- Видео 50
- Просмотров 12 382
Tech_Minded_Ashish
Индия
Добавлен 26 апр 2024
He is Ashish Rai, a distinguished Security Researcher and self-taught Bug Hunter, dedicated to fortifying the digital realms of esteemed organizations worldwide. With an illustrious track record, I have successfully safeguarded over 50 prestigious companies including global giants such as NASA, Philips,OLX, Unilever, Drexel University, BOAT and the U.S. Department, among others. My journey is fueled by an insatiable thirst for knowledge and a relentless commitment to excellence.
Overview of the Most Powerful OSINT Tool | cybersecurity | EthicalHacking | OSINT
OSINT (Open Source Intelligence) refers to the collection, analysis, and use of information gathered from publicly available sources. It is widely used in various fields such as cybersecurity, law enforcement, journalism, competitive intelligence, and more. OSINT is non-intrusive and relies on legal and ethical methods to acquire information.
Key Features of OSINT:
Publicly Accessible: OSINT uses data that is freely available on the internet or other open sources.
Legal and Ethical: Unlike intrusive methods, OSINT does not involve hacking, unauthorized access, or breaching privacy.
Multi-Sector Use: It is applicable in diverse domains, including cybersecurity (to discover vulnerabilities), la...
Key Features of OSINT:
Publicly Accessible: OSINT uses data that is freely available on the internet or other open sources.
Legal and Ethical: Unlike intrusive methods, OSINT does not involve hacking, unauthorized access, or breaching privacy.
Multi-Sector Use: It is applicable in diverse domains, including cybersecurity (to discover vulnerabilities), la...
Просмотров: 79
Видео
Broken Authentication and Session Management | Easy to Find and | Bug Bounty | Theory + Practical
Просмотров 1689 часов назад
Broken Authentication and Session Management refers to vulnerabilities in managing user authentication and session lifecycle, which can lead to unauthorized access or user impersonation. A specific issue in this category is Failure to Invalidate Session during events like password reset or password change . What It Means: When a user changes or resets their password, all existing sessions shoul...
Cache-Control header privacy issue | earn 300$ to 400$ easily | bug hunting | P4 | cyber security
Просмотров 11419 часов назад
he Cache-Control header is a crucial HTTP header used to specify caching policies for web resources. Misconfigurations or omissions in this header can lead to privacy issues, particularly when sensitive data is involved. Here's an explanation: How Cache-Control Works The Cache-Control header defines rules for how resources (e.g., HTML pages, APIs, or other web assets) should be cached by browse...
5 Browser Extensions You Should Know About | Bug Hunters Extensions | bug hunting | EthicalHacking
Просмотров 8121 час назад
Wappalyzer Purpose: Identify the technologies used on a website, including CMS, frameworks, programming languages, and analytics tools. Why Bug Hunters Love It: Knowing the underlying technologies helps narrow down potential vulnerabilities. Burp Suite Browser Extension Purpose: Integrate Burp Suite with your browser for intercepting and analyzing traffic. Why Bug Hunters Love It: Essential for...
OAuth misconfiguration leading to a pre-account takeover | bug bounty | earn 500$ to 700$ Easily
Просмотров 82День назад
An OAuth misconfiguration leading to a pre-account takeover occurs when flaws in the OAuth implementation allow unauthorized users to gain access or control over a target account. This can happen if OAuth tokens, scopes, or permissions are improperly set, allowing an attacker to either guess, reuse, or manipulate the token to impersonate a user or link their account. Common issues include insec...
Html Injection | you can earn 200$ to 300$ bounty | Theory + practical | Ethicalhacking
Просмотров 610День назад
What is HTML Injection? HTML injection is a type of attack where malicious HTML code is inserted into a website. This can lead to a variety of issues, from minor website defacement to serious data breaches. Unlike other web vulnerabilities, HTML injection targets the markup language that forms the backbone of most websites. This attack differs from other web vulnerabilities that exploit server ...
HTML INJECTION within 2 minutes | Full Information | cyber security | Ethical Hacking
Просмотров 118День назад
What is HTML Injection? HTML injection is a type of attack where malicious HTML code is inserted into a website. This can lead to a variety of issues, from minor website defacement to serious data breaches. Unlike other web vulnerabilities, HTML injection targets the markup language that forms the backbone of most websites. This attack differs from other web vulnerabilities that exploit server ...
5 Essential Tools You Should Know About | Every Bug Hunter Uses These Tools | Bug Hunting
Просмотров 10314 дней назад
HTTPX, Subfinder, Waybackurls, Feroxbuster, and Burp Suite are essential tools in any bug hunter's toolkit. HTTPX is a fast and reliable HTTP client for sending requests and receiving responses, making it indispensable for probing and interacting with web servers. Subfinder specializes in uncovering subdomains associated with a target domain, crucial for expanding the attack surface. Waybackurl...
MAN IN THE MIDDLE ATTACK | Theory + Practical | Ethical Hacking | Cyber Security | Bug Bounty
Просмотров 70014 дней назад
What is MITM attack A man in the middle (MITM) attack is a general term for when a perpetrator positions himself in a conversation between a user and an application-either to eavesdrop or to impersonate one of the parties, making it appear as if a normal exchange of information is underway. The goal of an attack is to steal personal information, such as login credentials, account details and cr...
Dos Attack Explaination Full Theory + practical | Every company face this Attack | denial-of-service
Просмотров 16914 дней назад
A denial-of-service (DoS) attack is a cyber attack that aims to make a device or network resource unavailable to its intended users. A DoS attack works by flooding a target with illegitimate requests, which can cause the target to become slow, unresponsive, or inaccessible. DoS attacks can have a number of consequences, including: Loss of availability of part or all of a system, Disruption of s...
Subdomain takeover is too easy | part 2 | Ethical Hacking | Subzy | cybersecurity
Просмотров 49821 день назад
A subdomain takeover occurs when an attacker gains control over a subdomain of a target domain. Typically, this happens when the subdomain has a canonical name (CNAME) in the Domain Name System (DNS), but no host is providing content for it. This can happen because either a virtual host hasn't been published yet or a virtual host has been removed. An attacker can take over that subdomain by pro...
Subdomain Takerover is too easy | you can earn up to $500 to $600 dollar | Ethicalhacking | subzy
Просмотров 6 тыс.21 день назад
A subdomain takeover occurs when an attacker gains control over a subdomain of a target domain. Typically, this happens when the subdomain has a canonical name (CNAME) in the Domain Name System (DNS), but no host is providing content for it. This can happen because either a virtual host hasn't been published yet or a virtual host has been removed. An attacker can take over that subdomain by pro...
Power of MagicRecon Tool | EthicalHacking | cybersecurity | BugHunting | Full Automation Tool
Просмотров 156Месяц назад
MagicRecon is a powerful shell script to maximize the recon and data collection process of an objective and finding common vulnerabilities, all this saving the results obtained in an organized way in directories and with various formats. With Magic Recon you can perform passive and active reconnaissance, vulnerability analysis, subdomain scan and many more! #bugbountyhunting #coding #cybersecur...
How to install Burpsuite community version in your windows 10 | Ethical Hacking | web security
Просмотров 56Месяц назад
Burp Suite, the Tool Dedicated to Web Application Security Burp Suite is a software tool used to evaluate the security of web applications. It's a popular tool used by ethical hackers, penetration testers, and security researchers $ If you want professional version then comment me on comment section #bugbountyhunting #cybersecurity #ethicalhacking #informationsecurity
How Hackers get your mobile camera access | ethicalhacking | cybersecurity | practical vedio
Просмотров 121Месяц назад
CamPhish is techniques to take cam shots of target's phone front camera or PC webcam. CamPhish Hosts a fake website on in built PHP server and uses ngrok & serveo to generate a link which we will forward to the target, which can be used on over internet. website asks for camera permission and if the target allows it, this tool grab camshots of target's device #bugbountyhunting #cybersecurity #e...
403-bypass method both Automation and Manual | Bug Hunting | Ethical Hacking | practical Vedio
Просмотров 150Месяц назад
403-bypass method both Automation and Manual | Bug Hunting | Ethical Hacking | practical Vedio
Find Vulnerability in Banking website with full automation and manual | Ethical hacking |bug hunting
Просмотров 95Месяц назад
Find Vulnerability in Banking website with full automation and manual | Ethical hacking |bug hunting
Cross-Site Request Forgery | Practical part | Part 2 | Ethical Hacking | bug hunting
Просмотров 83Месяц назад
Cross-Site Request Forgery | Practical part | Part 2 | Ethical Hacking | bug hunting
Guys are you Ready | Bug Bounty | EthicalHacking | cybersecurity
Просмотров 202 месяца назад
Guys are you Ready | Bug Bounty | EthicalHacking | cybersecurity
Cross-Site Request Forgery | part 1 | Theory part | ethical hacking | cybersecurity | bug hunting
Просмотров 572 месяца назад
Cross-Site Request Forgery | part 1 | Theory part | ethical hacking | cybersecurity | bug hunting
Manual + Automation testing for cross site scripting | Part 2 | bug hunting | cybersecurity
Просмотров 1862 месяца назад
Manual Automation testing for cross site scripting | Part 2 | bug hunting | cybersecurity
Hunt XSS with Automation Tool | bug hunting | part1 | Ethical hacking
Просмотров 1702 месяца назад
Hunt XSS with Automation Tool | bug hunting | part1 | Ethical hacking
MITRE ATT&CK FRAMEWORK | Blue Team | SOC | Ethical hacking | How to use Mitre Attack Framework
Просмотров 392 месяца назад
MITRE ATT&CK FRAMEWORK | Blue Team | SOC | Ethical hacking | How to use Mitre Attack Framework
Broken Link Hijacking | Find Broken link in live website | Bug Hunting | Ethical Hacking
Просмотров 1002 месяца назад
Broken Link Hijacking | Find Broken link in live website | Bug Hunting | Ethical Hacking
ROOTME LAB | CTF Walkthrough | Reverse shell and privilege escalation | Ethical Hacking
Просмотров 552 месяца назад
ROOTME LAB | CTF Walkthrough | Reverse shell and privilege escalation | Ethical Hacking
TryHackMe Pickle Rick | CTF | webserver Exploitation | CTF Walkthroughs
Просмотров 652 месяца назад
TryHackMe Pickle Rick | CTF | webserver Exploitation | CTF Walkthroughs
TryHackMe for Beginner | Create your account and start solving labs | Ethical hacking
Просмотров 432 месяца назад
TryHackMe for Beginner | Create your account and start solving labs | Ethical hacking
Open Redirection Vulnerability | How you can find It | Manual + Automation | Bug Hunting
Просмотров 542 месяца назад
Open Redirection Vulnerability | How you can find It | Manual Automation | Bug Hunting
Advance Subdomain Enumeration Part 2 | How to find juicy subdomain | Ethical Hacking | Bug Hunting
Просмотров 863 месяца назад
Advance Subdomain Enumeration Part 2 | How to find juicy subdomain | Ethical Hacking | Bug Hunting
Subdomain enumeration | Ethical Hacking | How you can find subdomain | Bug Hunting | cybersecurity
Просмотров 343 месяца назад
Subdomain enumeration | Ethical Hacking | How you can find subdomain | Bug Hunting | cybersecurity
Full video
Bhai ek question hai Jab Sherlock use kiya aapne to usme aapne name dala aashish to usko kaise pata ki usko aapse related data find karna hai internet pe to bohot se aashish hai lekin usne aapki data kaise find ki?
I think we have to put the username of the particular person
Very informative brother ❤
Waiting for full vedio❤
🎉🎉🎉
🖐️ compete video cahiea 💯
1
Sure brother ❤ Thank you for your feedback
👍❤
Particular tool👍
Particular tool is like fav one 😅❤
Yeah bro 🤣
Great video brother, I too love finding this vulnerability, quite fun! Keep making more videos.
Thank you brother ❤
Awesome brother ❤
Thank you
There seem to be no audio in this video...
Your speakers may lose
Yeah 😂
Good explanation ❤
Good explanation ❤
❤👍
😮❤
Rai Brother!
great content bro
Thank you bro
bro apka social media he ! whats app or insta
Yes brother
Can you please show how to hack social media account using Kali Linux 😢
Informative ❤
Nice but what a twis 😅❤️
👍P.M
Aise hi information dete rahe ao love from up ❤
Full support brother
Thank you brother
Thanks sir
Instagram app ka bhi hoga ? Call recording pe video lao bhai ji
Isko karnw me wifi dongle lagega
NO
Call recording sunne ke liya ?? Lage ga @@ashishraiRai-zj8vi
Can you make a video Of OSI tool
Sure
Yo in Kali there is another package called httpx in /usr/bin but it’s not this httpx
Bhai Wi-Fi password heaker liye video bana do 😊
Bro same device me kam nahi karta ... Mobile me open karoge to kam karega.😊
You're looking so ✌❤ P.M
does it works in https??
Thank you so much 😊
great votive 🤣🤣🤣🤣🤣🤣🤣🤣
Cool how easily you explain and keep making videos on many other topics
Thank you bro
suiiiiii
suiiii
It's great and awesome Pls keep it up..
Thank you bro
great video!!!
Informative 👍💓
Thank you
👍
Thank you
I don't see any takeover process here... My suggestion, don't make the title "Subdomain takeover is too easy" if you haven't done it.
U don't need to type again and again clear command to clear the screen, just press ctrl + l
Bro use scripts sometimes tools need modifications
Sure
Okay brother
Bro its nice but how to takeover 😅
cutest bb hunter
too many false positives maybe we should go with nuclie instead of subzy
I have created an account from bug bounty hunting program but I'm not good with coding or scripting in any programming language i feel sad because I always try to learn how to code in python but I feel so empty . Would you have any idea. Can you help
It took me long to learn Python(atleast 5 months) Some have a different learning pace's than others. What I did was take 30 minutes of you're day to learn the basics of Python everyday. I'm already 4 years in and I'm tell you, I still got to search for help in Python lol. Don't feel discouraged when you're thinking you aren't going anywhere, Stay consistent.
@@brealdo1ha3ker45 thanks that motivate me to not give up
keep on practicing my guy, and dont loose hope
First decide what you want to create with the code, its easier to have a goal to complete. Also if you do want to go for bug bounty I recommend you start with bash as it will also help with using linux more efficiently.
Don't waste your time, learn something different. Bug bounty is not everyone's cup of tea. Yeto content banake logo ko bewakoof banate rahenge.
What to do when it's found that it's vulnerable? We need to takeover that right.
hello brother have takeover cargo collective subdomain
What Tools do you are using to exploit the vulnerability in subdomain can you make other videos please if it's possible
@@Decryptmeans Okay bro