- 26
- 68 686
Kathan Patel
India
เข้าร่วมเมื่อ 3 พ.ค. 2013
Hi folks, my name is Kathan Patel and I'm a Cyber Security researcher.
I have been studying cyber security and bug bounty for the last 3 years. I started this channel because I wanted to share my knowledge with others who are interested in learning about Cyber Security.
I have been studying cyber security and bug bounty for the last 3 years. I started this channel because I wanted to share my knowledge with others who are interested in learning about Cyber Security.
Practical Things You Need To Know From Hackthebox - Shocker | OSCP Prep Series
# About: 📒
In this video, I tried to explain Shocker, an OSCP-like machine from hackthebox, it was an easy linux machine with sudo misconfig privilege escalation method to escalate to root user, I gave a quick step by step walkthrough on how I solved this box, there are multiple paths which you can explore in writeups given in description, you can also skip this part and directly jump to Things to learn from this box part to get what was there to learn from this box. 🔥
# Links : 📌
- TJnull List: docs.google.com/spreadsheets/u/1/d/1dwSMIAPIam0PuRBkCiDI88pU3yzrqqHkDtBngUHNCw8/htmlview
- Ippsec Walkthrough: th-cam.com/video/IBlTdguhgfY/w-d-xo.html
- Oxdf Walkthrough :0xdf.gitlab.io/2021/05/25/htb-shocker.html
# About Series: 📁
- Following TJ null list, I will cover OSCP-like machines in detail, describing what was offered to learn in this machine and the steps taken to achieve root access using whatever new tool or method was used, such as privilege escalation techniques and so on.
If you want to support me then you can Buy me ☕ using the below link!!
- www.buymeacoffee.com/kathanp19
# Social Handles: 📬
Twitter - KathanP19
LinkedIn - www.linkedin.com/in/kathanp19/
#oscp #cybersecurity #infosec #bugbounty #hackthebox
In this video, I tried to explain Shocker, an OSCP-like machine from hackthebox, it was an easy linux machine with sudo misconfig privilege escalation method to escalate to root user, I gave a quick step by step walkthrough on how I solved this box, there are multiple paths which you can explore in writeups given in description, you can also skip this part and directly jump to Things to learn from this box part to get what was there to learn from this box. 🔥
# Links : 📌
- TJnull List: docs.google.com/spreadsheets/u/1/d/1dwSMIAPIam0PuRBkCiDI88pU3yzrqqHkDtBngUHNCw8/htmlview
- Ippsec Walkthrough: th-cam.com/video/IBlTdguhgfY/w-d-xo.html
- Oxdf Walkthrough :0xdf.gitlab.io/2021/05/25/htb-shocker.html
# About Series: 📁
- Following TJ null list, I will cover OSCP-like machines in detail, describing what was offered to learn in this machine and the steps taken to achieve root access using whatever new tool or method was used, such as privilege escalation techniques and so on.
If you want to support me then you can Buy me ☕ using the below link!!
- www.buymeacoffee.com/kathanp19
# Social Handles: 📬
Twitter - KathanP19
LinkedIn - www.linkedin.com/in/kathanp19/
#oscp #cybersecurity #infosec #bugbounty #hackthebox
มุมมอง: 521
วีดีโอ
Practical Things You Need To Know From Hackthebox - Lame | OSCP Prep Series
มุมมอง 494ปีที่แล้ว
# About: 📒 In this video, I tried to explain Lame, an OSCP-like machine from hackthebox, it was an easy linux machine with no privilege escalation required just basic service enumeration and finding exploit, I gave a quick full walkthrough on how I solved it this time but from the next video will keep only step you can skip this part and directly jump to Things to learn from this box part to ge...
Best Tips To Avoid Failures in Bug Bounty !! - Learn with Tushar Verma
มุมมอง 2.7Kปีที่แล้ว
In this video, Tushar Verma ( e11i0t_4lders0n) and I cover the most common problem that a beginner faces when starting bug bounty, which learning path should be taken, what goes into bug triaging, and much more...!! 😉. Timestamp 0:00 Introduction 0:50 What is your day to day task in your company? 1:25 Why did you switch from offensive to defensive side? 4:05 How did you started in Bu...
Learn with @devl00p - Secret to #1 on OpenBugBounty and new features in Wapiti.!!
มุมมอง 1.4Kปีที่แล้ว
In this video, Nicolas Surribas ( devl00p) discusses his approach to bug hunting as well as the features of his Wapiti tool and how it differs from other tools. # Take a look at ScanFactory.io - ScanFactory.io: scanfactory.io/ - ScanFactory Telegram Bot t.me/ScanFactoryBot - Bug-Bounty-Recon-Dataset github.com/ARPSyndicate/bug-bounty-recon-dataset Timestamp 0:12 Sponsor's 1:54 Introd...
Learn with @j3ssiejjj - Automating Recon at scale using Osmedeus!!
มุมมอง 3.3K2 ปีที่แล้ว
In this video, Ai Ho (Jessie)[ j3ssiejjj ], the author of the Osmedues, demonstrates how to utilise the tool to its full potential, including developing modules, alternative configurations, and many other capabilities. # Sponser's Links - ScanFactory.io: scanfactory.io/ - Exploit Search Utility in.scanfactory.io/cvemon.html - Bug-Bounty-Recon-Dataset github.com/ARPSyndicate/bug-boun...
Stream: SSRF Methodology
มุมมอง 3K2 ปีที่แล้ว
I've included my SSRF process, both manual and automated, in this stream; if you see any problems, please correct me in the comments area. If you want to support me then you can buy me a coffee using the below link!! - www.buymeacoffee.com/kathanp19 Contact Me Here: Twitter - KathanP19
Stream: Creating Target Specific Wordlist!!
มุมมอง 1.4K2 ปีที่แล้ว
This is a recorded session on creating target specific wordlists that I did on Discord at a member's request. I may have missed a few things, and there may have been some errors as I attempted to share what I had learned. Discord Channel Link: discord.gg/cY2GUhanPs If you want to support me then you can buy me a coffee using the below link!! - www.buymeacoffee.com/kathanp19 Contact Me Here: Twi...
Learn With DhiyaneshDK: Hack with Automation & Supply Chain Attacks.
มุมมอง 1.4K2 ปีที่แล้ว
In this video, Dhiyaneshwaran ( DhiyaneshDK) discusses automation using nuclei, creating private templates, dependency confusion attacks, and other fascinating experiences he's had along the way. # Links - Dhiyaneshwaran Blog: dhiyaneshgeek.github.io/ # About Series: In the Learn with series, I will invite hackers from around the world to share their tips and methods. Timestamp 0:00 ...
Learn with @HackingSimplifiedAS : Getting Started with Android App Pentesting!!.
มุมมอง 1.3K2 ปีที่แล้ว
In this video, Aseem Shrey ( AseemShrey) teaches the fundamentals of getting started with Android app pentesting, as well as various strategies and tools utilised in the process. # Links - Aseem Shrey YT Channel: (Hacking Simplified) th-cam.com/channels/ARsgS1stRbRgh99E63Q3ng.html - Introduction to Android Hacking by @0xteknogeek: www.hackerone.com/blog/androidhackingmonth-intro-to-a...
Stream-1: XSS Methodology!!_Part-1.
มุมมอง 2.4K2 ปีที่แล้ว
In this stream, I've provided everything I've learnt so far regarding XSS; if you spot any errors, please correct me in the comments section. If you want to support me then you can buy me a coffee using the below link!! - www.buymeacoffee.com/kathanp19 Contact Me Here: Twitter - KathanP19
Learn with @logicbomb_1: Getting Started In Cybersecurity, NASA Bug And Many More !!
มุมมอง 8672 ปีที่แล้ว
In this video, Avinash Jain, alias logicbomb ( logicbomb_1), shares his expertise and suggestions for getting started in the cybersecurity arena, as well as how he was able to identify bugs at NASA and hundreds of Fortune 500 companies! # Links - Avinash Site: logicbomb.in/ - Medium: logicbomb.medium.com/ - NASA bug logicbomb.medium.com/bugbounty-nasa-internal-user-and-project-detail...
Learn with @HolyBugx: Demystifying Cookies and Tokens !!
มุมมอง 2.2K2 ปีที่แล้ว
In this video, Emad Roshan alias HolyBugx ( HolyBugx) discusses his study on cookies and tokens, as well as his recent HackerOne discovery where he was able to accomplish CSRF using XSS. # Links - Blogpost: securityflow.io/demystifying-cookies-and-tokens-security - Labs and Slides: github.com/HolyBugx/Demystifying-Cookies-and-Tokens-Security # About Series: Learn with series is where...
Learn with Rohit: Attacks and Defenses to Docker & Kubernetes!!.
มุมมอง 8202 ปีที่แล้ว
In this video, Rohit Sehgal alias sec_r0 ( sec_r0) demonstrates docker and Kubernetes threats and defences while also discussing the basic concept. # Links - All the Security Zines made by Rohit: securityzines.com/ - Slides from this video. securityzines.com/ppts/defendersGuideToKubernetes.html # About Series: Learn with series is where I will invite hackers from around the world to ...
Learn with @FroGy: External Attack Surface Management.
มุมมอง 1.2K2 ปีที่แล้ว
In this video, Chintan Gurjar aka FroGy ( iamthefrogy) has shown how large corporate companies do external surface management. # Links - FYI Github Repo: github.com/iamthefrogy/FYI # About Series: Learn with series is where I will invite hackers from around the world to share their tips and tricks. Timestamp 0:00 Introduction 0:28 What will we learn? 1:20 Who is FroGy? 2:56 Agenda. 3...
Learn with @DarkLotusKDB: Recon with Shodan & Spyse,XSS, Bypass OpenRedirects, SSRF, BugBunty Bot!!!
มุมมอง 4.3K2 ปีที่แล้ว
In this video, Kamal Bhati aka DarkLotus ( darklotuskdb) has shown his way of using shodan and spyse in the recon process also he has shown how to bypass open redirects, SSRF and how to make BugBounty Twitter Feed Bot!!. # Links Open Redirect POC on Google by DarkLotus used in this video. - th-cam.com/video/xPkbqTpaU0k/w-d-xo.html Medium Article. - darklotus.medium.com/ - Video Full ...
Learn with @R0X4R: Recon Automation & How To Approach For Help!!.
มุมมอง 3.4K2 ปีที่แล้ว
Learn with @R0X4R: Recon Automation & How To Approach For Help!!.
Learn with @trouble1_raunak: Cloud Pentesting - Azure (Illicit Consent Grant Attack ) !!
มุมมอง 1.4K2 ปีที่แล้ว
Learn with @trouble1_raunak: Cloud Pentesting - Azure (Illicit Consent Grant Attack ) !!
Learn with @Shre_yy : Managing Bug bounty and learning !!
มุมมอง 3.1K2 ปีที่แล้ว
Learn with @Shre_yy : Managing Bug bounty and learning !!
Learn with @rootsploit: Bug Bounty Recon!!
มุมมอง 4K3 ปีที่แล้ว
Learn with @rootsploit: Bug Bounty Recon!!
Learn with @ManasH4rsh : Using Burp Like A Pro!!!
มุมมอง 2.6K3 ปีที่แล้ว
Learn with @ManasH4rsh : Using Burp Like A Pro!!!
Learn With RogueSMG: Fuzzing Path For Finding Info Leaks and More !!
มุมมอง 2.2K3 ปีที่แล้ว
Learn With RogueSMG: Fuzzing Path For Finding Info Leaks and More !!
Learn with Remonsec: How to approach sensitive information disclosure.
มุมมอง 4.4K3 ปีที่แล้ว
Learn with Remonsec: How to approach sensitive information disclosure.
How To Hunt: Cross-Site Request Forgery (CSRF) - Bug Bounty
มุมมอง 3.2K3 ปีที่แล้ว
How To Hunt: Cross-Site Request Forgery (CSRF) - Bug Bounty
Recon : What, Why, When, How? - Bug Bounty
มุมมอง 1.2K3 ปีที่แล้ว
Recon : What, Why, When, How? - Bug Bounty
THIS NICE but why not using waymore and xnllinkfinder is great tools
No updates in years? Vaporware my guy.
Please make a full video about SSTI and SQL Injection in Login Page on Zseano's Lab🙏🙏🙏🙏🙏
bro in ASN enemuration part, which jason haddix vdeo u ewere talking about pleado do send its link😄
Bro plz don't stop making videoo
sir kindly invite more hcker for tips and tricks
🅿🆁🅾🅼🅾🆂🅼
If possible make part2 for this one pls good one actually...
no offense but understand what is shellshock and why that payload is getting executed. just dont copy paste payload in hurry to get shell.
Yup, good point will keep that in mind for next video, thanks for honest review 👍
Nice one! A small request/suggestion would be to guide us through along the way instead of the Music for the upcoming ones 😄
Got it !!👍
Hope you're going to do more of these walkthroughs!!! Preparing for oscp too :)
If I get good response I make more!! 🙂
@@KathanPatel Np! Understandable:)
When you go through the website in the first phase before doing recon, do keep burp running in the background?
The final advice is GOLD!!!! :))
:)
i know he is great but when i look to him i remember " taare zamin prr ".
:)
bhai pls dont use background music, baki loveeeeeee your videos <3
Whose training Tushar sir was talking about
aditya shinde
@@rootxgod1086 Thanks 👍
stay single
invite 0xprial
I will try if he agrees
Nice
23:08 this is what ı am feeling all the time,everyone giving recon lessons but its useless for beginners,what ı am gonna do with recon info if ı dont now testing variations,Verma got my reputation by underline this!
Mission accomplished !!
40:00 Controversy 😁
dhanyawad
🙏👍
like me😢😢
the man looking very sad
how to input the cookie using wapiti3...because sometime we can't crawling the site without the cookie...thanks bro
Thanks for tNice tutorials content. It was the first soft soft video I've seen that didn't assu I knew my way around all of the functions.
This background music is irritating
Sorry for that, will fix next time.😅
@@KathanPatel Please fix brother please,its really really bothering
👍👍
Thanks for sharing. Please make more videos like this especially for Idor, API enumeration and hacking.🙏🏽
Vary good bhai
Custom nuclei template kaise banate hai
:)
:)
:)
:)
i see you everywhere. can i get your twitter handle :)
:)
:)
Please make new videos bro wr are waiting
What does it mean wildcard domain bro
*.domain .com
:)
:)
:)
🤩🤩🤩
Next Gen 🔥🔥
Waiting For More Interviews
🤩
Please make beginner 2 advance level practical live website bug hunting, live website penetration testing, live website exploitation content video series... 🙏 😊 💯✌❤💚💙💜😍😘🤝
Thanks rootsploit for this amazing content. Kudos to Kathan for bringing this video. Learnt a lot. :)