Thank you, I'm just starting out and my ever-lasting wonder is whether I should focus on a vulnerability type and master it or pick a target and try as many vulnerabilities as I can. As I gathered these are the two types of methodologies combating each other when discussing how to start out. Both have advantages I think. Picking a vuln type has the advantage that you don't get confused with too much information whereas picking a target takes the load off having to browse in targets all the time or do more recon. But since i've just finished creating my first and own recon script (which, for the most part, is the automation of your recon video with tomnomnom by the way, haha), I think I'm good to go exactly the way you're recommending and it's very reassuring that someone like you - I've been following your videos for long - supports a certain type of starting point that you think is the best. :) I would be eager to see more content like this, thanks for your contribution to the rookie community!!
When you said tooling up, automation, etc makes you lazy..on point. This is about learning what those tools and automation are doing in the beginning and applying it to one attack. Not defending against constant attacks where you need those tools/automation to hope to keep up. Thanks for the content to get me motivated this morning.
I remember following you when I was QA Engineer in 2014 alongside Jason Haddix and many others. I will have to agree that Bug Bounty has evolved into so much more since then
this my roadmap as background to start bug bounty , is it good boss #NahamSec - HTML & (Basics) & JavaScript (Focus) - NodeJs (Focus) - Web Basics(HTTP & Protocols ....) + Network+ From yt - Practice Portswiger & free labs & study docker - Owsap Top 10 - Kali linux basics
On the other hand you have a lot more experience in actually learning stuff "on the job". College is great and all, but real life experience is more valuable, coming from a fellow early 30s guy ;-)
Hello, I entered the bug bounty at the beginner level. My goal is p1, p2 is not a high amount of explanations, p4 is a joyful event for me, even if I win small vulnerabilities. bug bounty p4. What do you recommend to be successful?
Thanks bro I spent three years hacking, but I only found one acceptable bug, 20 duplicate, and 5 informatives. I'm really bored and desperate. I need advice from you. What should I do?
Sir I am learning more about bug bounties but I have a problem with some money and also financial problems. But I also have the same dreams as you. But I am stuck 😢 Love your video and also I started from your video 😢
I love this bro! I'm currently working on the eJPT but after that I want to get into web hacking and bug bounty. It's something I haven't really touched and know I need some dedicated study and time to do. I got Vickie Li's book and want to work through Web Security Academy and then try out some VDP's on the platforms. Would you recommend choosing one program and trying to go really deep on that? Thanks for all the great content dude! Peace.
Thank you for the amazing video ! I've always had an issue with the mentorship part..I can't seem to figure out how to collaborate and I wish I could change that
Awesome video! This kind of content is really helpful. I never knew working through hacker 101 content would result in an invite. Keep up the good work!
im actually just starting to get my degree in computer science in cyber security so if i can get a head start an learn anything an everything can only benifit me.
can i message you personally? fresh grad and i want to turn this into a full-time job or learn bug bounty hunting and find a job in cyber security as a penetration tester. I have a lot of questions...thanks
Yes, most programs tell what not to do in their policy you can also look for safe harbor programs which will not take any legal action if you did something wrong accidentally
@@mahmoudadel197 hey, thanks, Mahmoud! I appreciate that. I started reading at&t. That one threw me off. All those others make perfect sense. Ty for term " safe harbor".
Does that mean no nmap?? Tools to me means nmap, nikto, ffuf, amass, subfinder and the like. Automation i thought would be like nuclei, burp, msfconsole....
Want to learn directly from me? Check out my course here: app.hackinghub.io/hubs/nahamsec-bug-bounty-course
This year fu*ed me up already. At least cybersec learning going well thx to all content creators like you
You got this!
I agree
Great video, the only mishap is the volume is very low for some reason. Thanks for the content!
Thank you, I'm just starting out and my ever-lasting wonder is whether I should focus on a vulnerability type and master it or pick a target and try as many vulnerabilities as I can. As I gathered these are the two types of methodologies combating each other when discussing how to start out.
Both have advantages I think. Picking a vuln type has the advantage that you don't get confused with too much information whereas picking a target takes the load off having to browse in targets all the time or do more recon.
But since i've just finished creating my first and own recon script (which, for the most part, is the automation of your recon video with tomnomnom by the way, haha), I think I'm good to go exactly the way you're recommending and it's very reassuring that someone like you - I've been following your videos for long - supports a certain type of starting point that you think is the best. :)
I would be eager to see more content like this, thanks for your contribution to the rookie community!!
When you said tooling up, automation, etc makes you lazy..on point. This is about learning what those tools and automation are doing in the beginning and applying it to one attack. Not defending against constant attacks where you need those tools/automation to hope to keep up. Thanks for the content to get me motivated this morning.
I remember following you when I was QA Engineer in 2014 alongside Jason Haddix and many others. I will have to agree that Bug Bounty has evolved into so much more since then
Thank you Ben. I was registered bugcrowd today for starting bug bounty about 12-14 hours ago and this video show up, again thank you man appreciate
@@ptrcan4302 sağolasın, değer ama sevmen lazım sevmiyorsan çekilecek meslek değil
How is it going?
This guy have helped me a lot in paying my engineering college fees
Respect to you bruh
How?
Really did u earn some cash bro ?
😂😂 did you pay or just change the data?
you the man thanks for all the advice always great learning from the greats been following your work for awhile.
this my roadmap as background to start bug bounty , is it good boss #NahamSec
- HTML & (Basics) & JavaScript (Focus)
- NodeJs (Focus)
- Web Basics(HTTP & Protocols ....) + Network+ From yt
- Practice Portswiger & free labs & study docker
- Owsap Top 10
- Kali linux basics
A perfect glimpse on Bug Bounty ! Keep uploading more stuff 👍🏻
Great content from great hacker like you always help everyone
Thank you for this. I'm a bit late to the party lol. Early 30s is a big gap compared to fresh out of college people.
On the other hand you have a lot more experience in actually learning stuff "on the job". College is great and all, but real life experience is more valuable, coming from a fellow early 30s guy ;-)
End 30 guy here and only doing this for a few month so no problem ✌️
Early 30s, just getting started. You ain't alone
38 here plus at our age now we are more mature an serious about getting stuff done past all the partying an more goal driven
All the love to you guys❤❤❤ I'm 24 I'm just starting out too much love all the best.
Hello, I entered the bug bounty at the beginner level. My goal is p1, p2 is not a high amount of explanations, p4 is a joyful event for me, even if I win small vulnerabilities. bug bounty p4. What do you recommend to be successful?
Thanks bro
I spent three years hacking, but I only found one acceptable bug, 20 duplicate, and 5 informatives. I'm really bored and desperate. I need advice from you. What should I do?
If anyone is looking for someonw to learn with then am here. Zero bounty yet, but am constantly learning.
Bro i am also can we both do it together
@@gamingrampage2898 Where can i contact you? share your contact just any
@@stanleyruheza his id is akshdeep211
@@stanleyruheza his id is akshdeep211
Hey Stanley, I’m looking for someone to learn with if you’re still open
Great advice! Thanks Ben! I also have some light OCD so I had to comment since this is the 100th comment here :D
Appreciate the efforts and knowledge shared!!!
after 1 year i will return to this vidéo and remember my start thnx alot ❣❤🔥
how about currently?
Sir I am learning more about bug bounties but I have a problem with some money and also financial problems. But I also have the same dreams as you. But I am stuck 😢
Love your video and also I started from your video 😢
Me too bro😢😢
Thank you for the advises. By saying no tools, does it include burpsuite as well?
To learn bug bounty & ethical hacking, should programming, networking & Operating systems be the first things you learn?
I'm just now getting into bug hunting.. is there a list of "what not to do"?
How do I decide if my precious invite to a private bb program is worth the program? and what programs should I better skip?
I love this bro! I'm currently working on the eJPT but after that I want to get into web hacking and bug bounty. It's something I haven't really touched and know I need some dedicated study and time to do. I got Vickie Li's book and want to work through Web Security Academy and then try out some VDP's on the platforms. Would you recommend choosing one program and trying to go really deep on that?
Thanks for all the great content dude! Peace.
Nice video,
Thanks for sharing🙂
Thanks for watching!
Thank you for the amazing video !
I've always had an issue with the mentorship part..I can't seem to figure out how to collaborate and I wish I could change that
No comments on my Facebook
This channel is awesome man :-)
#Nahomies
🔥 content man. Thank you for sharing.
juicy stuff as always... thank you sir!!!
Very nice video
Thanks for sharing 🙏❤️
Thx for sharing Ben !!!
Awesome video! This kind of content is really helpful. I never knew working through hacker 101 content would result in an invite. Keep up the good work!
Great video with great advice! What do you think about HTB Bug Bounty Course? Is it worth doing?
im actually just starting to get my degree in computer science in cyber security so if i can get a head start an learn anything an everything can only benifit me.
🙏 Dhanyawaad
Awesome video...thank you Nahamsec...this has inspired me!
Incredible video, Thanks a lot.
great one Naham!
Always best✨
What do you think about CBBH from Hack the box?
Great video boss 👍
I would rather report hacks as long as you use them
can i message you personally? fresh grad and i want to turn this into a full-time job or learn bug bounty hunting and find a job in cyber security as a penetration tester. I have a lot of questions...thanks
Please make a playlist for starter
Great man🔥🔥
10:18 words🙌🏻
where can i buy your course from nahm?
Thank You for the content ben!!
I already started it 3 years ago by my master but now I'm not doing hunting no pccc 😭😭 i got the knowledge but no pc 😭
came here from your live
Is there a list of "what not to do"?
Some of the terms seem like they'll charge you criminally (AT&T) if you don't follow the t&c perfectly..
Yes, most programs tell what not to do in their policy you can also look for safe harbor programs which will not take any legal action if you did something wrong accidentally
@@mahmoudadel197 hey, thanks, Mahmoud! I appreciate that. I started reading at&t. That one threw me off. All those others make perfect sense. Ty for term " safe harbor".
Great Content
You are the best!!
hey man your video is really cool a little tip is get a better mic plz.
do m1 max good for bug bounty, please nahamsec reply
"I'll link their channel in the description"
usually means they will not.
Thanks for making this video
Volume super low
Awesome. Thanks!!!
You need to do a guided training step by step on how to do stuff
I don't think it works like that my friend
@lmfao69420 yeah im now realizing you cant directly show exploits and sensitive information but he cant he use metasploitable
great video
Great video
Glad you enjoyed it
I love u man, you are osm!!
Thanks GOAT
Does that mean no nmap?? Tools to me means nmap, nikto, ffuf, amass, subfinder and the like. Automation i thought would be like nuclei, burp, msfconsole....
tnx men
I just found my first vuln sql injection triaged as High 8.2
Amazing!!
thanks man
You promised to update your course on Udemy
Still keeping my promise. Soon :)
nice video
What about the basics
Audio is messed u0
Hello from MDISEC
Great
Voice volume seems a little low
Had a small issue with audio with this one, but the video was too good to not publish it.
🔥🔥
❤
Awesome...
Thanks! 🙏
👍
❤❤❤❤❤❤
🙏🙏
😍
💝
Okay
your audio sucked bad on this but great video, thanks
I thought for a sec it was my earphones
audio sucked on this one. I wanted to buy your udemy course but the video was crappy.
Your voice In your videos are very low man
#dontpwnic
Third
First
Make a videos in a little more interesting way
He is so cute I can't focus 🙄
I watch similar video by @stok in 2021 when I started my bug bounties journey.
Don't use music
Great video
#Nahomies