Thank you, I'm just starting out and my ever-lasting wonder is whether I should focus on a vulnerability type and master it or pick a target and try as many vulnerabilities as I can. As I gathered these are the two types of methodologies combating each other when discussing how to start out. Both have advantages I think. Picking a vuln type has the advantage that you don't get confused with too much information whereas picking a target takes the load off having to browse in targets all the time or do more recon. But since i've just finished creating my first and own recon script (which, for the most part, is the automation of your recon video with tomnomnom by the way, haha), I think I'm good to go exactly the way you're recommending and it's very reassuring that someone like you - I've been following your videos for long - supports a certain type of starting point that you think is the best. :) I would be eager to see more content like this, thanks for your contribution to the rookie community!!
I remember following you when I was QA Engineer in 2014 alongside Jason Haddix and many others. I will have to agree that Bug Bounty has evolved into so much more since then
When you said tooling up, automation, etc makes you lazy..on point. This is about learning what those tools and automation are doing in the beginning and applying it to one attack. Not defending against constant attacks where you need those tools/automation to hope to keep up. Thanks for the content to get me motivated this morning.
On the other hand you have a lot more experience in actually learning stuff "on the job". College is great and all, but real life experience is more valuable, coming from a fellow early 30s guy ;-)
this my roadmap as background to start bug bounty , is it good boss #NahamSec - HTML & (Basics) & JavaScript (Focus) - NodeJs (Focus) - Web Basics(HTTP & Protocols ....) + Network+ From yt - Practice Portswiger & free labs & study docker - Owsap Top 10 - Kali linux basics
Sir I am learning more about bug bounties but I have a problem with some money and also financial problems. But I also have the same dreams as you. But I am stuck 😢 Love your video and also I started from your video 😢
I love this bro! I'm currently working on the eJPT but after that I want to get into web hacking and bug bounty. It's something I haven't really touched and know I need some dedicated study and time to do. I got Vickie Li's book and want to work through Web Security Academy and then try out some VDP's on the platforms. Would you recommend choosing one program and trying to go really deep on that? Thanks for all the great content dude! Peace.
Hello, I entered the bug bounty at the beginner level. My goal is p1, p2 is not a high amount of explanations, p4 is a joyful event for me, even if I win small vulnerabilities. bug bounty p4. What do you recommend to be successful?
Thank you for the amazing video ! I've always had an issue with the mentorship part..I can't seem to figure out how to collaborate and I wish I could change that
Thanks bro I spent three years hacking, but I only found one acceptable bug, 20 duplicate, and 5 informatives. I'm really bored and desperate. I need advice from you. What should I do?
im actually just starting to get my degree in computer science in cyber security so if i can get a head start an learn anything an everything can only benifit me.
Awesome video! This kind of content is really helpful. I never knew working through hacker 101 content would result in an invite. Keep up the good work!
can i message you personally? fresh grad and i want to turn this into a full-time job or learn bug bounty hunting and find a job in cyber security as a penetration tester. I have a lot of questions...thanks
Yes, most programs tell what not to do in their policy you can also look for safe harbor programs which will not take any legal action if you did something wrong accidentally
@@mahmoudadel197 hey, thanks, Mahmoud! I appreciate that. I started reading at&t. That one threw me off. All those others make perfect sense. Ty for term " safe harbor".
Does that mean no nmap?? Tools to me means nmap, nikto, ffuf, amass, subfinder and the like. Automation i thought would be like nuclei, burp, msfconsole....
Want to learn directly from me? Check out my course here: app.hackinghub.io/hubs/nahamsec-bug-bounty-course
This year fu*ed me up already. At least cybersec learning going well thx to all content creators like you
You got this!
I agree
Great video, the only mishap is the volume is very low for some reason. Thanks for the content!
Thank you, I'm just starting out and my ever-lasting wonder is whether I should focus on a vulnerability type and master it or pick a target and try as many vulnerabilities as I can. As I gathered these are the two types of methodologies combating each other when discussing how to start out.
Both have advantages I think. Picking a vuln type has the advantage that you don't get confused with too much information whereas picking a target takes the load off having to browse in targets all the time or do more recon.
But since i've just finished creating my first and own recon script (which, for the most part, is the automation of your recon video with tomnomnom by the way, haha), I think I'm good to go exactly the way you're recommending and it's very reassuring that someone like you - I've been following your videos for long - supports a certain type of starting point that you think is the best. :)
I would be eager to see more content like this, thanks for your contribution to the rookie community!!
Thank you Ben. I was registered bugcrowd today for starting bug bounty about 12-14 hours ago and this video show up, again thank you man appreciate
@@ptrcan4302 sağolasın, değer ama sevmen lazım sevmiyorsan çekilecek meslek değil
How is it going?
I remember following you when I was QA Engineer in 2014 alongside Jason Haddix and many others. I will have to agree that Bug Bounty has evolved into so much more since then
When you said tooling up, automation, etc makes you lazy..on point. This is about learning what those tools and automation are doing in the beginning and applying it to one attack. Not defending against constant attacks where you need those tools/automation to hope to keep up. Thanks for the content to get me motivated this morning.
This guy have helped me a lot in paying my engineering college fees
Respect to you bruh
How?
Really did u earn some cash bro ?
😂😂 did you pay or just change the data?
you the man thanks for all the advice always great learning from the greats been following your work for awhile.
Thank you for this. I'm a bit late to the party lol. Early 30s is a big gap compared to fresh out of college people.
On the other hand you have a lot more experience in actually learning stuff "on the job". College is great and all, but real life experience is more valuable, coming from a fellow early 30s guy ;-)
End 30 guy here and only doing this for a few month so no problem ✌️
Early 30s, just getting started. You ain't alone
38 here plus at our age now we are more mature an serious about getting stuff done past all the partying an more goal driven
All the love to you guys❤❤❤ I'm 24 I'm just starting out too much love all the best.
after 1 year i will return to this vidéo and remember my start thnx alot ❣❤🔥
how about currently?
Great content from great hacker like you always help everyone
Appreciate the efforts and knowledge shared!!!
A perfect glimpse on Bug Bounty ! Keep uploading more stuff 👍🏻
Great advice! Thanks Ben! I also have some light OCD so I had to comment since this is the 100th comment here :D
this my roadmap as background to start bug bounty , is it good boss #NahamSec
- HTML & (Basics) & JavaScript (Focus)
- NodeJs (Focus)
- Web Basics(HTTP & Protocols ....) + Network+ From yt
- Practice Portswiger & free labs & study docker
- Owsap Top 10
- Kali linux basics
If anyone is looking for someonw to learn with then am here. Zero bounty yet, but am constantly learning.
Bro i am also can we both do it together
@@gamingrampage2898 Where can i contact you? share your contact just any
@@stanleyruheza his id is akshdeep211
@@stanleyruheza his id is akshdeep211
Hey Stanley, I’m looking for someone to learn with if you’re still open
Sir I am learning more about bug bounties but I have a problem with some money and also financial problems. But I also have the same dreams as you. But I am stuck 😢
Love your video and also I started from your video 😢
Me too bro😢😢
🔥 content man. Thank you for sharing.
I love this bro! I'm currently working on the eJPT but after that I want to get into web hacking and bug bounty. It's something I haven't really touched and know I need some dedicated study and time to do. I got Vickie Li's book and want to work through Web Security Academy and then try out some VDP's on the platforms. Would you recommend choosing one program and trying to go really deep on that?
Thanks for all the great content dude! Peace.
This channel is awesome man :-)
Awesome video...thank you Nahamsec...this has inspired me!
juicy stuff as always... thank you sir!!!
Hello, I entered the bug bounty at the beginner level. My goal is p1, p2 is not a high amount of explanations, p4 is a joyful event for me, even if I win small vulnerabilities. bug bounty p4. What do you recommend to be successful?
Always best✨
Thank you for the amazing video !
I've always had an issue with the mentorship part..I can't seem to figure out how to collaborate and I wish I could change that
No comments on my Facebook
Thanks bro
I spent three years hacking, but I only found one acceptable bug, 20 duplicate, and 5 informatives. I'm really bored and desperate. I need advice from you. What should I do?
Nice video,
Thanks for sharing🙂
Thanks for watching!
Thx for sharing Ben !!!
Incredible video, Thanks a lot.
You are the best!!
Great man🔥🔥
im actually just starting to get my degree in computer science in cyber security so if i can get a head start an learn anything an everything can only benifit me.
great one Naham!
Awesome video! This kind of content is really helpful. I never knew working through hacker 101 content would result in an invite. Keep up the good work!
Great video with great advice! What do you think about HTB Bug Bounty Course? Is it worth doing?
Very nice video
Thanks for sharing 🙏❤️
🙏 Dhanyawaad
Thank you for the advises. By saying no tools, does it include burpsuite as well?
Great video boss 👍
#Nahomies
I'm just now getting into bug hunting.. is there a list of "what not to do"?
How do I decide if my precious invite to a private bb program is worth the program? and what programs should I better skip?
Great Content
Thank You for the content ben!!
hey man your video is really cool a little tip is get a better mic plz.
Awesome. Thanks!!!
To learn bug bounty & ethical hacking, should programming, networking & Operating systems be the first things you learn?
where can i buy your course from nahm?
Thanks for making this video
What do you think about CBBH from Hack the box?
came here from your live
do m1 max good for bug bounty, please nahamsec reply
Please make a playlist for starter
I would rather report hacks as long as you use them
great video
10:18 words🙌🏻
You need to do a guided training step by step on how to do stuff
I don't think it works like that my friend
@lmfao69420 yeah im now realizing you cant directly show exploits and sensitive information but he cant he use metasploitable
can i message you personally? fresh grad and i want to turn this into a full-time job or learn bug bounty hunting and find a job in cyber security as a penetration tester. I have a lot of questions...thanks
Great video
Glad you enjoyed it
Is there a list of "what not to do"?
Some of the terms seem like they'll charge you criminally (AT&T) if you don't follow the t&c perfectly..
Yes, most programs tell what not to do in their policy you can also look for safe harbor programs which will not take any legal action if you did something wrong accidentally
@@mahmoudadel197 hey, thanks, Mahmoud! I appreciate that. I started reading at&t. That one threw me off. All those others make perfect sense. Ty for term " safe harbor".
Thanks GOAT
"I'll link their channel in the description"
usually means they will not.
I love u man, you are osm!!
tnx men
thanks man
I already started it 3 years ago by my master but now I'm not doing hunting no pccc 😭😭 i got the knowledge but no pc 😭
nice video
Volume super low
🔥🔥
❤
Hello from MDISEC
You promised to update your course on Udemy
Still keeping my promise. Soon :)
Great
Awesome...
Thanks! 🙏
❤❤❤❤❤❤
I just found my first vuln sql injection triaged as High 8.2
Amazing!!
What about the basics
There is guy in my neighbour who is in top 20 in bug crowd back then ......(i am lucky as fuck )
👍
😍
Audio is messed u0
💝
🙏🙏
Voice volume seems a little low
Had a small issue with audio with this one, but the video was too good to not publish it.
Okay
your audio sucked bad on this but great video, thanks
I thought for a sec it was my earphones
audio sucked on this one. I wanted to buy your udemy course but the video was crappy.
Your voice In your videos are very low man
#dontpwnic
Make a videos in a little more interesting way
Third
First
He is so cute I can't focus 🙄
Does that mean no nmap?? Tools to me means nmap, nikto, ffuf, amass, subfinder and the like. Automation i thought would be like nuclei, burp, msfconsole....
I watch similar video by @stok in 2021 when I started my bug bounties journey.
Don't use music
Great video
#Nahomies