It's interesting to watch a bug bounty hunter's thought process when performing initial sitemapping/recon and then exploring common injection points. Thanks for the video!
i recently discovered this channel and i would like to say that as a knew person to cybersecurity you motivate me and give me alot of knew information to keep going
how to choose the right subdomain after reconnaissance to start testing correctly? I often receive hundreds of subdomains and do visual reconnaissance, but often I don’t understand where to start. It would be very interesting to see a video on this topic, since many hunters miss this in their creativity on TH-cam
Hi R-s0n, If you could provide the timestamp in your TH-cam video, it would be great, bcoz if often come back again and search for a particular piece. If you can would be much appreciated.
No one wants the beginners videos theirs millions out their we need the most advanced of the advanced. Trust me youll bottleneck with all the beginner stuff. I rarely see any advanced stuff
Seems being a security professional means using built-in software to find vulnerabilities. I didn't thought that way, i used to thought security professionals were so good at coding. But seems most of them are totally garbage at that(i don't mean you), so i left pursuing it and went to software engineering. I would rather to develop burp suite itself, rather than doing bug hunting using it.
![[Part I] Bug Bounty Hunting for IDORs and Access Control Violations](http://i.ytimg.com/vi/BfbS8uRjeAg/mqdefault.jpg)
It's interesting to watch a bug bounty hunter's thought process when performing initial sitemapping/recon and then exploring common injection points. Thanks for the video!
Awesome video! It's incredibly beneficial for beginners like us. Thanks a lot!
Yup… seeing someone taking notes before doing the “hacking” stuff I know they are knowledgeable and good things are going to happen. Subscribed!
Please don't stop doing this stuff! They're gold!
i recently discovered this channel and i would like to say that as a knew person to cybersecurity you motivate me and give me alot of knew information to keep going
how to choose the right subdomain after reconnaissance to start testing correctly?
I often receive hundreds of subdomains and do visual reconnaissance, but often I don’t understand where to start.
It would be very interesting to see a video on this topic, since many hunters miss this in their creativity on TH-cam
I love you sir you are making our minds to open on a level of urs ❤❤❤
You are gem for me..I learned a lot of burp suite using techniques from you.Thank you❤
Thank you for keeping your words :)
Underrated stream
Love this stream 😊
24:35 - 3 approaches
30:24 - insertion points
💙💙💙
Thanks for the content!
great source
Thanks
Hi R-s0n, If you could provide the timestamp in your TH-cam video, it would be great, bcoz if often come back again and search for a particular piece.
If you can would be much appreciated.
Make a video for a beginners like in which bug do we must focus on and your methodologies and show us the first bug you search for in a web app pls
Superb Cool
I see xss-protection:1
And amazon cloudfront
How do you deal with thes ? Spesialy the second one because will block every single payload injectiin
Do you pay for proton vpn premium? I wonder if I need that instead
Ty
Please create TH-cam video content for learning from beginners to advanced levels.
Roadmap 2024 Bug Bounty Hunting and plataform earn money thanks
No one wants the beginners videos theirs millions out their we need the most advanced of the advanced. Trust me youll bottleneck with all the beginner stuff. I rarely see any advanced stuff
@@HAzorTeamwhat do you mean?
love u man
what are your laptop specs?
Any ideas on how to escalate CSS injection on a site where script tags and all event handlers are blocked by WAF?
why the hell you don't use chrome that will help in language translation on that page itself
Sorry how can I join your discord server 😞
Seems being a security professional means using built-in software to find vulnerabilities. I didn't thought that way, i used to thought security professionals were so good at coding. But seems most of them are totally garbage at that(i don't mean you), so i left pursuing it and went to software engineering.
I would rather to develop burp suite itself, rather than doing bug hunting using it.
thanks sir
Bro come backkkkkkkkkkkkkkkkk
2nd,runner up
2nd
1st
Thank you , I love you