TCM is recommended to anyone with little to no knowledge about cybersecurity in general. I’m preparing for OSCP and didn’t know where to start but tcm made is super easy.
This free video covers a lot more topics than a course. I really appreciate what you guys are doing. I really like watching your videos. Love from India Sir.
Thanks, guys. I bought the Pnpt and a 3 month membership mainly for this course, during the sale. Thought I'd be able to complete it too with PNPT. Kinda overestimated myself and am still working through PEH. 10th March my monthly subscription ends, and I don't think I can afford it anymore. Was really sad that this one will remain incomplete. At least now I know that even if my subscription ends, I can still cover some part of the curriculum because of this upload.😢
Thank you, Heath, for providing us with this amazing information, we all need to learn the Practical aspects of Bug Bounty especially for some of us that would like to earn some extra cash.
Yes this is the first half of the practical bug bounty he also has a free complete course on ethical hacking if you're wanting to be a Penetration Tester ua-cam.com/users/results?search_query=practical+ethical+hacking+-+the+complete+course @@Manas0_0
I have a doubt. IF the scope says that automation tools are not allowed, is this related only for vuln scanners or to all other tools, like directory/asset discovery. Tools like ffuf, gobuster, etc.
Using curl on APIs in room 5 returns generic error, regardless if I copy the command from the room or try with credentials from tutorial (those creds are not visible to me). {"status":"error","message":"Required fields missing"} Tried resetting the lab and db with init.php still nothing. Time stamp: 4:12:28 Edit: For anyone that has this problem, json username and password fields were missing double quotes
im really weak in web apps compared to network, this is incredibly helpful. Thank you. Is the TCM course for practical bug bounty more in depth than this youtube video?
If anyone else ran into an error when setting up the lab stating "'172.20.0.4' is not allowed to connect to this MySQL server in /var/www/html/db.php". I was able to resolve this by removing the volumes for the mysql container, bb-db, in the compose file
I am having a problem, I cannot open the Lab locally, what is the local host port it's running on? In the video he just went to localhost without any port or IP
im having trouble with the api labs, server keeps responding with missing fields and i didn't manipulate the prepared requests, i copy pasted them into my terminal.
Hello Heath/others/comments, I need help with Burpsuite, feel free to to send advice my way, but it just won’t work for me. If it’s a server thing, I’d understand, but I have the certificate and everything installed in my Linux machine, yet it still won’t work, advice? I’d appreciate it. Edit: I have figured out what to do, but do you have to keep manually forwarding traffic? Wish there was an automatic way.
@@TCMSecurityAcademy Thanks, what course in you website do you recommend to start, i am a freshman in cybersecurity and networking, another question is is true that Most programs follow a "first-to-report" rule, meaning only the first hacker to discover and report a specific vulnerability gets the reward.. thanks for answering
when i run the curl command to get information, i get a 403 error, i tried bypassing this with the “-c cookie.txt” option, but the results aren’t satisfactory. anyone else experiencing this?
TCM is recommended to anyone with little to no knowledge about cybersecurity in general. I’m preparing for OSCP and didn’t know where to start but tcm made is super easy.
This free video covers a lot more topics than a course. I really appreciate what you guys are doing. I really like watching your videos. Love from India Sir.
I"ve got a subscription to TCM Academy but I just wanted to show some love here. You guys are awesome. Thanks for all you do for the community
Taking the PJWT (the relevant cert for this course) tomorrow! Massively excited to put what I’ve learned to the test!
Good luck! I wanna take it too
Good luck! 💜
Good luck my friend
Good Luck!
Good luck!
Thanks, guys. I bought the Pnpt and a 3 month membership mainly for this course, during the sale. Thought I'd be able to complete it too with PNPT. Kinda overestimated myself and am still working through PEH. 10th March my monthly subscription ends, and I don't think I can afford it anymore. Was really sad that this one will remain incomplete. At least now I know that even if my subscription ends, I can still cover some part of the curriculum because of this upload.😢
How's is the tcm Security Courses?? Are they worth it in terms of skills and do they provide practical lab to practice??
Thank you, Heath, for providing us with this amazing information, we all need to learn the Practical aspects of Bug Bounty especially for some of us that would like to earn some extra cash.
Best course for a bug bounty I have seen for now
Currently doing the PNPT. Enjoying it. More so than the PEN-200
Thank you, Heath, for providing us with this amazing information!
What you learned after completing this ?
Can't believe this premium content available for free
Awesome, I'm doing this on the TCM website right now. :)
Is this the exact first part of that website course?
Yes this is the first half of the practical bug bounty he also has a free complete course on ethical hacking if you're wanting to be a Penetration Tester ua-cam.com/users/results?search_query=practical+ethical+hacking+-+the+complete+course @@Manas0_0
Awesome video guys, thanks. Ill be coming over to your website to take some training soon.
Awesome! Here's a link to our bug bounty course: www.tcm.rocks/pbb-y
Let's go! 🔥
I have a doubt. IF the scope says that automation tools are not allowed, is this related only for vuln scanners or to all other tools, like directory/asset discovery. Tools like ffuf, gobuster, etc.
It's related to vulnerability scanners only like nuclei
@@prathmeshchaudhari7613 Good to know .. thanks !!
@@soanzin welcome!
Heath with another fat W taking care of the noobs (like me) !
Hey.... Dear,
Can I run this BugBounty-v1.1 LAB on my Windows OS...???
Thanks always for the free content. Can we get the Detection engineering for beginners course content please? Thank you!
I love this! Thank you so much!
Great resource for 2024
Using curl on APIs in room 5 returns generic error, regardless if I copy the command from the room or try with credentials from tutorial (those creds are not visible to me).
{"status":"error","message":"Required fields missing"}
Tried resetting the lab and db with init.php still nothing. Time stamp: 4:12:28
Edit: For anyone that has this problem, json username and password fields were missing double quotes
im really weak in web apps compared to network, this is incredibly helpful. Thank you. Is the TCM course for practical bug bounty more in depth than this youtube video?
Love your Videos......awesome
i want to give italian kiss to this course>>>>>😗
i love you TCM.
Please upload the full course
Thank you Heath
i have a question. in the rules for azena program.
it said request_header: X-Intigriti-Username: {Username}
how to add it?
@16:40 I thought the dog snoring in the background was mine.
Is it a full detail course on bug bounty?
Question - what makes an "automated tool"? Wouldn't brute forcing count as an automated tool? Great video by the way, thanks.
If anyone else ran into an error when setting up the lab stating "'172.20.0.4' is not allowed to connect to this MySQL server in /var/www/html/db.php". I was able to resolve this by removing the volumes for the mysql container, bb-db, in the compose file
I wish I could start hacking so I can make money to subscribe to this course 🤦♂️
We have a free tier of courses on the way!
Very awesome Content
If there is scope given in bb program do we need to do directory bruteforcing?
Brute force the domain that's in scope at a rate that won't flood the programs defense team
I am having a problem, I cannot open the Lab locally, what is the local host port it's running on? In the video he just went to localhost without any port or IP
im having trouble with the api labs, server keeps responding with missing fields and i didn't manipulate the prepared requests, i copy pasted them into my terminal.
Capstone folder is missing in Google drive link
thanks for the great video
however, i cannot access the lab as my kali linux keep saying i cant install docker-compose
any alternative guys
Hello Heath/others/comments, I need help with Burpsuite, feel free to to send advice my way, but it just won’t work for me. If it’s a server thing, I’d understand, but I have the certificate and everything installed in my Linux machine, yet it still won’t work, advice? I’d appreciate it.
Edit: I have figured out what to do, but do you have to keep manually forwarding traffic? Wish there was an automatic way.
if want to intercept, it will be needing to manually forward req
How to download lab ?
Please sir hope you are having a wonderful time
How can i get the course lab sur
where to go from here?
Cool !
2:40 is it free??
Aye!
1:50:00
❤
This video is more detailed about Burpsuite...
Cool
4:29:14
Can you really make money out of bug bounty??
You can! Amount will vary but it is possible to make money off bug bounty.
@@TCMSecurityAcademy Thanks, what course in you website do you recommend to start, i am a freshman in cybersecurity and networking, another question is is true that Most programs follow a "first-to-report" rule, meaning only the first hacker to discover and report a specific vulnerability gets the reward.. thanks for answering
30,362
when i run the curl command to get information, i get a 403 error, i tried bypassing this with the “-c cookie.txt” option, but the results aren’t satisfactory. anyone else experiencing this?
please upload the other half.@TCMSecurityAcademy
❤
2:55:43
2:20:00
3:37:00