I've been searching for videos about how to find CVEs, what is the process used, how researchers really hunt for CVES and I can tell you this video is by far the best. Thanks for sharing your knowledge.
This video was amazing! As a new pentester myself, I figured getting a CVE assigned to me would come later in my career, but you're encouragement and straightforward guide comforts me in this adventure. Congratualtions! and thank you for the video. Keep up the great work! :)
Followed your guide to a T. Re-calibrated by starting the HTB Bug Bounty path to set the scene. In 5 days of restarting learning I got 3 XSS vulns in a moderately popular project. I'm back here to watch the submission instructions :) Can't thank you enough.
Hi Tyler, I just want to let you know, today my first CVE got published and without your video, i would have never thought of actually publishing the vulnerability i found. Thank you for this video! :)
@@dublinnnn My CVE was a SIEM-Software we used in my company and I found it during training for that software 😅 it literally jumped into my face. I am sorry that this won't help you. But in the end: software that you want to understand makes it easier, and like tyler said: finding stuff on software that already published CVE's before makes it easier to publish.
Finally getting far enough in THM and am excited to find my first CVE. Putting a CVE on a resume sounds like a great way to get noticed in the security industry.
Wow Tyler! U did an amazing job of breaking down the process of finding CVEs to a novice in a simple manner! Thank u so much for sharing your knowledge with us for free 😊 Really hope u continue to make more videos as they are really hallmarks of excellence! All the videos i watched contained really practical & easy to digest information ❤
I have the same view you used to have - finding CVE's is for the big brain folks. I used to think the same about pentesting/hacking in general however, and I think this video sorta brought CVE's down a peg in my mind - just like THM did in regards to pentesting/hacking. Thanks for this video :) 💜
Cool, as Tyler, I thought this was an unattainable level of vulnerability research so far. You need to take several courses on web pentesting, and then do it. I see that Tyler took a chance and didn't regret it. I am also on my way to HTB-Academy, a useful source of practical information. Thanks for the video!
Whoa Tyler well played! I never thought of that before. I indeed also thought you needed some elite knowledge to discover a CVE or pure luck. I discovered a Zero day in the firewall in my youth prison but it was just so i could play some call of duty XD But this looks amazing i'll take a look at it :D
Congratulations, Tyler! I'm just starting in the field, but to keep me motivated I wanted to set a goal to find one in the next two years. The timing with this vid is perfect.
Thanks for sharing this. Its very inspiring for someone who is aspiring to break into the cybersecurity field. More power to your channel bro. Happy holidays
Hello. I have two questions. How do you proceed if the team you notified never gets back to you? How soon do you expect them to respond? Thank for great video.
Hey, great video. It will definitely help me. But I have one question. What happens if, let’s say, I found the vulnerability, but someone did the exact same steps before me and submitted it first. Vendor should inform me, that someone already told them about it and they are currently working on patching this vulnerability, am I right?
03:58 What kind of HTML syntax is that? Have just tried, slashes are indeed treated as spaces, but what are the rules here? Is it just slashes or can we use other characters instead of spaces? Are there any documentation references for this thing?
Bro could you tell me that is it necessary that we should start our cybersecurity career from pentesting or we can directly start from big bounty? I’ve seen the free 14 hours TCM security Pentesting videos so I got the idea of it and have tried some websites for practice but it was too random! So I thought stepping into big bounty would be a better option to learn practically of what I’ve learned. Is this approach good and what are the ways I can learn bug bounty from scratch for free.. do let know. Thank you!
i like the video and i'd have subscribed had you not been receiving so many obviously fake interactions. not sure if you deliberately purchased bots / alted for those comments but i'm not giving you any more favor in the algorithm.
![How To Become An Ethical Hacker in 2024 - [Detailed Guide]](http://i.ytimg.com/vi/IWx88uvfKbA/mqdefault.jpg)
I've been searching for videos about how to find CVEs, what is the process used, how researchers really hunt for CVES and I can tell you this video is by far the best. Thanks for sharing your knowledge.
This video was amazing! As a new pentester myself, I figured getting a CVE assigned to me would come later in my career, but you're encouragement and straightforward guide comforts me in this adventure. Congratualtions! and thank you for the video. Keep up the great work! :)
When you say new do you have a job pen testing or via bug bounties ?
Followed your guide to a T. Re-calibrated by starting the HTB Bug Bounty path to set the scene. In 5 days of restarting learning I got 3 XSS vulns in a moderately popular project. I'm back here to watch the submission instructions :) Can't thank you enough.
Whoa! That is awesome! Congrats!
The only real man to clearly describe what a CVE is, It's been so long finding something for it!
Hi Tyler, I just want to let you know, today my first CVE got published and without your video, i would have never thought of actually publishing the vulnerability i found. Thank you for this video! :)
Hii I really wonder how do you find targets ti hunt on??
@@dublinnnn My CVE was a SIEM-Software we used in my company and I found it during training for that software 😅 it literally jumped into my face. I am sorry that this won't help you. But in the end: software that you want to understand makes it easier, and like tyler said: finding stuff on software that already published CVE's before makes it easier to publish.
Finally getting far enough in THM and am excited to find my first CVE. Putting a CVE on a resume sounds like a great way to get noticed in the security industry.
Wow Tyler! U did an amazing job of breaking down the process of finding CVEs to a novice in a simple manner! Thank u so much for sharing your knowledge with us for free 😊 Really hope u continue to make more videos as they are really hallmarks of excellence! All the videos i watched contained really practical & easy to digest information ❤
I have the same view you used to have - finding CVE's is for the big brain folks.
I used to think the same about pentesting/hacking in general however, and I think this video sorta brought CVE's down a peg in my mind - just like THM did in regards to pentesting/hacking.
Thanks for this video :) 💜
Thanks for the process walkthrough, and I wish you a lot more CVEs in 2024!
As you know I'm working on oscp. I am not nieve enough to believe that's enough. So this is the next task. Love you Tyler! Keep being dope!
Super cool video I am glad I am here for the ride. Great steps to helping me and everyone who sees this to land that first cybersecurity job!
This is insanely generous of you to share. Thank you, Sir!
Here after the stream last night. Thank you for pointing me this way will have to look into this as well!
Exactly what I'm looking for. My ToDo list with a CVE of my own found will have another check. Thx for that m8
Update on the Bucketlist. I registered one CVE and now im curious about the next steps 🙂
Congratulations! You really opened my eyes and I have been excited to hear more about your process since hearing about this! It’s been very helpful.
Cool, as Tyler, I thought this was an unattainable level of vulnerability research so far. You need to take several courses on web pentesting, and then do it. I see that Tyler took a chance and didn't regret it. I am also on my way to HTB-Academy, a useful source of practical information. Thanks for the video!
Great video with ethically amazing approach, Tyler
Much love man, Merry Christmas!
You deserve it with your work and everything
Coming back and yeah who got his first cve? hm? Thx Tayler for your help to show how to do it.
Boom! Congrats!!
Whoa Tyler well played!
I never thought of that before.
I indeed also thought you needed some elite knowledge to discover a CVE or pure luck.
I discovered a Zero day in the firewall in my youth prison but it was just so i could play some call of duty XD
But this looks amazing i'll take a look at it :D
Congratulations, Tyler! I'm just starting in the field, but to keep me motivated I wanted to set a goal to find one in the next two years. The timing with this vid is perfect.
I like the Academy at HTB also it has served me well I think i got 47 of those badges so far... good stuff
Congrats dude
Good job
Nice job, I mainly wanna do swe since after doing cs/math uni learned it’s fun to build stuff as well
You are absolutely amazing bro!
Thanks for sharing this. Its very inspiring for someone who is aspiring to break into the cybersecurity field. More power to your channel bro. Happy holidays
Hello. I have two questions. How do you proceed if the team you notified never gets back to you? How soon do you expect them to respond? Thank for great video.
this is a great idea, thanks Tyler
Great resourceful man appreciated , by the way is the wall behind you wallpapered or real brick is shown, just asking
Hey, great video. It will definitely help me. But I have one question. What happens if, let’s say, I found the vulnerability, but someone did the exact same steps before me and submitted it first. Vendor should inform me, that someone already told them about it and they are currently working on patching this vulnerability, am I right?
thanks for the amazing video and information 😊
Great Video ! Good job
How did you find the target, and do you get money for this?
Love the video, do you think it'd be applicable to apis too as I've been learning to hack those?
03:58 What kind of HTML syntax is that? Have just tried, slashes are indeed treated as spaces, but what are the rules here? Is it just slashes or can we use other characters instead of spaces? Are there any documentation references for this thing?
Bro could you tell me that is it necessary that we should start our cybersecurity career from pentesting or we can directly start from big bounty? I’ve seen the free 14 hours TCM security Pentesting videos so I got the idea of it and have tried some websites for practice but it was too random! So I thought stepping into big bounty would be a better option to learn practically of what I’ve learned. Is this approach good and what are the ways I can learn bug bounty from scratch for free.. do let know. Thank you!
hey, if the company is not very cooperative is it possible that I could get into legal problems?
Do I need some web-dev skills inorder to do web-app pentesting??
Interested
How much time did you spend before finding your first bug?
Good job bro
thank you for giving me the trust :-)
It must be a good idea if videos are timestamped.
will they pay us?
Thanks brother
Good job
Btw, I'm not sure you ever actually say what a CVE is. :)
If someone doesn't know, they still don't. Common Vulnerabilities and Exposures.
I'm just a script kiddie with a Net+, Sec+ and CySA+
i like the video and i'd have subscribed had you not been receiving so many obviously fake interactions. not sure if you deliberately purchased bots / alted for those comments but i'm not giving you any more favor in the algorithm.
Hey -- I haven't purchase anything like that lol..
منم مثل این هودی دارم😮
never heard of cve's
What a showoff.. 😆