Finding Your First Bug: Goal Setting and Motivation
ฝัง
- เผยแพร่เมื่อ 3 ส.ค. 2024
- Hi everyone, welcome to this video in the "Finding Your First Bug" in this series I'm going to go over some good first bugs: explain what they are, how to find them, show some examples of real bugs in the wild that paid out and finally do a practical example with Burp on a real target.
This video used to be a clickbait on RCEs, but I decided to re-upload it as a full-blown video that tells the truth. This episode is all about goal setting motivation and becoming a better hacker, we cover SMART goals, GROW development plans, metacognition, self-reflection, and the skills which make someone a great hacker. I hope you weren't too upset before and you enjoy this video. I might do a bug spotlight on RCEs as a gift.
![เกิดใหม่ทั้งทีก็เป็นสไลม์ไปซะแล้ว ซีซั่น 3 - ตอนที่ 65 [ซับไทย]](http://i.ytimg.com/vi/4EsinscQCfs/mqdefault.jpg)
![[ไฮไลต์] แบดมินตันชาย SHI Yu Qi (จีน) vs วิว กุลวุฒิ (ไทย) รอบ 8 คน | โอลิมปิก 2024](http://i.ytimg.com/vi/f7z7taforOM/mqdefault.jpg)
Hi everyone! This is actually a reupload for the RCE video, if you've seen that one you've seen this one. I thought I'd share it in case anyone wants to share it without the bait. No promotion here next video on Saturday on XSS :)
Really Amazing,
I don't have a word to thank you
I would like to use an Arabic word that we use to give a big thank to someone.
Jazāk Allāhu Khayran (May Allah [God] reward you with goodness.)
yes ,don't put pressure on yourself ,just be creative and important thing is don't compare yourself with other we just see their bounty but there are more than we see. PPP=Practice , Patience,Passion , yes i get my frist bounty after 6 month of my journy
Your pedagogical skills are nuts!!! this is my third video in a row. congratulations for such great content. :)
Wow, thank you! I'm very fortunate to have been given teaching experience+ taking teaching qualifications with my work :) thank you so much for the kind comments!
Awesome video! Thanks for going more deeper into setting goals.
really good content InsiderPhD. I killed that thumbs up on your video. Keep up the high quality work.
Thank you. I cannot thank you enough for this video. Probably going to watch this a few times.
This is fantastic, great life advice plus bug bounties!!! Thank you this is amazing
loving all your videos, keep up the awesome work
Excellent content, thank you very much for this great information, keep the good job!!!
Goals help us become better, stronger versions of ourselves.
This is really amazing video is very basic and simple. thank you so much 😀
Thanks a lot for these words!
Thank you! for putting up such great content!
Amazing video, thanks for the effort!
Great content, thank you.
Wonderful, you're amazing! Muchas Gracias
Estou apanhando, mas chego lá!!!! ;)
Was awesome! Thanks
Thank you
I wish you the best for your goals this year, Katie. For me, you're the best!
Katie you are the best 🌟
I hella like your content.
My current goal is to find a HTTP Smuggling bug that has impact!
Gonna Binge watch the whole series.. Just loved your content and the way u speak and teach by making things easily understandable without removing or degrading the importance of concepts or techincal details..!! Also yesterday's live demo on womenhackerz conference on the Api topic was lit and highlly understandable. Thanks for this. God bless you.
P.S. : you are my virtual mentor.
Thank you! I'm sorry the demo was a little cursed, but I'm glad you still found it useful! I'm happy to be your virtual mentor, feel free to ask any questions you have
@@InsiderPhD yes, i will. Thankyou. BTW i recently sent you a connection request on LinkedIn it would be great if you could accept it :)
nice motivation
Hi, i realized that you have started putting ad on your video. But, why just one? Your contents are very helpful and inspiring, watching the ads is the least what we can do to support you.
I actually don’t monetise any of my videos and have no intention to in the future. For one adverts are annoying considering the lack of economic benefits ($7 a month but everyone has unskippable ads, gross), for second I’m just not interested in turning this into a job. I’d maybe consider something like patreon but right now I don’t want or need the extra cash.
InsiderPhD Oh, this one ad maybe from TH-cam itself. I really respect your opinion, and would like to thank you for these videos on your channel. You’ve inspired me to keep fighting and not give up on this journey. I don’t know how to express this, but keep on doing what you believe in!!
insiderPhd, can you tell about bug hunting, approximately how much hours do you spend to finding bugs per day? and how many domains do you research in day approximately? Thank you for your works!
That's kinda elixir for a noobie...Thanks a lot.
Mam recon skill
what is the full for rces ?
:)
Quite frankly, I am not liking the infosec scene right now. It's sort of depressing and it's hard to stay motivated. Firstly, lot of companies, don't pay anything to bug bounty hunters for small bugs. They just call them informational and close them, which is sad, cos it's still a valid security flaw and if they knew about it, then they should have patched it themselves. Also there are duplicate entries. Those bounty hunters who started earlier, have enough money to buy tools to automate stuff and take away a lot of the bounties.
If you are not taking the bug bounty path, getting a job as a fresher is incredibly difficult. No matter how much one trains, he still lacks skills in some areas and get rejected based on those skills.
That's just my life. I pray no other pentester has to go through this. May everyone find refuge in infosec. Good luck and happy New year to all.
I think the important part as a newbie is making sure your bugs are demonstrating impact - that's why bugs get closed as NA/Informative. There's a lot of big bounty hunters, yes but I think it's not very fair to assume no one can make it anymore, there's plenty of hackers who have just started this year who are quickly becoming big names like SpaceRacoon. There's not a set limit of bounties that will ever be awarded it's just that newer bounty hunters may have to compete more- just like the more experienced ones! Learning new skills like mobile hacking is very important. As for the job hunt I can't say since my day jobs have all been around data science/machine learning but I think the market is hard for everyone.
That's how I'm feeling right now. ☹️
@hackR you could do everything by yourself, you don't need make money.
@@Fengquan that's what i said... learn how to answer the good person before learning/hunting bugs...
Do u have a course on udemy?
What is an IDOR
You can check out my video on IDORs to learn more!
What is RCE?
I am a noob please let me ( # beginner )
RCE stands for remote code execution, it's a super dangerous vulnerability which means you can run code on another server, so you could delete all their files, or download them all to sell to a competitor or download the database, it's one of the most valuable bugs and one of the most coveted!
@@InsiderPhD thanks
whats your short term goal? ... learn what an RCE is at this point.
Good content, but voice quality is very poor. Plz change your mic.
Thank you! for putting up such great content!