Это видео недоступно.
Сожалеем об этом.
How to approach a target in Bug bounty programs Extended part 2 | Bug hunting live
HTML-код
- Опубликовано: 28 май 2024
- Disclaimer: This video is for strictly educational and informational purpose only. I own all equipment used for this demonstration. Hacking without permission is illegal so always ensure you have proper authorization before using security tools in any network environment. thanks.
for all commands in txt format join telegram channel: t.me/lostsec
Please upload all commands
in tg
@@lostsecc Waiting😂😂
I didn't found command files pleasse upload it asap
t.me/lostsec/536
you are the best thanks for the teaching!
❤️😇
Just your one video cleared my so many confusions
happy to hear ❤️🤗
my bro you are true definition of "HACKER"
thnq bro ❤️🤗
Bro Finally i got your video i want for long time thank for this asome content Bro
now content will come back to back new ❤️☺️
Best methodology I've seen , thanks bro you're great
my pleasure brother ❤️🤗
Running bunch of tools isn't a methodology. They are called script kiddies.
@@aasislimbu4961brother it doesn't matter if you can hack or get bugs. At the end they will say hacker hacked our site or they will say take the bounty for the bug no one will tell you are a script kiddies
Thanks for the video bro! 🎉 congrats for 10k subscribers in advance.
thnq brother ❤️😇
Ik It's asking for a lot but would you be willing to take a bit of extra time and write down what you're doing? Just a short description in a notepad or somethin explaining why you did what you did in each step, I'm only asking so the newer people (like myself) can understand why you do what you do
theres no explaining only doing :)
sure i will send txt format in telegram channel
@@lostseccYou're really impressive brhh 👀🤍
Our bro did it again! Lostsec you are one of a kind
🙈❤️
Wow! Awesome coffin brother i addicted your all content videos....i did eagerly waiting for your bug bounty videos and music 🎶....but, sqli missing from you.... recently i asked sqli content videos, so, i believe that concept coming soon....❤
sqli not allowed in yt there is high chance for strike so..but i will upload in tg
@@lostsecc ohh...ok bro
ty soo much!! part 3 plz :)
sure ❤️
I have learned many things from your videos.❤❤❤
You are legend hacker❤❤❤❤❤❤❤
☺️🙈
What kind of terminal you are using.
Can you share, how we can also set up like yours?
Is it windows or linux?
Btw it really looks cool
its wsl2 kali
after long time you upload new video. dont forget us bro 😢. as always your all video greatest including this
sure bro now i love u all. i am active now i will upload continously from today..🤗🫂❤️
@@lostsecc tnx bro
Always different things from anyone
Love you bro.
Keep Hacking.
❤️
Love your videos brother
❤️☺️
Great Job. Even though this is voiceless cybersecurity channel, we enjoyed and learn new things from it.
Keep up the good work
❤️😇my pleasure brother
You de Man Bro❤🎉 Wellcome Back❤
🤗❤️
We missed you, brother ❤
🙈☺️❤️love u my brother now i am active
thanks for showing the way
We need a part 3 for this video man
sure ❤️
Great Man
But i prefer to explaining the video by your voice ?
when i have good setup i will
Bro how are you getting command sugesstion in wsl
you need to install autosuggestion and auto syntax hilighter try it www.google.com/amp/s/blog.tericcabrel.com/setup-zsh-autosuggestion-and-syntax-highlight-on-ubuntu-server/amp/
learned so much from you bro .
my pleasure brother 😇❤️
Legend is back 💪
☺️🙈
Did u get a bug? Cause i see a lot of cors vuln url, do u test them one by one? Great video btw🔥it suited me well🔥
cors only effective in senstive endpoints so always check that
Bro r you using Kali Linux or ubuntu in windows terminal, or is just a command prompt which has been set to look like Linux?
its kali linux
Bro can u do tutorial for manual testing bcz some website tells no automation tools
no autom means no other tools like automatic scanner nessus,acunetic and some other ffuf or high threadings..tools use it with low threads ...dont worry all use automation
Bro can you please add a video on information Disclosure too.BTW thanks for sharing such a great content 🖤
sure ❤️
Bro do we need a vps for this because it need high bandwith and i didn't jave that much
Please make a video on manual approch as well, because this will eat my whole Sim package in just 2 to 3 hour's, and i am not able to afford a vps for this
no need vps but if u have its goodOne..
@@lostsecc Do you use wifi
Great content! Brother. After running the commands subfinder, httpx, and katana, followed by bxss, the output typically includes testing results of the URLs with various payloads to identify any XSS vulnerabilities. Does the tool provide explicit results indicating "XSS found" or "success"?
use other tools this give false postive most time..
@@lostsecc okay brother 👍
need more video like this.
sure🤗
Bro i am using Blackarch Linux bro can tell me best tools in blackarch Linux for penetration testing
i prefer kali bcz it has all bug hunting tools in there repo so you dont need to install manually all tools..
Keep the good work
🤗
Very good videos, very good videos, very good videos indeed.
thnq ❤️
Please add all custom repositories you use to github
sure
Do you do any manual testing?
yes
Bro Can You Tell How U r using Linux in windows... Can we use it too... If yes... Kindly make a vedio on this how to install... PLEASE SIR... Thankyou very much for this information and your efforts.
he is using wsl, its easy to install but can cause problems sometimes
It's not windows it's Kali Linux undercovermode
no its wsl2 kali
not faced single problem till now but when i used kali before i get so many problems like boot error..
@@lostsecc Mee too bro , i were serached on youtube like this how we can run kali terminal on wind i got wsl so i were trying to install but getting packages error please make video on that wsl i want like your terminal bro pls
I wanna ask you something sir where are your learn bug hunting can you suggest something plsss
portswigger+yt+twitter+medium+google+hackerone reports
Your vedios are very informative initially i am not available to understand what is going
you will ❤️
Dude should I learn Little bit yaml to use nuclei
Brother can I get it nuclei template please❤
Can you make a video on how to exploit CORS vulnerability.....because only reflection of origin Header becomes very low impactful or informative
watch my other cors video alrady video that..
@@lostsecc okay👍
Can you help me sir?
In my setup dirsearch is not working
use ffuf
what is the extension that showing you api key just after loading website?
tufflehug
Also brother it will be much help full if u take a live session on sqli in detailed for like 2 hrs .plzz brother
Answer?
bro dont worry i upload all things in tg channel
❤❤🎉great contents
thnq bro ❤️
great content ...
❤️🤗
very good if you share with us the templates you use in nuclei 😍
soon upload in github..
plzz make video on how to configure system like you for bug bounty 🙏🙏
sure ❤️
what extension do you use on the firefox?, especially to get apikey, like the popup when you enter the website..
its tufflehug
bro video ke shath voice chahihe
Hey bro very nice video. Please con you tell me that how can i install shortscan tool in Linux
just install it from github easyOne
nice auto methodology, but where can we get those cnts? i assume they have the 2024 cves and updates vulns, seems useful
just use --tags cve
@@lostsecc you think so? nuclei default templates never gave me good results :( but ill try, thanks
try with -nt if u are first one to explore or test that site or domains then high chance..bcz all are using default one so be the first one..
@@lostsecc
Love u Brother ❤❤❤❤❤❤
Bhai aapne jo dirsearch me wordlist use kiya hai wah kaha se milega in part one
i did'nt use a wordlist ita default one i used just extensions..
thank you bro for this aswm video. i was waiting for long time. bro can you make a video on how to set VPS for bug bounty like you plss
sure
Which wordlist are you using for dirsearch
u can use onelistfor all or fuzz db
@@lostsecc Thanks, how about your nuclei template? is it available?
uploading soon..
Could you share the wordlist You have used in dirsearch?.....
its default one i just used extensions..
Bro can you suggest me a vdp program to hunt on
usa department if defense
Great Video.
thnq bro ❤️
great video
❤️😇
Brother ur templates u have to be shared in the group.but not uploaded could u please do that upload.
soon upload in github..
Hey what is the process in bug bounty when scraping website files or config files called? Like I want to read the source code of a website. Is that even possible?
yeah you can read if u have good programming langauge knowdledge..
what plugin u used for api key that u read from source code
in the start
tufflehug
@@lostsecc thankss bro
how you personalized your terminal?
wsl2 kali with ohmyposh custom theme
Hi bro i have a query i already join your tg channel bt your command txt not find you tg channel how i can find your command txt in this video
sending now..
which wordlist u used for windows ?
use fuzzdb wordlist of onelist for all
broo where to find your nuclei templates??
upload soon in github.
Im on the telegram, where are the commands? Great content btw
search in channel you will find..
Nice video
❤️☺️
How did you get the generic API key?
tufflehug extension
What is the bug in the vedio and where is it how do you know that you found a bug?😅
i shared the methody for this program u can try in other program to more effective result..this site has some bot restriction or captcha restriction..
Where do I get you custom nuclei templates?
i will upload soon in github
@@lostsecc I see your github but not the templates, where else can I go to view them because I'm stuck at the niclei-templates/http/exposures, I see where you pull your custom templates tho, idk which one it is outta that 38 tho
how to get nuclei templates ?
upload soon in github
nice bro .. u have found apikey so what should we do to check if that apikey valid or not so if there's tool to do that plz write it down
use keyhash.sh script that i shared in tg channel
@@lostsecc thnx
How can I have a terminal like yours? Can you teach me please?
i will upload video soon..
@@lostsecc Thanks bro, your content is very good
❤️🤗
what command using exploit apikey ?
use keyhacks sh bash script shared in my github repo
oh that methodology txt , can we have that?
yeah i will share in tg channel
Can i get your nuclei template ?
will share soon..
Please upload all commands
bro which extension you used
i shared all must check in tg channel
@@lostsecc ok
Please manuel testing guide bro
sure next comming..
katana ki -ps and -pss command toh chalti nahi hai
cat subdomains.txt | katana -ps -f qurl
can you explain how to install nuclei tamplate
i will upload in github soon..
@@lostsecc ❤❤
Ey bro how do you use linux on windows?
wsl2
how to exploit api key ?
use keyhacks sh script that i shared in tg channel
bro send that methodology command bro
i shared in my tg channel
How to expolit generic api key ??
use keyhash.sh script
Bro kaha se milegi ye keyhash script ???
Bro kaha se milegi ye script and use kaise karu ??
Brother can I get nuclei template please❤
i upload soon
Please share bash script and payload.txt of LFI
sure
😍😍😍😍😍😍
❤️☺️
part 3 ????
yes sure
I want your terminal wallpaper and theme
dm me in telegram i will send u ❤️
@@lostsecc thanks
TEACH ME THE WAYS SENSEI
sure
Can you share the txt file
sure i will share in telegram channel
kapan update akun netflix lagi bang?
what
Give us the commands please 🙏
i send in telegram channel
@@lostsecc I am in your telegram I don’t see it
i am sending..
Yo bro awesome video ❤ but how you check all the results that you get? I mean you check it one by one manually or you use some tools to see if they are alive and give you a positive 200 error?? Thx
httpx+nuclei
Brother please put these commands on description 🥲
i shared in telegram channel
@@lostsecc I can't find them please give us the message link
Hi bro i have a query bt i can't find a way to contact you in telegram how i can contact you