them please please please I need to make extra money to afford my bills and I got 4 months left before I run out of money lol 😂 I want to learn and I want to be good Another video idea could be reading bug bounty scope of work properly sometimes they are confusing to understand fully
Hey Ben great video, we understand you cannot show real-time bug hunting, can you show us finding real time VDP bugs. I think actually see you do it would me really motivating. Thanks a lot and keep it up!
He can't, its mostly because if someone sees the vulnerability they can go and hack the company before they fix it not because someone might jack your report And take your cash before you can report it . Cool name by the way 👽👽👽
it will be very much helpful to us, As a beginner we try to understand to of the vulnerability's and lost our most of the time's, If you do the hand's on video, may be it can push us to do more hand's on practice
For a new starter which bug bounty platform would you recommend; does it really matter whether we pick H1 / Bugcrowd VS a smaller place like Intigrity with less competition surely? 😊
Do you think burpsuite pro is worth while if im just starting out. Almost done with the CBBH course from htb and then doing portswigger labs. I need burpsuite pro to do the portswigger certification though and not sure if its worthwhile if im just starting out
Hi Ben, awesome video once again, would love for you to post more content on IDORs and Authorization Issues. Just by the way you don't need to click bait me to get to watch your videos, the whole reason I subscribe to you is cos your content is excellent. I would watch it anyways and support you any day. Would some day love to make a $500 Bounty (IA) but it takes a lot of practice and I just need to get my butt away from streaming crap in the evenings and studying. Thank you once again. Keep up the great work. 😉
i would love to see a hands on version. I've had hands on computers and networks since 1983, compulsively consume bug bounty education, have hunted multiple bounty programs and just can't even seem to even find dups....i can't, won't, and refuse to give up on this. i've always been the computer/network tech/ guy on the blue side and just can't help but to think i just can't seem to think nefariously enough to be the "red-teamer"... wtf (btw, you are my fucking hero yo!)
Hello NahamSec, i would like to thank you for this video. Kindly please make video how to bid for the bounty on bugcrowed or intigriti platform from start to send report. Thanks
📚 Purchase my course and learn about bug bounty hunting with over 11 hours of content, 100+ labs, and 15+ vulnerability types 👇
hhub.io/HWTl-LpLF0
Hands-on demo would definitely be a great way to absorb and ultimately solidify this content in the old brain! Thank you, Ben!
● [1:41] Prerequisites: HTML, Web Technologies
● [1:57] #1 - XSS
● [4:03] #1(2) - CSRF
● ● [4:11] Burp Suit PRO : "Engagement tools" -> "Generate CSRF PoC"
● [6:22] #3 - IDOR
● [8:46] #4 - Authorization Issues
● [10:34] #5 - Leaked Credentials
bro doing social service 👍
It would be very helpful and interesting to have videos on:
- How to quickly and efficiently write a bug report (templates, automation, AI and so on...)
- What are the most common BBPs policies and practices for not breaking them (rate limit, automation limitations)
- Burp suite: best extensions and when to use
Thanks mate, love your videos and appreciate your work!
Great one, would be great one to get those!
Hey! Would love to see the demo videos on each vulnerablity type.
Noted!🫡🫡
@@NahamSec yes we want demo, specially it would be great if you explain us XSS in deep like using the dev tools, inspecting the element, give us some deets about how backend XSS works, I really loved ur Bling XSS video :) it would be great if you build up on that
@NahamSec I would really love to see demo video of IDOR
Plse do vedio
Video vulnerability examples would be great.
Yes please do a demo of the vulnerabilities. Love your encouragement! Your videos always pump me up!
Thanks for watching and thank you for being a channel member! 🙏
of course! I hope to meet you at defcon in the future. Your content has been so impactful for me. @@NahamSec
CSRF and IDOR hands-on tutorials would be interesting. Would love to see some handy tricks for when our attacks aren't working.
this channel is literally a goldmine, don't understand how it's only 105k subscribers
Am planning on being a full time bug bounty hunter this coming January, but my piggy bank is still behind ..if i could i would take your bug bounty course to fortify my skills..,gotta say your vids really motivate me..cheers!! from Botswana
dont
Yes! I would very much want to see more hands on videos on these bugs :) Your videos are awesome always!
Yes, would absolutely love a hands on video on each of all the topics!
1. XSS
2. CSRF
3. IDOR
4. Auth Issues
5. Leaked Creds
Listen $500 is a lot for me and thank you so much for this video! I am going to focus on Blind XSS and start your Udemy course thank you!
Did you make some money? How did it go?
A hands on version of this video where you can make some labs will be highly appreciated. Thanks for the cool heads up !!
Yes i would genuinely love to see and would definitely watch hands on demo videos of each vulnerability type
Honestly, I care less about learning the hands-on-tutorials about specific vulns, I would much rather see a tutorial on how to enumerate a target and suggestions on how to learn the technology the target is using. What questions should I be looking to answer about that tech? How to check for previous CVEs on that specific tech? Then maybe most importantly, how can track data flow of the target with that specific tech in mind. The issue with seeing tutorials on specific attack types seems to be trying to attack the same few input fields for hours but ignoring the all the technology used on that webpage that would likely tell me, "Hey, this page is pretty secure, maybe keep digging into other subs/ends."
Yes, Love the content and would love you to do a demo of the vulnerabilities.
Yes please! You really talanted tutor! It easy to understand and follow you. Thank you a lot xx
If I get $500 based on content made available for then I will purchase your course based on that. Good luck to you too!
I love ya dude and you do a lot of for the community!
But as someone who heard the same information from different sources what I would love to see is training, the secret sauce, and technique sharing. I know in bug bounty those things are held close to the chest but for someone stuck in the middle from beginner to practitioner, it would really help all us in that position to advance and level up.
I would even be willing to pay.
Thank you my friend
Let's see that demo!
You just unlocked how bug bounty hunters really make money.
@@mugstep 🤣🤣
I'm going to assume lots of sarcasm in that comment to which in hindsight.
I completely agree.
@@mugstep I'm sure jason haddix's course is full of information like that.
At least enough for one to develop their own secret sauce but also I want to hear from different sources.
I would love more videos like this from you. Very helpful. Thank you
Please do a hands on version of each vulnerability . Thank you man ❤
That’d be awesome to see a demo video. Keep up the great and educational content! 🙌
Yes, can we get a demo video showing how to look for these vulnerabilities. I just got my Sec+ and have been interested in learning more about bug bounty. Thanks for the video and get up the great work.
Gold! Cant wait to see the demo of those vulns, thanks ben!
Hey Ben, It will be better to share step by step resources to learn, master and get confidence of hunting for a specific bug. :) It would be a really awesome content. People like me sometimes get confused how they could master a bug and how to learn that at an insane level to get out of average hackers. So I hope you'll make this content in near future.
This was a very informative video. I think that you should make a video with each of the vulnerabilities you spoke about.
Needs brother these types of beginners friendly bugs and how to test for it it's very helpful.
Looking forward too see these types of videos.
Yes Ben, Please also provide a demo of all those vulnerabilities :)
Yes Naham we would love to see a hands on demo!
I would love to see a hands-on video of this. That's exciting to hear.
Would love more in-depth videos on each topic mentioned!
I like this content. Yes NahamSec, please do more videos. Thank you.
i want a hands-on version of this. I love these videos.
Yes.... The content is really good... Looking for demo video on each vulnerability
This is amazing! I want to find my find my first live bug, paid or not before the year end. I would love the video demo.
I am looking forward to seeing a demo of those vulnerability types :)
Yeeees hands on videos and thank you so much ffor this content
Glad you like them!
Honestly learned a lot really fast, clickbait was worth it 😂
It would be awesome to see a video on encoding. Both from a defensive point of view and as a method of obfuscation.
Man, for god sake i love your content
Def would love to see the demo. Very informative
Hey! I Would love to see the demo videos on each vulnerablity type.
It was very helpful for me. Good approach and techniques. Share your practical knowledge also.
your videos are great Sec. Thanks for the knowledge
Do a demo. We are eager to see that is possible. Nice and educational video by the way! Thanks.
I'd love to see a video on Authorization issues.
Though I've found some, but I feel I am missing something.
Yeahh, please do demo vids on them. And practical low hanging fruits
Yes we would like to see videos on each vulnerability
Yeah practical explanation video needed naham ❤
Yes demos for all of them please please please
I need to make extra money to afford my bills and I got 4 months left before I run out of money lol 😂
I want to learn and I want to be good
Another video idea could be reading bug bounty scope of work properly sometimes they are confusing to understand fully
чувак, спасибо тебе за этот ролик! он полезный , круто! продолжай в том же духе 🤘
Хотелось бы подробнее с примерами о : SSRF, CSRF.
Want to see those demos! 🤘🏻
We want full video hands on each concept ❤
Thank you for the video. My question is --
How do we find XSS if X-XSS-Protection header is placed on every page of a webpage?
Hands on videos yessssss
Yes we want to see the hands on lab videos. About xss do you recommend kxss to see what is reflected?
appreciate Ben, Really amazing content.., well we want more content like this, but missing streams and interviews.
Love these videos❤
Hey great video, I have a question how to get pentests or rather how to get into pen-testing.
it would be helpfull if you can share demo on how to find this vulnerabilities, thank you
Now i am waiting for nxt Monday
Already?
You're the best bro my role model ❤
I appreciate that
Thanks for the video!!
make a video on authorization issues I would definitely watch that
Hey Ben great video, we understand you cannot show real-time bug hunting, can you show us finding real time VDP bugs. I think actually see you do it would me really motivating. Thanks a lot and keep it up!
He can't, its mostly because if someone sees the vulnerability they can go and hack the company before they fix it not because someone might jack your report And take your cash before you can report it . Cool name by the way 👽👽👽
I have done this before :) Check out my Redbull video, REDACTED, and bug bounty stories!
maybe web tech video will be awesome, some common places to look for, like in swagger ui have xss with low-medium impact
it will be very much helpful to us, As a beginner we try to understand to of the vulnerability's and lost our most of the time's, If you do the hand's on video, may be it can push us to do more hand's on practice
Yes. Need demo for the vulnerabilities.
I love anything cyber so im in. Especially on current bugs and news....Also duhhh show us the hands on.
Do a hands-on video of each please!
Dude, clickbait us all you want. LOVE your videos! ❤🔥
🙌
Can you make videos for mastering a vulnerability or the most vulns needed alot of thinking to make the vuln have more impact
Demo video please! This is awesome content!
Yes demo will be very helpful
For a new starter which bug bounty platform would you recommend; does it really matter whether we pick H1 / Bugcrowd VS a smaller place like Intigrity with less competition surely? 😊
Yes, please, the video will be awesome.
Love the vid. Yes, please do demos...
yes, please make demos on the mentioned vulns
Yes I would love to see a demo
Hands on video showing how to find these vulnerabilities plsss
We want demo for each of those five.
Hands-on demo would definitely be a great
Do you think burpsuite pro is worth while if im just starting out. Almost done with the CBBH course from htb and then doing portswigger labs. I need burpsuite pro to do the portswigger certification though and not sure if its worthwhile if im just starting out
Hi Ben, awesome video once again, would love for you to post more content on IDORs and Authorization Issues. Just by the way you don't need to click bait me to get to watch your videos, the whole reason I subscribe to you is cos your content is excellent. I would watch it anyways and support you any day. Would some day love to make a $500 Bounty (IA) but it takes a lot of practice and I just need to get my butt away from streaming crap in the evenings and studying. Thank you once again. Keep up the great work. 😉
Actually, when played your videos liked them at the very beginning 😅😅😅
Theory + Demo 💯
Yes please do a demo video.
Very good video, would like to see demos.
yes absolutely a demo would be great
You're a good person Ben.
Yes, please create a video on those 5 vulns, but maybe less focus on csrf? Random thought.
We'll see. I think there are a few good CSRF tricks I can show you guys though!
Yeah please sir!! Wanna know csrf in deep @@NahamSec
@@NahamSecI’d be interested in that
Great video. Appreciate the advice, and yes I'd like to see a hands-on. Any help I can get is always welcome.... Please?
i would love to see a hands on version. I've had hands on computers and networks since 1983, compulsively consume bug bounty education, have hunted multiple bounty programs and just can't even seem to even find dups....i can't, won't, and refuse to give up on this. i've always been the computer/network tech/ guy on the blue side and just can't help but to think i just can't seem to think nefariously enough to be the "red-teamer"... wtf (btw, you are my fucking hero yo!)
Yes we do need a hands on explanation :)
Would like to see a demo video and I like the content
can you please make a video on authorization ?
awesom video bro
Yes demo of all the vulnerabilities plz
What do you think about tool nuclei?
can't wait to see demo
Hello NahamSec, i would like to thank you for this video. Kindly please make video how to bid for the bounty on bugcrowed or intigriti platform from start to send report. Thanks