hello katie. I love to watch you videos, Its has been a month or more since i started learning bug bounties and your videos are helping me a lot. I know what a bug does, its impact to a company and ways to prevent (thanks to you ) , i have little knowledge on burp suite ,decent understanding on how web works and lastly i know basic html, css and javascript, but the problem is that its all theoretical and i have done very less ctf and none real hacking because my knowledge towards bug bounty is that i know them but its like in parts and i really don't know how to connect them because in youtube everyone explains the bug but no one actually shows how to actually hack it with explained steps. So please give me some suggestion on should I do before learning about vulnerabilities (programming languages) or anything would be great because this confusion is really annoying. Thank you. (please respond)
Honestly you just need to jump in, watch my videos on first bugs, read about some of the vulnerabilities and how to find them, then just practice. I really recommend my video for WHackzCon which goes through the basics of bug bounty in Bug Bounty 101 style (Twitch VOD www.twitch.tv/videos/643965717 (2hrs in)). You can see my recent demo on hacking an API live as well: ruclips.net/video/cWSu2Ja65Z4/видео.html to see more info. Fundamentally you have the following steps: 0: How does the web work (you have this one), 1: What vulnerabilities exist, 2) What are the signs of those vulnerabilities and 3) Practice finding them.
hello katie. I love to watch you videos, Its has been a month or more since i started learning bug bounties and your videos are helping me a lot. I know what a bug does, its impact to a company and ways to prevent (thanks to you ) , i have little knowledge on burp suite ,decent understanding on how web works and lastly i know basic html, css and javascript, but the problem is that its all theoretical and i have done very less ctf and none real hacking because my knowledge towards bug bounty is that i know them but its like in parts and i really don't know how to connect them because in youtube everyone explains the bug but no one actually shows how to actually hack it with explained steps. So please give me some suggestion on should I do before learning about vulnerabilities (programming languages) or anything would be great because this confusion is really annoying. Thank you. (please respond)
Fundamentally you have the following steps: 0: How does the web work (you have this one), 1: What vulnerabilities exist, 2) What are the signs of those vulnerabilities and 3) Practice finding them. You need to take all that theoretical knowledge and start hacking! If you watch my Finding Your First Bug series I break down a lot of bugs and show you the steps to find them ( ruclips.net/video/RobCqW2KwGs/видео.html ) I've also gone through more steps in my recent presentation for WHackzCon - Bug Bounty 101 (Twitch VOD www.twitch.tv/videos/643965717 (2hrs in)). You can see my recent demo on hacking an API live as well: ruclips.net/video/cWSu2Ja65Z4/видео.html for more live hacking. Also I go over some easy beginner bugs and how to find them with DevSlop too ruclips.net/video/qqmyAxfGV9c/видео.html. But honestly it sounds like you just need to sit down and try and have a go Hacker101 is a great CTF to start with ctf.hacker101.com/ and you can also try out Burp on a real target to get a feel for it, one of the recommended programs is the US DoD hackerone.com/deptofdefense. I hope this helps!
My first bug bounty (on Bug Crowd) was an API. You & STÖK are both such a positive influence on the scene.
A perspicuous description of API failures . Thanks
Glad it was helpful!
thanks, Kaite I learned so much today. The live session was lit!!!
Glad you liked it!! It was fun, expect more coming soon!
hello katie. I love to watch you videos, Its has been a month or more since i started learning bug bounties and your videos are helping me a lot.
I know what a bug does, its impact to a company and ways to prevent (thanks to you ) , i have little knowledge on burp suite ,decent understanding on how web works and lastly i know basic html, css and javascript, but the problem is that its all theoretical and i have done very less ctf and none real hacking because my knowledge towards bug bounty is that i know them but its like in parts and i really don't know how to connect them because in youtube everyone explains the bug but no one actually shows how to actually hack it with explained steps. So please give me some suggestion on should I do before learning about vulnerabilities (programming languages) or anything would be great because this confusion is really annoying.
Thank you. (please respond)
Honestly you just need to jump in, watch my videos on first bugs, read about some of the vulnerabilities and how to find them, then just practice. I really recommend my video for WHackzCon which goes through the basics of bug bounty in Bug Bounty 101 style (Twitch VOD www.twitch.tv/videos/643965717 (2hrs in)). You can see my recent demo on hacking an API live as well: ruclips.net/video/cWSu2Ja65Z4/видео.html to see more info. Fundamentally you have the following steps: 0: How does the web work (you have this one), 1: What vulnerabilities exist, 2) What are the signs of those vulnerabilities and 3) Practice finding them.
Just what I needed ATM, thank you!!
Katie... great live demo today. Thank you so much.
You are so welcome! Thanks for participating and getting involved in chat!
Thanks, Kaite I learned so much today as well the best!
thanks Katie glad of found you , and explain things so well
This was great! Thanks Katie❤️
Her content about the topic of the video finally starts at 5:33 if anyone wants to skip ahead....
Awesome to learn ❤
Great video as always
Glad you enjoyed it!
u really are great. Love your videos
i love you dude
Thanks for this video
Awesome content.
Brilliant!!
You are awesome, just wanted you to know that :)
Thanks!
does User enumeration fall in Security Misconfiguration ?
Awesome!
starts at 5:30
hey where is the explain about google dorking? nice video
Amazing
10/10
ma'am presentation link plz
👍
hello katie. I love to watch you videos, Its has been a month or more since i started learning bug bounties and your videos are helping me a lot.
I know what a bug does, its impact to a company and ways to prevent (thanks to you ) , i have little knowledge on burp suite ,decent understanding on how web works and lastly i know basic html, css and javascript, but the problem is that its all theoretical and i have done very less ctf and none real hacking because my knowledge towards bug bounty is that i know them but its like in parts and i really don't know how to connect them because in youtube everyone explains the bug but no one actually shows how to actually hack it with explained steps. So please give me some suggestion on should I do before learning about vulnerabilities (programming languages) or anything would be great because this confusion is really annoying.
Thank you. (please respond)
I have the same problem bro.
@@nh8513 yeah man it sucks. You know we think it will be over soon but the actual period we have to go through is tough.
@@nayanshrestha1386 I just wish there's any resource that gives us the practical knowledge.
@@nh8513 yeah i've been searching that every day for hours and that is whats causing so much delay in my progress.
Fundamentally you have the following steps: 0: How does the web work (you have this one), 1: What vulnerabilities exist, 2) What are the signs of those vulnerabilities and 3) Practice finding them. You need to take all that theoretical knowledge and start hacking! If you watch my Finding Your First Bug series I break down a lot of bugs and show you the steps to find them ( ruclips.net/video/RobCqW2KwGs/видео.html ) I've also gone through more steps in my recent presentation for WHackzCon - Bug Bounty 101 (Twitch VOD www.twitch.tv/videos/643965717 (2hrs in)). You can see my recent demo on hacking an API live as well: ruclips.net/video/cWSu2Ja65Z4/видео.html for more live hacking. Also I go over some easy beginner bugs and how to find them with DevSlop too ruclips.net/video/qqmyAxfGV9c/видео.html.
But honestly it sounds like you just need to sit down and try and have a go Hacker101 is a great CTF to start with ctf.hacker101.com/ and you can also try out Burp on a real target to get a feel for it, one of the recommended programs is the US DoD hackerone.com/deptofdefense. I hope this helps!