1. Persistence 2. Automation 3. Quality Educational Resources(Pentesterlab, The web application hacker's handbook) 4. Collaboration 5. Community 6. Health 7. Know the basics 8. Do what you're good at 9. Hack where there's less competition 10. Just Start
See, I'm looking for videos on hunting bugs, like irl bugs, moths, bees, butterflies, beetles, THAT type of bugs. And I sat here SO confused for a solid couple minutes- anyways, still a great video! Really well put together
Brother I must say . I love the way you Communicate very down to earth and trying to help other . Just subscribed for you're Greta attitude . Keep on doing great works .
Damn damn damn, I've been following you on twitter and I am one of the first people to sub as I know your worth man I'm sharing your channel and videos so that many people can get your valuable tips and knowledge ♥️ thank you so much man for doing this for us.
I've learned how to use nmap recently and made a script that takes the IPs of all subdomains and pipes it threw nmap and the stores the results in its own directory and file. Im very stoked on what I've learned
I got involved in the 'hunting' less than a week ago. I really got obsessed and went through 100/200 topics, videos, websites, hunters, tweets, etc ... and you are the first one to mention OWASP Top 10 + the Fundamentals metaphor, this touched me a lot and I think it's the most important, together with the Persistence ( and Curiosity ). THANK YOU for your contributions and existence 🙏
This is really a great video that everyone must watch in their initial phase of bug hunting. This should be the actual guide .. great work ✌️.. this helps me 😇
I love your way to see things, and not just about bugbounty,but life in general (when u talked about the law of the universe , for example). Amazing tips ! Can I ask you ... because that really gave me motivation...You really believe that with hardwork and dedication a guy thats just a beginner could achieve something as bugbounty? Sometimes it looks like its really difficult... today I was studying xss and men... It looked really hard and almost impossible to learn! And other thing if you may... About collaboration... U think there is somebody that wants to collaborate with an beginner in this world? Thanks for your videos! Keep up with this great content! 🙏
Absolutely - everyone who is successful in anything was a beginner once, and now they're successful! You would be able to find some people to collaborate with in the various bug bounty discords and slacks around the place :)
@@hakluke Thanks for your kind words 🙏! It really helps! Im still on the getting knowledge phase before try real bugbounty. Can u advice some discords? Im on bugcrowd and h1. Thanks for your time
I could see two different titles and more are close to each other The Web Application Hacker's Handbook: Finding and Exploiting Security Flaws he Web Application Hacker's Handbook: Discovering and Exploiting Security Flaws Any specific version or edition you refer?
I have one question, I picked a relatively small program to start with, how much time should we invest in such a program before we move on to another program in case we are unable to find anything?
There really isn't a correct answer to this, it depends on the program and your skill set. I'd say if you feel like you've exhausted everything on that program - time to move on.
Do you think it's possible to get into bug bounty hunting if you don't come from a Dev background? And if yes, where do you think would be the best place to start, or what skills to focus on?
Heard a friend talking about this and wanted to check it out. Been surfing youtube. My problem is there is no foundation to start on. People say there is so many different way to do this that there is no one way. You have to start where your skills are at or what you're passionate about. I know nothing about any of this but it does interest me. I do have a small background in networking but that is all. Did you find your answer on were to start? If so please give details.
I am just starting out and cam across your blog about automating sub domain takeover recon. It seems a good starting point. Would you still recommend subfinder over amass ?
Hey buddy great video. When you say get involved in the community, do you mean discord? What exactly do you mean? If you do mean discord it’d be great to have some links 🙏
@hakluke What all can be automated and how can be , can you please make a video on that, thanks for your support, i heard you saying for that to automate stuff for consistency, Appreciate in advance
Hello, sir, I had watch your video in bugcrowd (How to Crush Bug Bounties in the first 12 Months) and I am totally confused that you talk about bug bounty automated and earn passive income that means you explain about investing or something. could you plz explain sir
i just have a question , i am hunting only 2h up to 3h every day the rest of my time trying expanding my knowledge , so should i expend more time in hunting then learning , i just try full time hunting every Thursday but also no result at all
I wanna do this, but isnt it weird to just rely on that trust? Like you tell a company "hey, look, this is broken and this can happen" then what if the company ignores you and just fixes that? Or do you make some kind of a contract before looking for their bugs?
I guess you told in a video smtime ago Like start trying(may be in this video only.. I m bit on drinks.. hving trouble figuring out, sorry) .. I hv started actively after seeing your video though.. and, thanks to you.. I was just learning labs on portswigger n wen I tried exploring with bit free hand after ur advice to try, I came across subdomain takeovers. Wealth of knowledge out there on so many things.. and, actually before that I tried checking Real companies from hackerone after ur advice to try. And, what I saw in labs n wat I was seeing wen intercepting real things was like, if I hv to say, disappointing, scary n heart wrenching. It’s as if I thought Like I cud find a bug but the site was literally humiliating me. What can we do except for learning things like an amateur🤭.. I will keep trying.. I may fail again n again n again.. thanks for valuable words💐
If I hv to confess shamelessly, I get scared wen I see so mny requests rolling in burp proxy with just a single click on website. Whatever concepts I hv learned don’t seem applicable there. It frustrates.. may b tats y ppl like hakluke advise to try n Feel it.. I m trying wen I can.. let’s see😐😴
Wow,,never see you,,no 8 oufff you want to kill me,,listen a 2 first minute and i’m totaly stuck on your parole......long time no see,and never write that....new wold,peace
1. Persistence
2. Automation
3. Quality Educational Resources(Pentesterlab, The web application hacker's handbook)
4. Collaboration
5. Community
6. Health
7. Know the basics
8. Do what you're good at
9. Hack where there's less competition
10. Just Start
thanks
Nice to hear u
Bruh THAAAANK YOOOOUUUUU 😅❤❤
See, I'm looking for videos on hunting bugs, like irl bugs, moths, bees, butterflies, beetles, THAT type of bugs. And I sat here SO confused for a solid couple minutes- anyways, still a great video! Really well put together
😂😂
Brother I must say .
I love the way you Communicate very down to earth and trying to help other .
Just subscribed for you're Greta attitude .
Keep on doing great works .
Damn damn damn, I've been following you on twitter and I am one of the first people to sub as I know your worth man I'm sharing your channel and videos so that many people can get your valuable tips and knowledge ♥️ thank you so much man for doing this for us.
Thank you!
I've learned how to use nmap recently and made a script that takes the IPs of all subdomains and pipes it threw nmap and the stores the results in its own directory and file. Im very stoked on what I've learned
I like the way you touched on health, most people ignore it, thanks for the video
Very first video I watched fully on UA-cam ❤️the way you speak hits different ❤️ HUMBLE ❤️ Respect to you sir❤️
I got involved in the 'hunting' less than a week ago. I really got obsessed and went through 100/200 topics, videos, websites, hunters, tweets, etc ... and you are the first one to mention OWASP Top 10 + the Fundamentals metaphor, this touched me a lot and I think it's the most important, together with the Persistence ( and Curiosity ).
THANK YOU for your contributions and existence 🙏
After watching your video i am gonna take 100 days of learning challenge and will update it regularly 👍👍
This is really a great video that everyone must watch in their initial phase of bug hunting.
This should be the actual guide .. great work ✌️.. this helps me 😇
Could not agree more about the health side of thing. I have been the one man I.T army who's always on call 24 /7 - it doesn't end well
Its really good motivator and brings more energy after seeing this video. Also, clearly explained the tips based on your experience
Hey Luke, did somebody told u that u r awsm in explaining n teaching things ? Awsm video n tips 👍
Thanks for these tips, I'm just starting out bug bounty hunting.
I love your way to see things, and not just about bugbounty,but life in general (when u talked about the law of the universe , for example). Amazing tips ! Can I ask you ... because that really gave me motivation...You really believe that with hardwork and dedication a guy thats just a beginner could achieve something as bugbounty? Sometimes it looks like its really difficult... today I was studying xss and men... It looked really hard and almost impossible to learn! And other thing if you may... About collaboration... U think there is somebody that wants to collaborate with an beginner in this world? Thanks for your videos! Keep up with this great content! 🙏
Absolutely - everyone who is successful in anything was a beginner once, and now they're successful! You would be able to find some people to collaborate with in the various bug bounty discords and slacks around the place :)
@@hakluke Thanks for your kind words 🙏! It really helps! Im still on the getting knowledge phase before try real bugbounty. Can u advice some discords? Im on bugcrowd and h1. Thanks for your time
Thank you for this video, it's an energy boost for me!
Amazing content! Subscribed, greetings from Chile.
I really needed to hear this advice and I didn't even know it. Thanks a lot! Cheers from Argentina
Fantastic content man! Thank you for this.
Outstanding advice mate - keep this type of thing up, people need to hear it! 🤙 cheers from BNE, AU
Thanks Justin! We live in a great city!
Luke, can you make your own discord server, please?
Excellent 10 tips Luke! Thanks a lot from Argentina ... Also you make top toolz in Github!
God bless you for the direction...good man
another amazing person on youtube !!!
just subscribed 😚😚 😍😍
Thanks Master Luke , building my Skyscraper foundation :)
Nice one ;)
brilliant vid man. helped me alot
I could see two different titles and more are close to each other
The Web Application Hacker's Handbook: Finding and Exploiting Security Flaws
he Web Application Hacker's Handbook: Discovering and Exploiting Security Flaws
Any specific version or edition you refer?
Luke you are the best! Can you share tips on how to script the automation part efficiently?
Great person and great video! Nothing but the best for luke!
I have one question, I picked a relatively small program to start with, how much time should we invest in such a program before we move on to another program in case we are unable to find anything?
There really isn't a correct answer to this, it depends on the program and your skill set. I'd say if you feel like you've exhausted everything on that program - time to move on.
@@hakluke thanks! Really appreciate it! ❤️
Do you think it's possible to get into bug bounty hunting if you don't come from a Dev background? And if yes, where do you think would be the best place to start, or what skills to focus on?
Yes it is possible, and I'd follow the steps in this video :) Also checkout my talk from levelup on the same topic.
Heard a friend talking about this and wanted to check it out. Been surfing youtube. My problem is there is no foundation to start on. People say there is so many different way to do this that there is no one way. You have to start where your skills are at or what you're passionate about. I know nothing about any of this but it does interest me. I do have a small background in networking but that is all. Did you find your answer on were to start? If so please give details.
We want another one 🔥🔥 waiting !
All checked except 2 and 4... Poor in automation and collaboration... You explain well within words... Keep going... Kudos..
Can you make a video series on how hackers should get started with coding
I am just starting out and cam across your blog about automating sub domain takeover recon. It seems a good starting point. Would you still recommend subfinder over amass ?
What tool do we use to automation
Hey buddy great video. When you say get involved in the community, do you mean discord? What exactly do you mean? If you do mean discord it’d be great to have some links 🙏
Hey @hakluke, can you add timestamps for the upcoming videos? Might be really helpful.
Sure :)
does pentesterlab help for someone who doesnt have any it background??
Thanks for starting the channel 😃
Hakluke rocks.
Thanks for sharing Luke Bro
Do bug bounties include attacking the actual server or network as well? Like Hackthebox CTF style?
Depends on the scope, but generally yes
03:21 fresh programs, new target, new subdomains, new ip adress range, acquisitions, changes to DNS records, endpoints, refurbished the website
@hakluke What all can be automated and how can be , can you please make a video on that, thanks for your support, i heard you saying for that to automate stuff for consistency, Appreciate in advance
Excellent Video , loved it , keep doing more videos .....
sorry how long did it take you to find your first bug my Man?
Hakluke is the best.
I also work for bugcrowd and have been struggling a bit...
What are the basics we need to know other than Burpsuite? I am learning JavaScript and python. I'm a beginner. Tips?
Hello, sir, I had watch your video in bugcrowd (How to Crush Bug Bounties in the first 12 Months) and I am totally confused that you talk about bug bounty automated and earn passive income that means you explain about investing or something. could you plz explain sir
i just have a question , i am hunting only 2h up to 3h every day the rest of my time trying expanding my knowledge , so should i expend more time in hunting then learning , i just try full time hunting every Thursday but also no result at all
Take my subscription 🤪
Thanks heaps mate!
Hope you're well haxormad!
@@hakluke Yes I am 😁
Hoping you doing well alongside the fam there!
Thank you for the awesome video !!
sir make a series for developing tools/scripts related to bash
I wanna do this, but isnt it weird to just rely on that trust? Like you tell a company "hey, look, this is broken and this can happen" then what if the company ignores you and just fixes that? Or do you make some kind of a contract before looking for their bugs?
Then next time to you find one you sell it online lol
Good content keep going
thanks man for this great video❤
Thanks for commenting!
Love your content brooooooooooo !!
i dont know how to find a community? can u give me a example
Thank you Luke
Where would i go to find some collaborators? I think its easier to learn in a group, need to find a good group
I've been practising for sometime recently and open to collab
@@nithinravi10 on Instagram or Twitter I will dm u
@@robertfling6173 do you mind if i join too?
@@brandonroldan5430 and if you don't mind me too
@@robertfling6173 Drop by your discord sir, I'll dm you.
Awesome man with the awesome video.:D
Ty
Is real world bug bounty hunting 2019 book is good for beginners
I have not heard of it
@@hakluke its a revised version of web hacking 101
Awesome content 😯
Really good, it helps
Amazing video Keep up
Thanks!
Thank You ❤️❤️❤️
Can you make a video for how to make an automation script for monitoring or scanning a certain stuff ... thanks for your help.
We shall see!
Thank you😊
Thanks man 🧑❤️
Thanks a lot
Thanks man...
Just started
Awesome tips!
makeMORE.exe !!!!!!!!!!
Love ya man ^^ thank you for that !
thanks for this video
Bro please share you bug pocs🥰
Persistence 💯💯💯
Thank you
Ok Sir
I guess you told in a video smtime ago Like start trying(may be in this video only.. I m bit on drinks.. hving trouble figuring out, sorry) .. I hv started actively after seeing your video though.. and, thanks to you.. I was just learning labs on portswigger n wen I tried exploring with bit free hand after ur advice to try, I came across subdomain takeovers. Wealth of knowledge out there on so many things..
and, actually before that I tried checking Real companies from hackerone after ur advice to try. And, what I saw in labs n wat I was seeing wen intercepting real things was like, if I hv to say, disappointing, scary n heart wrenching. It’s as if I thought Like I cud find a bug but the site was literally humiliating me.
What can we do except for learning things like an amateur🤭.. I will keep trying.. I may fail again n again n again..
thanks for valuable words💐
If I hv to confess shamelessly, I get scared wen I see so mny requests rolling in burp proxy with just a single click on website. Whatever concepts I hv learned don’t seem applicable there.
It frustrates.. may b tats y ppl like hakluke advise to try n Feel it..
I m trying wen I can.. let’s see😐😴
Thankyou 🙂
A gem 💯
Crushing bug bounties with 15k others
Awesome 👍
1:20 damn same!
Thanks, this was really good and motivating. Liked, subscribed and press that bell icon! ( :
thanks!
For the second tip...I want to add...Just learn bash stuff
Here, take my sub.
Hope you're well Ceos3c!
Love from Pakistan
❤️
You rock man!!!!!!
Tips❤❤
"get enough sleep" ehhhhhmmmmm
subscribe button: [on fire]
Wow,,never see you,,no 8 oufff you want to kill me,,listen a 2 first minute and i’m totaly stuck on your parole......long time no see,and never write that....new wold,peace
Love u 3000