hey Ben, we surely already love your content, but, for those like me, who are new to the industry, trying to learn and move forward, we need the technical, very basic content, this will help us understand more in depth how things goes. thank you again for the great content you are delivering, and for the amount of dedication you are putting in
When there is an issue or something you understand you should go down the rabbit hole and” master “ it. I’m sure you’re doing well now, this comment was a year ago! But this comment is for people just learning 😁
As CEO of a startup please keep this stuff coming. It took a lot to convince the dev team that exploits weren’t just down to weak passwords so I arranged an in house demo. Jaws dropped. This stuff builds so much awareness. Thank you!
You have helped me a lot as I am stepping into Bug Bounties. I have loved connecting with the people in your discord and have learned so much! I am 1 semester away from getting my bachelor's in computer science and your content as well as the people I found through your community have been invaluable to my success. Thank you so much!
While I may not have commented before, I've been an avid admirer of your work. As an aspiring pentester, I find your technical content to be precisely what I seek. While your other content is commendable, it's ultimately the expertise you bring that I look up to for learning. Your contributions are truly appreciated.
Please, if possible, cover these advanced topics like How to bypass Drupal CMS or other secured CMS? How to bypass HARD WAF protection that stops HTML, SQL, and XSS injection payloads? Payload single-double-triple encoding using Cyber-Chef? How to find the real origin IP of secured websites behind Cloudflare, Akamai, ModSecurity, AWS CDN, etc.,? How to bypass Hard WAF using SQLMAP or Burpsuite? How to find hidden vulnerable parameters and endpoints inside the .js and .jason files? How to find hidden admin pages, cPanel pages, and WHM pages ? Please cover these important topics. Thanks
Man, keep both coming.!! maybe pick a day to post technical and assign another day for the mentorship aspects or something... Either way ... BOTH ARE EQUALLY IMPORTANT FOR SUCCESS!! ...Also i would love a video on how to transfer from labs /ctf into hacking real world apps. As the fundamentals are the same or close but also very different in alot of ways.
Yes, this is great. From a web developer perspective. I'm trying to under how my server side applications could be hacked and this is great content. Please, continue.
I would like to see one of the vulnerabilities you have found and walk through the info gathering stage all the way to the post exploit while explaining the mindset/methodology
Haya! I have quite a lot of experience in pentesting webapps, but i do not have any experience in hosting an instance of a webserver, securing it or being able to load an insecure server, but in a secure way cause we don't want a creepy scanner rooting it and being malicious when i want to test it :P So my question, could you make a lill tutorial in how to, for example, use a docker or maybe host a site in different means through a Digital Ocean instance? :P Would be fun to learn a little bit about it and then being able to pentest towards it. By learning this, one can use your knowledge to host a file hosting instance to make an RFI etc, which is a bit difficult without an outwards facing host ^^ Stay safe and happy late Easter!
Thanks for helpful content! It would be great if u could do more specific showcases about blind SSRF. For example there is a case that I only receive the DNS queries back to the collab. I guess because of outbound restriction but it seems like the server was trying to reach to that domain. Any way in this case that you can prove the ssrf is there with just DNS? Or do you have any suggestion on setting up things in internal network to prove the vulnerability is there? Was a long comment but hope u could imagine the case 😂 thanks
hey Ben, we surely already love your content, but, for those like me, who are new to the industry, trying to learn and move forward, we need the technical, very basic content, this will help us understand more in depth how things goes. thank you again for the great content you are delivering, and for the amount of dedication you are putting in
When there is an issue or something you understand you should go down the rabbit hole and” master “ it. I’m sure you’re doing well now, this comment was a year ago! But this comment is for people just learning 😁
Content + real vulnerability example would be great 🔥
Never thought I could learn SSRF in a more comprehensive way by under 15 minutes! Thanks man!
Thanks! I'm glad it helped!
@NahamSec دمت گرم مهندس، ارادت
As CEO of a startup please keep this stuff coming. It took a lot to convince the dev team that exploits weren’t just down to weak passwords so I arranged an in house demo. Jaws dropped. This stuff builds so much awareness. Thank you!
You have helped me a lot as I am stepping into Bug Bounties. I have loved connecting with the people in your discord and have learned so much! I am 1 semester away from getting my bachelor's in computer science and your content as well as the people I found through your community have been invaluable to my success. Thank you so much!
While I may not have commented before, I've been an avid admirer of your work. As an aspiring pentester, I find your technical content to be precisely what I seek. While your other content is commendable, it's ultimately the expertise you bring that I look up to for learning. Your contributions are truly appreciated.
OFC it would be truly helpful to see more content like this
Fully in with technical vids, especially when you chain these with Real life vulns you have found 👌
Please, if possible, cover these advanced topics like How to bypass Drupal CMS or other secured CMS? How to bypass HARD WAF protection that stops HTML, SQL, and XSS injection payloads? Payload single-double-triple encoding using Cyber-Chef? How to find the real origin IP of secured websites behind Cloudflare, Akamai, ModSecurity, AWS CDN, etc.,? How to bypass Hard WAF using SQLMAP or Burpsuite? How to find hidden vulnerable parameters and endpoints inside the .js and .jason files? How to find hidden admin pages, cPanel pages, and WHM pages ? Please cover these important topics. Thanks
Content + real+technical aspect of pen testing and bug hunting .Thanks
Man, keep both coming.!! maybe pick a day to post technical and assign another day for the mentorship aspects or something... Either way ... BOTH ARE EQUALLY IMPORTANT FOR SUCCESS!! ...Also i would love a video on how to transfer from labs /ctf into hacking real world apps. As the fundamentals are the same or close but also very different in alot of ways.
100% both. I like the nuance you teach here. For example login page and SSRF. This is fantastic content.
More content is needed like this along with real life examples that you experienced during bug bounty or other testing application
Yes, this is great. From a web developer perspective. I'm trying to under how my server side applications could be hacked and this is great content. Please, continue.
Hey I absolutely love this, I would love to learn from more technical videos like this.
Hi man, I would like to hear you how to do bug bounties exactly and maybe if you can show on live all the necessary steps to do it
I would like to see one of the vulnerabilities you have found and walk through the info gathering stage all the way to the post exploit while explaining the mindset/methodology
Soon :)
Yes, more content like this please 😁
We really want this explain bugs for beginners and give us some advice about the bug i really wish u make playlist for this !! thank u alot
Thank you very much, I hope you'll continue doing these kind of videos 😊
yes please, give us more content of this kind.
East or West, naham is the best.
Yea would love this type of content plz part 2
Haya!
I have quite a lot of experience in pentesting webapps, but i do not have any experience in hosting an instance of a webserver, securing it or being able to load an insecure server, but in a secure way cause we don't want a creepy scanner rooting it and being malicious when i want to test it :P
So my question, could you make a lill tutorial in how to, for example, use a docker or maybe host a site in different means through a Digital Ocean instance? :P
Would be fun to learn a little bit about it and then being able to pentest towards it. By learning this, one can use your knowledge to host a file hosting instance to make an RFI etc, which is a bit difficult without an outwards facing host ^^
Stay safe and happy late Easter!
Waiting for this type of content ; please Continue Ben :)
Ben One Suggestio | Make a precise playlist of OWASP TOP 10 2021 | Like a 10 min video / on each critical vulnerability
fantastic :o , i would like to see a full and advanced recon video from you :)
Super down with more technical content!
Thanks for helpful content! It would be great if u could do more specific showcases about blind SSRF. For example there is a case that I only receive the DNS queries back to the collab. I guess because of outbound restriction but it seems like the server was trying to reach to that domain. Any way in this case that you can prove the ssrf is there with just DNS? Or do you have any suggestion on setting up things in internal network to prove the vulnerability is there?
Was a long comment but hope u could imagine the case 😂 thanks
I think you should pivot to doing Unboxing Videos. If that's not in the cards then please keep the technical videos coming!
Hi NahamSec, I'm a regular viewer of your content.can you make video on business logic in dept!! waiting for it
part 2 or complete playlist on the web Vuln
What to do if we don't have burp collaboraor ?
Would love to see more technical content! TIA
More, more more real world how to once we have done recon. We need to know the steps on how to find bugs.
Creat a playlist content like the types of vulnerabilities and bugs that are common or rate easy to hard like xss or account takover
Just what we need Ben 😊 thank you 👏🏻
I’d love more technical videos
Is Bola and idor the same type of vulnerability with different names
You are great bro
part 2? more content like this!
both content is fine and some free tutorials
we need more part of this
stay consistent big bro
Yes more content like this pls
Please create similar content to this and please add Hindi subtitles for a better understanding
Love this!
Drop video with all of the topic you mentioned in the video.
more vcontent like this cover all top 10 owasp vulnerability please...
more content like this please
I love this content make more please
Perfect type of content 😃👍
Vulnerability content or owasp top 10 pls
Preach!
Epic, Part 2 please.
Great Content; More Please 🤑
More part 2. Need more technical vids
theory is all good but when it comes to practical i'm hopeless.
more content like THIS!
More real bugbouty tech work
yup yup more tutorials for hacking and IT stuff how to do ore bypass
Part 2 please
😍
I would like to see basic contents like this.
More parts on this topic ..
please post content like this...thank you
we need location traking tutorial
More please!
Part two
More content like this 🙂🙏❤️🔥
💙
more content on web attacks
Part 2 please....
web hacking content more please
part 7 we want
MORE CONTENT !!!
It was awesome
Next xxe plz
Part 2!
more and more plz
more content like thiss
😊
PART 2 BRO DEFO
More pls =)
I love you naham
More content
Want more vdo
I reported my browser 😂
Make more technical content
PART-2
Part2
Part 2 ,,4,5,6,7,8,9,-----,99999
part 2
location hack
Bad explanation with a lot or wrong info
I make hacking videos
Part 2
part 2
Part 2