Good content brother, good vibe I almost felt we were together on this , I have been learning on my own for the last 3 months , and I am aiming in starting gaining some spare money from bug bounty ( in my own pace ), you were really helpful , hope to see you live as well
Thank you so much for the good information!👍👍 I'm a bugbounty novice, and it's been a great help. By the way, are there any restrictions on the scan tools you use to run a bugbounty? I'd like you to let me know if you've experienced any examples
im beginner bug hunter new to this channel want more videos about mindset and manuel aproach for bug bounty & more vidoes related to bug bounty i really hate automation i love manuel work and dig deep thank you brother
are there other areas in cybersecurity except for bug bounty hunting? I really like infrastructure network bug hunting but not sure if they have a similar type of bounty programs.
Yea you can become a network expert and protect networks or try to find some bugs in it. Euh that is mostly done by a company because it has a lot more risk to just let everyone in the network. But there are great courses with labs😁
What i don't understand is even tho you found that xxs valun but since there is no way to make you js add to the website source code unlike having xxs valun when placing a order or something which results in our malicious js code being saved into data base and getting executed whenever someone opens out order but in this website case there nothing like that so can someone please explain me how it will help us? Yeah it a valn but not that useful since we just can't go and hijack someone user or admin session using this , I'm a beginner so please help if I'm not seeing the bigger picture here
It depends on the dirb-busting tool used. GoBuster does not support file extensions, but there are tools that do e.g. FeroxBuster, which you can specify extensions to search for (e.g. php,html,asp,aspx, txt). Ferox will use the words in the specified wordlist, and append the extensions when fuzzing.
honestly a horrible video, you talk through it and do stuff as if we fully understand everything you are using and talking about, but that is far from the truth. I don't know much about this stuff at all and I'm trying to learn how to do it, but if you don't explain how to use every single thing piece of everything than I get completely lost and want to close the video because I cant follow along. For example, I don't know how to work burpsuite or set it up, so when you're clicking around and doing things i cant follow along. You should include the entire process of EVERYTHING I don't care how long the video gets, I need you to talk to me like I know nothing about this stuff at all, because that's kind of the case.
There are other resources to learn how to use the tools you are unfamiliar with. You could look up a video on setting up a Kali Linux VM to start.. learning is a process.
I don’t think aim a hacker, I work in the field of cybersecurity and I don’t ask you to watch my videos. I love to see some videos where you show your skills and maybe I can learn some of that😁
Good content brother, good vibe I almost felt we were together on this , I have been learning on my own for the last 3 months , and I am aiming in starting gaining some spare money from bug bounty ( in my own pace ), you were really helpful , hope to see you live as well
Hey m8 big thanks for the kind words! I'm planning to add some more structure to the channel :)
Thats how i exploited my university's website 🤣.
best method : learn from practical experiments. ❤
Whaha love it 😂
Ur a god teach me masterr
What did you do to the website
@@goblinninja1234 just got access of my classmate's account(with their permission). and then reported to our HOD, about it.
I did that too when i was in my school, i got access to the admin cpanel acc through sql injection
"SEAN, professional pizza maker (and eater!), can cut your hair also if required."LMAO🤣
thanks for this. did you do any certifications which utilised ur knowledge to do pen testing or was it all self taught using platforms and yt vids?
Would be great if you create the python program for retriving the values from the form.
what is your notion template? you mentioned that you use notion and Im curious
Would love to see a video like this where you implement/script a scraper tool to automate the process. Great content 👍🏻
Thanks m8! And that is a great video idea wil add that to the list 🙏😁
Yes would like to see
Thank you so much for the good information!👍👍 I'm a bugbounty novice, and it's been a great help. By the way, are there any restrictions on the scan tools you use to run a bugbounty? I'd like you to let me know if you've experienced any examples
Hey m8 that depends from
The company, like some just doesn’t like automated scans and then they are restricted to 1 request a sec😁
im beginner bug hunter new to this channel want more videos about mindset and manuel aproach for bug bounty & more vidoes related to bug bounty i really hate automation i love manuel work and dig deep thank you brother
Thanks mate working on some more!!
GREAT VIDEO!!!..... How did you kno to type that in the GET REQUEST in Burp Suite?
Thankyou, followed along and learnt a lot, keep up the awesome work , 👍
great work ! I hope you continue making clips like this
I love how much fun your having while hacking, I'm the same way I get excited every time I come across an anomaly I can exploit 👏👍
That's a very good tutorial, really appreciate it. Anyway, could you share your wordlist you usually use when doing bug bounty?
You can use seclist for a lot of labs and in real the best is to make custom list for a target you can use a Python program or a language model 😁
You could use cewl to create a wordlist specific to the target.
Will try the export target= It seems Nice
Yeah it helps a lot you command always stays the same 😁
Wonderful Hacking Tutorial Brother. Learned a lot. Tnx
Thanks m8🙏
Great introduction to this type of activity
Can you make a video on how to start, explore and find career path in cybersecurity.?
Yea sure maybe I call
Tell my story I got hired because of a project I made en the motivation 😁
are there other areas in cybersecurity except for bug bounty hunting? I really like infrastructure network bug hunting but not sure if they have a similar type of bounty programs.
Yea you can become a network expert and protect networks or try to find some bugs in it. Euh that is mostly done by a company because it has a lot more risk to just let everyone in the network. But there are great courses with labs😁
@@CyberSquad-JoinTheSquadagreed. Cause it kind pf related to the LAW. One wrong step then might go inside
@@shubhambajaj4939dude said teach him one to one lmaooo
One question sir i wanted to come into bug bounty does i need to learn networking or just strt with practicals and tut on RUclips
amazing job, i learned a lot. PLS DO MORE VIDEO LIKE THIS!!!!
Thanks a lot yes I wil try and focus more and more and these videos 😁
Very nice video 🎉
Thanks m8🙏
Thank you 😊
18:00 you set target url here, you missed fastfood part between bugbountytraining and /admin. Maybe you could found more vulns
awesome video. quality content.
Big thanks m8! Getting better every day but still a long way to go😃
Good job bro. Thanks for this information.
Thanks for watching and supporting 🙏
doesn't scanning puts a pressure on the webpage server? don't we send requests continously while scanning ?
afaik, only verbose and continuous scanning does this
Produto da ferramenta e paga correto?
I like your style!
After downloaded a bootatble kali linux distro. Then watching this is 👌
Cool
Just do more video like this.
Thanks a lot
Thanks for the support I wil 😁
Amazing Vide! Loved it:)
ur videos are really helpfull thanks u will be soon big W guy
Thanks m8 loved the response! Just wanne help people to change their lives 😁
how did you directly copy url from windows to linux?
That's what i was thinking. When I was in school we had a specific VM that allowed this but I can't find it
Great 👍🏿
I'm not a pro, but I immediately thought about exploiting ssrf with that redirection url...
Great mind! Keep up the work XD
What i don't understand is even tho you found that xxs valun but since there is no way to make you js add to the website source code unlike having xxs valun when placing a order or something which results in our malicious js code being saved into data base and getting executed whenever someone opens out order but in this website case there nothing like that so can someone please explain me how it will help us? Yeah it a valn but not that useful since we just can't go and hijack someone user or admin session using this , I'm a beginner so please help if I'm not seeing the bigger picture here
excellent
Thank you m8 🙏
im a noob, but for the part where he exploited the redirect, would anyone visiting the site be hit by the alert box?
how many bugs have you found doing bug bounties?
Rare content, thank you i like it :)
Thanks you m8 😁
Nice video can you make more videos on SQL injection,ssrf and xss
Yes pls do
Thanks m8! Yes I I wil 😁
its awesome!
admin.php is a file, so there is no use of doing dirb on it because its not a folder…am i right?
It depends on the dirb-busting tool used. GoBuster does not support file extensions, but there are tools that do e.g. FeroxBuster, which you can specify extensions to search for (e.g. php,html,asp,aspx, txt). Ferox will use the words in the specified wordlist, and append the extensions when fuzzing.
What if the Bug Bounty Program only allows me to scan like, 2 requests per second? This all is gonna take ages
i was like why does he not check order number 1-3 it would probally be snowy or the other guy emails
this good - here take joint bro
19:30
can you talk more about your origins 😃
Sure what you like to know? Discord wil be up soon to have a chat 😁
if it's clickable it's hackable
Pls part 2
Yes I hope to record today and publish but my main pc broke 😅
How to hack Aviator
are you a professional hacker??
Hey I’m a junior application security engineer so yes but still learning every day😁
in reality, burp will intercept one million useless request and just create an account recquire a lot of patience
Imagine hacking someone via a RUclips comment 😂
Hello bro
Hello 😁
How to hack aviator game round plz help me
you missed many more vulnerabilities
20:30 You missed multiple times that you use the wrong url on dir buster, and I notice this on smartphone...
is this is how we perform Bunty Bounty?
ruclips.net/video/mALRt5SXMeI/видео.html
Can you help me hack an application lovley pet؟؟
Only if it is legal 😆
@@CyberSquad-JoinTheSquad😂😂😂🎉🎉🎉
honestly a horrible video, you talk through it and do stuff as if we fully understand everything you are using and talking about, but that is far from the truth. I don't know much about this stuff at all and I'm trying to learn how to do it, but if you don't explain how to use every single thing piece of everything than I get completely lost and want to close the video because I cant follow along. For example, I don't know how to work burpsuite or set it up, so when you're clicking around and doing things i cant follow along. You should include the entire process of EVERYTHING I don't care how long the video gets, I need you to talk to me like I know nothing about this stuff at all, because that's kind of the case.
I will try making some more basic vids mate 😁
Skill issue
There are other resources to learn how to use the tools you are unfamiliar with. You could look up a video on setting up a Kali Linux VM to start.. learning is a process.
guy thinks hes a hacker using typical programs. Dude cmon your brain smaller then your biceps for sure
I don’t think aim a hacker, I work in the field of cybersecurity and I don’t ask you to watch my videos. I love to see some videos where you show your skills and maybe I can learn some of that😁
nice bro
Thank bro means a lot 🙏
Order ID 42069 lol
ruclips.net/video/mALRt5SXMeI/видео.html