Hey Naham! How long it takes for a beginner to be really good that you start making some bucks? I'm not talking about millions of dollars here but maybe some hundred dollars?
Your live recon videos have helped me learn a lot, and they actually led me to find a $1000 bug. So, thank you for that! I'm referring to the old recon videos like Yahoo and some interviews where you conducted recon.
One thing I can't get good clarification on: a lot of bounty programs say something along the lines of 'no automated tools' but most bug bounty educational videos seem to tout the overall important and use of automated tools. It is not a sexy topic, but something I would love to see a bit about. No worries if it is something you don't want to cover!
Like someone else said - they don't want you to run vuln assessment tools that have likely already been used. The main thing is a lot of these tools spam massive amounts of requests and make a lot of "noise", which make it tougher on SOC teams to be able to differentiate BB hunters traffic from actual threat traffic.
good video, your video changed the way I look at web apps, starting from methodology and others, and now I always do manual tests even though it takes a long time, that's what makes me like BB
Great video, love your content. As a complete beginner with a tremendous amount of motivation to get into big bounties and ethical hacking. Would you have any advice or words of encouragement how to get into this field. I just purchased your udemy course! Thanks for the great videos
Just stop thinking how to get started. Pick some websites, play around and understand how they work, look at login flaw, try to find open redirects as a beginner. My first bug was open redirect and then XSS. Just start hacking while learning.
Thanks mate for being with us .Thanks for hoke me up with bb . Iam not just doing for money doing to challenge myself and get satisfaction of my hobby .Thanks and Happy new Year
Hi, i started bug bounty at 1 year ago , i need a peoples who work in this industry for their exp (sry for my bad eng , without translate)Thx for the videos
You don't really need a supercomputer for this. That processor is enough, you need at least 8 GB ram, 16 GB and up is recommended. For web application hacking you don't need a virtual machine, you could install Linux alongside with your windows.
You don't need such a good pc when starting out. Get something cheap like a lenovo thinkpad t480. Anything that has an i5, 8 or 16gb ram, and at least 256gb ssd will do the trick. Once you start earning money in bug bounties, you can eventually save up for better components, or a better laptop in that case.
hey ben my plan is looking for idor only in every application i approach do you think it's a good idea ? and i thinking learn more about authorization issue's and file upload vulnerability what's your comment
That is not a bad idea but make sure it makes sense. That means the application has an API/GraphQL backend or makes AJAX calls to retrieve PII or sensitive information.
No worry for this, everyone started at this point, you probably reporting some informative reports that are reported a long time ago before you. Always make sure your reports are valid and have impact, if so ask a mediation for help, I get a lot of duplicates by mistake of lazy triagers...
📚 Purchase my course and learn about bug bounty hunting 👉🏼 app.hackinghub.io/hubs/nahamsec-bug-bounty-course
done
Hey Naham! How long it takes for a beginner to be really good that you start making some bucks? I'm not talking about millions of dollars here but maybe some hundred dollars?
3 years
@@Whatisthis_1
@@mdowais6447 Whaat? 3 years to make a $100? Are you joking? or you meant $100,000
Can you post new coupon, please?
I was really needing phase 2. I don't think I've head a content creator mention to get to know yourself and what type of hacker you are. Love that
Your live recon videos have helped me learn a lot, and they actually led me to find a $1000 bug. So, thank you for that! I'm referring to the old recon videos like Yahoo and some interviews where you conducted recon.
Nice!! So happy to hear that!
That's awesome! Congrats!
How much time you needed for that?
@@milankomatinovic6614 started on September 8th got a bug on next year July 8th
What kind of bug was it?
One thing I can't get good clarification on: a lot of bounty programs say something along the lines of 'no automated tools' but most bug bounty educational videos seem to tout the overall important and use of automated tools. It is not a sexy topic, but something I would love to see a bit about. No worries if it is something you don't want to cover!
I believe by automated tools they mean is tools like nikto that does vulnerability assessment. There’s no need since they can use those tools too.
Thank you!!@@KhalifaYakub
Like someone else said - they don't want you to run vuln assessment tools that have likely already been used. The main thing is a lot of these tools spam massive amounts of requests and make a lot of "noise", which make it tougher on SOC teams to be able to differentiate BB hunters traffic from actual threat traffic.
Great explanation! This community rocks.@@effsixteenblock50
@@effsixteenblock50 so tools like subdomain enumeration ones or directory enums are okay?
Your Critical Thinking Bug Bounty Podcast was 🔥🔥🔥🔥
Thank you!!
Well I get lost watching your videos, that's why I never start hunting. Man you are a very unique person. Thank you for your great work and energy.
good video, your video changed the way I look at web apps, starting from methodology and others, and now I always do manual tests even though it takes a long time, that's what makes me like BB
Thank you so much for sharing. Now I got a very clear roadmap to follow😀
looking forward for the automation video too!
You forgot Stock, he’s a good guy and he’s vibe is totally different from any other hacker at the community
Thank you all bug bounty hunters!
Thanks! Looks like I'm in level 2 right now 😊
Nice! Keep up the great work. You'll get to level 4 in no time!
@@NahamSec Thanks my man, you're really an inspiration for me ✌️
Nice video ❤🎉,Thanks for the video
thanks for giving back to the community
love this! thanks
Glad you enjoyed it!
Great video, love your content. As a complete beginner with a tremendous amount of motivation to get into big bounties and ethical hacking. Would you have any advice or words of encouragement how to get into this field. I just purchased your udemy course! Thanks for the great videos
Just stop thinking how to get started. Pick some websites, play around and understand how they work, look at login flaw, try to find open redirects as a beginner. My first bug was open redirect and then XSS.
Just start hacking while learning.
I heard the advice from someone like: not to learn how to hack, HACK to LEARN how to hack.
Thanks mate for being with us .Thanks for hoke me up with bb . Iam not just doing for money doing to challenge myself and get satisfaction of my hobby .Thanks and Happy new Year
Im snagging this course for sure!
i started bug bounty because of motivation which you gave me
When did you started and how is it now?
♥️
The number 1 cause it information technology problems is black hats
Hi, i started bug bounty at 1 year ago , i need a peoples who work in this industry for their exp (sry for my bad eng , without translate)Thx for the videos
Did you earn anything, and whats is your level of skill?
@@antoniobertolini9358 yes, im earn , my level between Intermediate and Advanced
I can edit your videos with more graphics .
I'm ready for that
Thank you Nahmsec im in Level 1.5 I start 8 month ago found 8 bugs (vdp) :)
That is amazing!! Congratulations and keep up the good work!
Bro i don't have good budget to buy a pc or laptop. Can i start with ryzen 3 3200g? Can we install virtual machine on it? Will it work?
You don't really need a supercomputer for this. That processor is enough, you need at least 8 GB ram, 16 GB and up is recommended.
For web application hacking you don't need a virtual machine, you could install Linux alongside with your windows.
@@atanaspeev4960 can I use i3?
Juz go for PC around 30000 price, there are plenty
You don't need such a good pc when starting out. Get something cheap like a lenovo thinkpad t480. Anything that has an i5, 8 or 16gb ram, and at least 256gb ssd will do the trick. Once you start earning money in bug bounties, you can eventually save up for better components, or a better laptop in that case.
Yes please update the Course @Nahamsec.
sir , can you suggest programs have large web application with ton of functionality for manual hunting
I saw you recommended "black hat python" as 1 of 5 books, but in chapter 2 it's already too hard
So keep learning! This isn’t suppose to be easy.
Did you bother to learn Python first?
hey ben my plan is looking for idor only in every application i approach do you think it's a good idea ? and i thinking learn more about authorization issue's and file upload vulnerability what's your comment
That is not a bad idea but make sure it makes sense. That means the application has an API/GraphQL backend or makes AJAX calls to retrieve PII or sensitive information.
@@NahamSec k thanks
thanks Ben
I have my audio maxed out, I think your video/voice is quiet, a bit hard to hear.
عالی هستی بهروز جان،این کورس برای مید لول هاست؟
Beginners for now
@@NahamSec تشکر،راستی لایو ریکان یا لایو هانت دیگه انجام نمیدین توییچ؟
Thanks man
which platforms for bug bounty?
Where can learn ios bug bounty?
I have done the first three resources...
ThankYou Sir
I'm a white hat. I hate Black hats
Thanks
Fire
Ambiguous Information … With Sprinkles of Advertising. Always repeating the same info
Make a video on technology stack based testing
Love from India
Your to close to your mic
Ez, just start with Call of Duty 😂
Where are we dropping?
Can you share coupon code for udemy cources
It's in the description of the video
www.udemy.com/course/intro-to-bug-bounty-by-nahamsec/?couponCode=RUclips
Thanks I am also very interested in bug bounty and doing an internship
❤❤❤❤❤❤❤
I always getting duplicates
No worry for this, everyone started at this point, you probably reporting some informative reports that are reported a long time ago before you. Always make sure your reports are valid and have impact, if so ask a mediation for help, I get a lot of duplicates by mistake of lazy triagers...
step 1 is learn web development
Eyv knk
Başlanır mı yani
Wasted 2/3 years in bug bounty nothing happen😢
really ? how
@@KaTal-6 learned bug bounty cant find any bugs
Haha this is sad reality for most of you who wants to get into bbh..😅
you cant destroy what you cant build! and not all developers are hackers.
@@serialkiller8783 come at me bro!
😢❤
First ❤
Noice
og