Easy $500 Vulnerabilities! // How To Bug Bounty

Hands-on demo would definitely be a great way to absorb and ultimately solidify this content in the old brain! Thank you, Ben!

● [1:41] Prerequisites: HTML, Web Technologies
● [1:57] #1 - XSS
● [4:03] #1(2) - CSRF
● ● [4:11] Burp Suit PRO : "Engagement tools" -> "Generate CSRF PoC"
● [6:22] #3 - IDOR
● [8:46] #4 - Authorization Issues
● [10:34] #5 - Leaked Credentials

Hey! Would love to see the demo videos on each vulnerablity type.

It would be very helpful and interesting to have videos on:
- How to quickly and efficiently write a bug report (templates, automation, AI and so on...)
- What are the most common BBPs policies and practices for not breaking them (rate limit, automation limitations)
- Burp suite: best extensions and when to use
Thanks mate, love your videos and appreciate your work!

Yes please do a demo of the vulnerabilities. Love your encouragement! Your videos always pump me up!

CSRF and IDOR hands-on tutorials would be interesting. Would love to see some handy tricks for when our attacks aren't working.

Honestly, I care less about learning the hands-on-tutorials about specific vulns, I would much rather see a tutorial on how to enumerate a target and suggestions on how to learn the technology the target is using. What questions should I be looking to answer about that tech? How to check for previous CVEs on that specific tech? Then maybe most importantly, how can track data flow of the target with that specific tech in mind. The issue with seeing tutorials on specific attack types seems to be trying to attack the same few input fields for hours but ignoring the all the technology used on that webpage that would likely tell me, "Hey, this page is pretty secure, maybe keep digging into other subs/ends."

Yes, would absolutely love a hands on video on each of all the topics!
1. XSS
2. CSRF
3. IDOR
4. Auth Issues
5. Leaked Creds

Yes! I would very much want to see more hands on videos on these bugs :) Your videos are awesome always!

Am planning on being a full time bug bounty hunter this coming January, but my piggy bank is still behind ..if i could i would take your bug bounty course to fortify my skills..,gotta say your vids really motivate me..cheers!! from Botswana

Listen $500 is a lot for me and thank you so much for this video! I am going to focus on Blind XSS and start your Udemy course thank you!

this channel is literally a goldmine, don't understand how it's only 105k subscribers

I would love more videos like this from you. Very helpful. Thank you

A hands on version of this video where you can make some labs will be highly appreciated. Thanks for the cool heads up !!

Yes i would genuinely love to see and would definitely watch hands on demo videos of each vulnerability type

Yes, Love the content and would love you to do a demo of the vulnerabilities.

Yes please! You really talanted tutor! It easy to understand and follow you. Thank you a lot xx

Yes Ben, Please also provide a demo of all those vulnerabilities :)

I like this content. Yes NahamSec, please do more videos. Thank you.

Please do a hands on version of each vulnerability . Thank you man ❤

I would love to see a hands-on video of this. That's exciting to hear.

Gold! Cant wait to see the demo of those vulns, thanks ben!

I'd love to see a video on Authorization issues.
Though I've found some, but I feel I am missing something.

Would love more in-depth videos on each topic mentioned!

If I get $500 based on content made available for then I will purchase your course based on that. Good luck to you too!

Yes, can we get a demo video showing how to look for these vulnerabilities. I just got my Sec+ and have been interested in learning more about bug bounty. Thanks for the video and get up the great work.

Hey Ben, It will be better to share step by step resources to learn, master and get confidence of hunting for a specific bug. :) It would be a really awesome content. People like me sometimes get confused how they could master a bug and how to learn that at an insane level to get out of average hackers. So I hope you'll make this content in near future.

Yes demo will be very helpful

Needs brother these types of beginners friendly bugs and how to test for it it's very helpful.
Looking forward too see these types of videos.

Yes Naham we would love to see a hands on demo!

That’d be awesome to see a demo video. Keep up the great and educational content! 🙌

Yes.... The content is really good... Looking for demo video on each vulnerability

I am looking forward to seeing a demo of those vulnerability types :)

This is amazing! I want to find my find my first live bug, paid or not before the year end. I would love the video demo.

чувак, спасибо тебе за этот ролик! он полезный , круто! продолжай в том же духе 🤘
Хотелось бы подробнее с примерами о : SSRF, CSRF.

not easy, I try for passed 3 years, I didn't find any bugs, I don't why but I learn lot like python, linux, networking. I don't know why i can't able to find anything, they said recon, why we have to perform recon, after recon what will do. If i search for Software Engineering roadmap, it give accurate roadmap to take action. but there is not roadmap for bbh. I don't know lot of things why we have to perform this. please give accurate to correct roadmap to success in bbh and lot of resources is there. i don't what path is correct and which path i need to follow. Please give some resources to help to become find my first bug.

It was very helpful for me. Good approach and techniques. Share your practical knowledge also.

Do you think burpsuite pro is worth while if im just starting out. Almost done with the CBBH course from htb and then doing portswigger labs. I need burpsuite pro to do the portswigger certification though and not sure if its worthwhile if im just starting out

Yeeees hands on videos and thank you so much ffor this content

Dude, clickbait us all you want. LOVE your videos! ❤‍🔥

Def would love to see the demo. Very informative

Thank you for the video. My question is --
How do we find XSS if X-XSS-Protection header is placed on every page of a webpage?

i want a hands-on version of this. I love these videos.

Yes we want to see the hands on lab videos. About xss do you recommend kxss to see what is reflected?

Hands on videos yessssss

For a new starter which bug bounty platform would you recommend; does it really matter whether we pick H1 / Bugcrowd VS a smaller place like Intigrity with less competition surely? 😊

your videos are great Sec. Thanks for the knowledge

Yes, please, the video will be awesome.

Hi Ben, thanks a lot for the video, please make hands-on as well.

Yes we would like to see videos on each vulnerability

Yeahh, please do demo vids on them. And practical low hanging fruits

Honestly learned a lot really fast, clickbait was worth it 😂

Hello NahamSec, i would like to thank you for this video. Kindly please make video how to bid for the bounty on bugcrowed or intigriti platform from start to send report. Thanks

Man, for god sake i love your content

It would be awesome to see a video on encoding. Both from a defensive point of view and as a method of obfuscation.

We want full video hands on each concept ❤

it will be very much helpful to us, As a beginner we try to understand to of the vulnerability's and lost our most of the time's, If you do the hand's on video, may be it can push us to do more hand's on practice

it would be helpfull if you can share demo on how to find this vulnerabilities, thank you

Do a demo. We are eager to see that is possible. Nice and educational video by the way! Thanks.

Can you make videos for mastering a vulnerability or the most vulns needed alot of thinking to make the vuln have more impact

maybe web tech video will be awesome, some common places to look for, like in swagger ui have xss with low-medium impact

Yes I would love to see a demo

Hey great video, I have a question how to get pentests or rather how to get into pen-testing.

Want to see those demos! 🤘🏻

Yeah practical explanation video needed naham ❤

Now i am waiting for nxt Monday

I love anything cyber so im in. Especially on current bugs and news....Also duhhh show us the hands on.

Course on Udemy hasn't been updated in 2 years? Have things not changed much?

Yes. Need demo for the vulnerabilities.

I love ya dude and you do a lot of for the community!
But as someone who heard the same information from different sources what I would love to see is training, the secret sauce, and technique sharing. I know in bug bounty those things are held close to the chest but for someone stuck in the middle from beginner to practitioner, it would really help all us in that position to advance and level up.
I would even be willing to pay.
Thank you my friend
Let's see that demo!

Yes we do need a hands on explanation :)

We want demo for each of those five.

Yes demos for all of them please please please
I need to make extra money to afford my bills and I got 4 months left before I run out of money lol 😂
I want to learn and I want to be good
Another video idea could be reading bug bounty scope of work properly sometimes they are confusing to understand fully

can you please make a video on authorization ?

What do you think about tool nuclei?

appreciate Ben, Really amazing content.., well we want more content like this, but missing streams and interviews.

yes love this content

Great video. Appreciate the advice, and yes I'd like to see a hands-on. Any help I can get is always welcome.... Please?

Awesome Naham

Yes please do a demo video.

can you explain more about API keys for compenies
i can scan any domain and get a lot of keys
letterly any domain

Thanks for the video!!

If these are the most common bug bounty skills then does that mean most bounties are web based? Or is the web just the first point of contact when trying to find a company's real internal servers? I guess companies internal servers aren't usually exposed for bounty hunting as often as their web servers ?

yes absolutely a demo would be great

It would be amazing if we see examples from u

Theory + Demo 💯

Yes please to the demos!

Hands on type of this video would be awesome

make a video on authorization issues I would definitely watch that

Demo video please! This is awesome content!

i would love to see a hands on version. I've had hands on computers and networks since 1983, compulsively consume bug bounty education, have hunted multiple bounty programs and just can't even seem to even find dups....i can't, won't, and refuse to give up on this. i've always been the computer/network tech/ guy on the blue side and just can't help but to think i just can't seem to think nefariously enough to be the "red-teamer"... wtf (btw, you are my fucking hero yo!)

Hands on video showing how to find these vulnerabilities plsss

yes, please make demos on the mentioned vulns

Love these videos❤

Hi Ben, awesome video once again, would love for you to post more content on IDORs and Authorization Issues. Just by the way you don't need to click bait me to get to watch your videos, the whole reason I subscribe to you is cos your content is excellent. I would watch it anyways and support you any day. Would some day love to make a $500 Bounty (IA) but it takes a lot of practice and I just need to get my butt away from streaming crap in the evenings and studying. Thank you once again. Keep up the great work. 😉

Love the vid. Yes, please do demos...

Hands-on demo would definitely be a great

500$ works for me let's get started.

Yes demo of all the vulnerabilities plz

Yes pls show us a demo