Watch me hack a bug bounty-like target from scratch.
HTML-код
- Опубликовано: 29 сен 2024
- In this video, I will demonstrate a bug bounty hunting methodology on a CTF website that mimics a bug bounty target. I will start from scratch and become admin on multiple web applications. Many techniques will be used: Subdomain enumeration, directory bruteforcing, using tools such as assetfinder, ffuf and Burp Suite Intruder.
- Download your FREE Web hacking LAB: thehackerish.c...
- Read more on the blog: thehackerish.c...
- Support this work: thehackerish.c...
- Facebook Page: / thehackerish
- Follow us on Twitter: / thehackerish
- Listen on Anchor: anchor.fm/theh... Listen on Spotify: open.spotify.c...
- Listen on Google Podcasts: podcasts.googl...
Thumbnail photo by Andrea Piacquadio from Pexels
This video met me at the right time. Thank you very much. I'll definitely learn a lot from it.
Glad the timing was perfect for you ! Enjoy
Looking forward to reading it!
I think you don’t do ctf you do real thing called bug bounty
I've taken a few bounty Udemy courses and have watched a ton of video guides on youtube and other places. I wouldn't say I'm new to the content but I'm definitely not a professional when it comes to bug bounties. I'm not even 5 minutes into this video and have already dubbed this one of the best beginner videos I've seen so far. Why? Because the step-by-step example methodology and information is gold.. Not really found in other places as far as I've seen so far. Other typically explain their seemingly complex methodology that they have adopted, and beginner courses tend to focus on very beginner content. This has been middle ground information that is really useful! Looking forward to more!
I am glad your found the content helpful! Thanks for sharing your feedback!
This is the most educative video so far, been going in circles
Lol clicked video because it said you were going to hack an actual bugbounty target, then i see its a ctf. Was going to say how did het get to release this! Every bugbounty i have ever done has a non-disclosure. Lol any way good video for beginners
I had permission from one developer to release a video doing bug bounty, well... web hacking, cuz I did it for free. Check it out, ruclips.net/video/aiOq-yOzgW0/видео.html
Great video! Thanks! Is the "A Bug Bounty Hunting Journey" book available yet?
It is available: www.amazon.com/dp/B08T81PP65/
I have exploit no rate limit, but now its been duplicate, what else i can do based on no rate limit. Further what can i exploit?
bruteforce directories for interesting ones? passwod spraying using a custom wordlist?
@@thehackerish ok thanks
Idk why iam always finding errors while running the tools I applied as same as u applied
Really Helpful. Where can I find the e-book (A bug bounty hunting journey...)
Will be shared once ready :)
@@thehackerish looking fwd to reading it :)
It’s ready or not 🌝
Awesome. Maybe you can show us more challenges from this website and how you solve them:) It was a great help for me understanding how an Bug Bounty researcher is thinking!
As much as I'd love to, this might spoil the fun for you and skew the leaderboard on the website. I will think about it though.
@@thehackerish Thank you so much!
Finally what I wanted I got🔥❤️👍
This was the one i searching for
I am glad you liked it :) Enjoy!
I just say woowwwww
those are the kind of video we want to see . great video dude wish you all the best
Thanks!
so do the flags coincide with vulnerabilities within the domain, if this was real life would those flags be something that could be abused and therefore reported in a BB report?
Some, not really. Others, definitely! It depends on the situation.
Just the video I wanted. Thanks.
alternative for burp collabrator
nice video
Thanks
When did a CTF become a "bug bounty target"?
When we started watching new websites providing bug bounty-like challenges in the form of a CTF.
Awesome ❤️
Thank you! Cheers!
Great content 👍🏻
Nice video
great video i'm Looking forward to reading the book
Hope you enjoy it!
You deserve more 👏👏👏
Appreciate your comment! Share the channel in your hacking surroundings buddies :)
@@thehackerish did already..... Ma discord buddies are on the way.... 😄
@@psychoSherlock You are the best!
@@thehackerish Nop, you are. I felt like you teach something in a way no other RUclipsrs does........ That's y I asked them....
Very Good Quality content.
Thank you
Thanks for the video!
Enjoy! my pleasure :)
Wow That was so smooth makes it look very easy to be hacker 😁 keep going bro