new to this channel i swear this information never see them before this what we really need as beginners thank u alot we need more videos like this if u want u can make playlist of bugs but in long videos like BAC & iDORS & Logic Bugs
Please, if possible, cover these advanced topics like How to bypass Drupal CMS or other secured CMS? How to bypass HARD WAF protection that stops HTML, SQL, and XSS injection payloads? Payload single-double-triple encoding using Cyber-Chef? How to find the real origin IP of secured websites behind Cloudflare, Akamai, ModSecurity, AWS CDN, etc.,? How to bypass Hard WAF using SQLMAP or Burpsuite? How to find hidden vulnerable parameters and endpoints inside the .js and .jason files? How to find hidden admin pages, cPanel pages, and WHM pages ? Please cover these important topics. Thanks
Hi, let me try to explain a bit further. Usually, you cannot know, which URL has a bug. Because if there were a clear indicator, the developer would also know and could fix it. Hence, we have to do testing and probing. This video talks about one specific bug class that can occur. There are many more. The bug class in this video mainly focuses on the parameters in the URL. Ideally, you would test every parameter of every URL of your target, but this can quickly become too much to test. That is why this video talks about some parameters that might be more likely to have a vulnerability. The video also talks about some tricks you can apply when you actually test a parameter and its values. As a beginner, I recommend you to learn the basics of Linux, and how the internet works (HTTP, IPs, DNS, TCP, UDP, etc.). I hope this could clarify it a bit.
Yeah knowing how to code at least on a basic level helps understand the outline of the process. Once you start coding you understand it is going to be functioning pile of junk until you refine it to perfection. That means a lot of programs are a work in progress and some people don’t care as long as it works. In other words there are going to be flaws everywhere and things change. It takes a sense of balance like trying to juggle while standing on a ball with one foot. All a hacker needs to do is knock you down but it’s just a matter of how❓🤔
Soooooo, in all these videos I'm watching, the core idea is this: if it exists in a connection on the internet, your job is to find a way to "manipulate" or even take over it, in a nutshell. So if you can't copy, you find a way to be able to for example. How doesn't matter, just make sure to alert the compay and not continue to manipulate it, the difference in good and evil? And thats all the job description really is?
Hi, thanks for your comment! Bug bounty platforms are a bit different from what you described: Bug bounty platforms connect companies with ethical hackers who look for security vulnerabilities in their systems. These hackers, often called "bug bounty hunters," are rewarded for identifying and responsibly disclosing bugs or security issues. The goal is to help companies fix vulnerabilities before malicious hackers can exploit them. But it does not always have to be a company/target in a bug bounty platform. There are programs not tied to any platform (for example, apple, google, meta). You can have a look at security.txt. It is a proposed standard for websites to provide information on their security policies and how to report security issues. It helps ethical hackers know who to contact and how to report vulnerabilities responsibly. In short, ethical hacking is about finding and reporting issues to improve security, not exploiting them. The difference between good and evil lies in the intent and actions taken after discovering a vulnerability. Tread lightly and stay ethical ;)
![Blox Fruits Dragon Rework Update [Full Stream]](http://i.ytimg.com/vi/EqDAp8udhm0/mqdefault.jpg)
It's the quickest and consice IDORS video i've ever watched on RUclips, actually. has all the tips + has very good visuals.. Hats off 👮♀️
Thanks a lot!
I would definitely agree. Finally someone who gets right to the chase!
Keep this type of content, clear and full of info in one video..subscribed!
Thanks, will do!
Great video man. New subscriber ✌🏻
Effective and short, Thank you!
Nice tips. Straight to the point 👍 keep going
Thank you. I will. :)
bro this is the best explaination of bug bounty ever
Thanks a lot! :)
new to this channel i swear this information never see them before this what we really need as beginners thank u alot we need more videos like this if u want u can make playlist of bugs but in long videos like BAC & iDORS & Logic Bugs
Thank you! I will work on it!
best tips video on bug hunting i have ever seen
Thank you. That means a lot. :)
Please, if possible, cover these advanced topics like How to bypass Drupal CMS or other secured CMS? How to bypass HARD WAF protection that stops HTML, SQL, and XSS injection payloads? Payload single-double-triple encoding using Cyber-Chef? How to find the real origin IP of secured websites behind Cloudflare, Akamai, ModSecurity, AWS CDN, etc.,? How to bypass Hard WAF using SQLMAP or Burpsuite? How to find hidden vulnerable parameters and endpoints inside the .js and .jason files? How to find hidden admin pages, cPanel pages, and WHM pages ? Please cover these important topics. Thanks
Thanks for your comment and all the suggestions. I literally just copied this into my content list. Stay tuned!
Great work - very clear and well communicated.
Clear and concise. Thanks
Welcome!
bro dropin off some very useful tips🔥🔥🔥
🔥🔥🔥
Amazing video! Really well done and very interesting. Would be cool if you could also make some 1h+ long deep dives on topics like this
Noted. I will look into that :)
best bb content i've ever seen
Really INFORMATIVE VDO I EVER SEEN IN JUST 8 MINUTES
new to channel brother really good explain hope more videos come about IDORS & APIS & Tricks & Tips .... thank you sir !
More to come!
I just recently started studying insects... I got really excited and then really disappointed by this video 😂
The real bug hunter channel is coming soon :P
Well explained !! Thanks
This video is pure gold
Great Explanation
Glad you liked it
clear and understanding, thanks
Glad it helped!
Great video❤
Good content keep it up sir 👏
Appreciated. What topic would you like to see next?
I'm a beginner. I didn't understand much of your video where what was going on. What part of the url, how do I know which url has an bug!
Hi, let me try to explain a bit further.
Usually, you cannot know, which URL has a bug. Because if there were a clear indicator, the developer would also know and could fix it. Hence, we have to do testing and probing. This video talks about one specific bug class that can occur. There are many more. The bug class in this video mainly focuses on the parameters in the URL.
Ideally, you would test every parameter of every URL of your target, but this can quickly become too much to test. That is why this video talks about some parameters that might be more likely to have a vulnerability. The video also talks about some tricks you can apply when you actually test a parameter and its values.
As a beginner, I recommend you to learn the basics of Linux, and how the internet works (HTTP, IPs, DNS, TCP, UDP, etc.). I hope this could clarify it a bit.
@@bughunterlabs yeah sure thanks ❤️❤️
Yeah knowing how to code at least on a basic level helps understand the outline of the process. Once you start coding you understand it is going to be functioning pile of junk until you refine it to perfection. That means a lot of programs are a work in progress and some people don’t care as long as it works. In other words there are going to be flaws everywhere and things change. It takes a sense of balance like trying to juggle while standing on a ball with one foot. All a hacker needs to do is knock you down but it’s just a matter of how❓🤔
One of the most concise tutorials I've encountered ❤
Best video I ever watched
nice tips mate keep going
Thanks, will do!
amazing explanation
Best video 👍👍👍👍
struggling to find programs to find BAC bugs :(
Which programs have you looked into so far?
@@bughunterlabs front, frontegg,freshworks from hackerone and some others from other platform.
@@bughunterlabs front, frontegg, freshworks from hackerone and some programs from other platform
subscribed!!!
Sir we need more really inpressive
More is on the way.
THE BEST VIDEO EVER ❤
thank you
its a valueable content video that you have given , please make videos on Bug bounty ,hackerone Tutorial , for your Subscriber , God bless you❤
Soooooo, in all these videos I'm watching, the core idea is this: if it exists in a connection on the internet, your job is to find a way to "manipulate" or even take over it, in a nutshell.
So if you can't copy, you find a way to be able to for example. How doesn't matter, just make sure to alert the compay and not continue to manipulate it, the difference in good and evil?
And thats all the job description really is?
Hi, thanks for your comment! Bug bounty platforms are a bit different from what you described:
Bug bounty platforms connect companies with ethical hackers who look for security vulnerabilities in their systems. These hackers, often called "bug bounty hunters," are rewarded for identifying and responsibly disclosing bugs or security issues. The goal is to help companies fix vulnerabilities before malicious hackers can exploit them.
But it does not always have to be a company/target in a bug bounty platform. There are programs not tied to any platform (for example, apple, google, meta). You can have a look at security.txt. It is a proposed standard for websites to provide information on their security policies and how to report security issues. It helps ethical hackers know who to contact and how to report vulnerabilities responsibly.
In short, ethical hacking is about finding and reporting issues to improve security, not exploiting them. The difference between good and evil lies in the intent and actions taken after discovering a vulnerability. Tread lightly and stay ethical ;)
bro that was soo straight forward, clean, informative, and simple thanks a lot
very helpful video
Glad it was helpful!
bro could you do ssrf next ?
SRRF is in the pipeline. It might not be the next one, but it is coming! Stay tuned.
Subscribed
Appreciated
WELL,
oh yea bro instasub! this is really helpful
Finding flaws
Wow 🎉
Wow epic
Yoo
Really easy to find, means theres a billion indians finding it before you will.
Can i connect with you on twitter
Yes, go ahead