@@SumitYadav-lr5vy i would suggest you to start with one of these: IDOR, Business Logic Errors or Broken Authorization. Specially business logic errors, that may not be as popular as the other ones.
@@SumitYadav-lr5vy actually to find a business logic error vulnerability you need to understand the business of the application you are testing. For example: a dating app allows the user to send messages to another user only when they have a match. But what if the user can actually send messages to a person before the match?
Thanks for the video
I’m learning so much from this community
I can’t wait to give back
Thanks! What topic would you like to see next?
@@bugbountywithmarco SQL injections is what I’m on RUclips looking up now
Excelente vídeo, não pude deixar de notar que você é brasileiro. Estou começando agora, ainda na busca do meu primeiro bug
bons estudos amigo!
Bro great video, i truely love the pace…keep it man..
@@poiuymnbvc8339 thanks!
Thanks, nice work. Keep going!
thanks!
Thanks, nice explanation
nice to know that! Is there any other vulnerability you would like to see in the perspective of a web software engineer?
I am just beginner in this field so just learning from internet Portswigger labs, RUclips, you etc any help appreciate
nice to know that, i’ll be posting about other bugs soon
Thanks
Can you make a series for hunting xss?? Showing how to exploit xss in different ways
@@poiuymnbvc8339 that’s something I wanted to do. I have some application that I developed myself that i can use for demonstration
So about doom xss
Can you start a series in which you explain bugs which a not hunted by many hunter
@@SumitYadav-lr5vy of course! I have a scheduled video here about non common vulnerabilities
keep making more videos
thanks for the feedback. What topic would you like to see next?
hey i have noticied u reported many vulnerabilities in hacker one may i know what kind of those vulnerabilities are? do those are xss? or what
my top 3 most reported vulnerabilities is: business logic errors, IDOR, and Improper Access Control
@@bugbountywithmarco oh thanks & interesting
So as a beginner who just started bug Bounty what types of bugs will you recommend him to hunt for ?
@@SumitYadav-lr5vy i would suggest you to start with one of these: IDOR, Business Logic Errors or Broken Authorization.
Specially business logic errors, that may not be as popular as the other ones.
@@bugbountywithmarco can you recommend me some recourse because business logic error doesn't have good resources?
@@SumitYadav-lr5vy actually to find a business logic error vulnerability you need to understand the business of the application you are testing.
For example: a dating app allows the user to send messages to another user only when they have a match. But what if the user can actually send messages to a person before the match?
@@bugbountywithmarco it is like bac related issues
@@SumitYadav-lr5vy a little similar issue
After watching this video I think it is not worth it to look for xss zo which vulnerability should i learn apart from improper access control
my next video will be about some different xss techniques, maybe it can help you
none of your social links are working btw
thanks for the tip. I believe this is happening because this channel was just created.
You can find the clickable links in my channel page though