ไม่สามารถเล่นวิดีโอนี้
ขออภัยในความไม่สะดวก
I MADE $100,000 IN TWO MONTHS!
ฝัง
- เผยแพร่เมื่อ 3 ส.ค. 2024
- 📚 Purchase my Bug Bounty Course here 👉🏼 bugbounty.nahamsec.training
💵 Support the Channel:
You can support the channel by becoming a member and get access exclusive content, behind the scenes, live hacking session and more!
☕️ Buy Me Coffee:
www.buymeacoffee.com/nahamsec
JOIN DISCORD:
discordapp.com/invite/ucCz7uh
🆓 🆓 🆓 $200 DigitalOcean Credit:
m.do.co/c/3236319b9d0b
💬 Social Media
- / nahamsec
- / nahamsec
- twitch.com/nahamsec
- / nahamsec1
00:00 - Introduction
01:35 - Luck
2:14 - Stats
3:09 - Program Selection
4:03 - Approach
7:00 - Attention to Details
8:00 - Burnout
9:04 - Outro
#bugbounty #ethicalhacking #infosec #cybersecurity #redteam #webapp
you got to be in it to win it. Well done bro so happy for you!✌
I love seeing the reality behind the large figures. The effort to get it, the burnout afterwards. Thank you for keeping it real and giving us more realistic expectations of what it takes to reach those goals. Love your work Ben!
yup me too
yup me too
Great video, Ben! It's always interesting to get an idea of what you guys really make with bug bounty, the tactics involved and the effort that was needed to get there. So thanks so much for share that side of your work. 👍
Thanks for watching!
No script for the video, just real knowledge and real precious words coming out of your mouth 😂😂💖💖
Lit that fire to start bug bounties!
I consider my self as a newbie and I find this very inspiring. I've got a lot of positive energy from it. Thanks for sharing. Cheers buddy 🌱
you da best man thanks for this one!
Thanks for watching!
Thanks for the motivation :)
Keep it up man i love watching the videos learning to get a job in cyber security some day.
You da man bro, thank you for the info I'm a paraplegic teaching myself BB so i can make some extra money from home but i often think I'm starting to late considering it will be a while before I'm good enough to find bugs in the wild
It is actually not late at all! Just make sure to put reachable goals and not burn out. Some of these pro hackers were already in the industry in early 2010s. They did a lot of researching and testing. If you will start now, you can definitely reach your potential in the next couple of years, or even less!! Good luck
@@waterlord6969 Thank you
I love your contents man, Thank you from Iran :))
1 - I couldn't find any bugs for 4-5 months, but after watching your "QUIT RECON" video, I also quit recon and was able to find some bugs. Thank you!
REQUEST
2 - Many of us can't watch "Live recon with orwa" stream, so please make it free since it's the most in-demand stream ever. Thank you!
Nice work! It is available for members for now but it'll be published later.
@@NahamSec Ok , Thanks
Congrats and thank you for all the great advice!
Thanks for watching!
That's Great Video !
Great tips! Thanks for this
🔥🔥🔥 NIce video bro. Your content has been so helpful in my cybersecurity journey as a beginner.
❤️
kudos ben for creating helpful contents.. keep going brother cheers
Thanks for watching!
Thank you Nahamsec 💯 for this video! Burnout are a thing for me, so I will do something about them. Cheers
best of luck!!
Thanks a lot. I have seen lots of video of you and other hackers. It will be amazing if in some videos you show the step by step of a bug bounty program.
Thanks for watching! I'll think of something to show that soon!
@@NahamSec thanks a lot. I am sure many people are looking for that. a video which shows picking a program, try to find a bug and submitting the report will be priceless on youtube.
lots of thanks in advance
Hey love all your videos I’m 16 and all of your videos are really pushing me to become a ethical web hacker!
I agree with your thoughts saying ++ years old program still have vulns. Last month, I found my first vuln ever from a 7 years old program :)
master at work 💯💯😍😍
Fresh video! :3
Thanks for watching!
Thanks for the information ❤
Did you course on Udemy, got really motivated and ready to dive in. But life got in the way and I have to shift my focus, being a husband and dad takes my most of my time and drains me by end of day. Also, want to grow professional in the cyber security field, which in most part requires certifications to get ahead. That takes up my time as well. As you said, you had to sacrifice something. Hoping that after I obtain the security certs that I want to get, I can jump in again into Bug Bounty and help support my family.
Yeah, you have to be willing to give up something. It's not easy, but it's definitely doable
I'm in this same boat. Have a newborn, trying to complete my degree (HR check box), and then start self learning and doing Bug bounties for some extra income.
Would you say doing a penitesting is good entry to hacking ? Newbie and really considering changing careers
It something down the motivation that I spended enough days and didn't find even small hint
What to do
Are you doing also bug bounty in web3?
Your Udemy course, do you show all your methods of approaching a site?
کاش میتونستی یه ویدیوجامع در مورد ریکان به زبان پارسی هم منتشر کنی:)
Well, A new Million $ hacker on his way!🙌🏻
Maybe some day :)
LOL he is already
Next person I'm 😅😮
how to keep update ourself
please make video about it
It’s really amazing brother 🎉
Is i am doing good if my aim is penetration testing but need of money i am also giving time to bug bounty
do you need a permission before starting to find a vulnerabilty?
Thanks, NahamSec, this vedio means a lot to me, motivated for more hacking now 🔥
You really motivate me sir❤! Love from India!
Totally agree with this video Ben. I was the same this year too on a public program on HackerOne. No automation used and found 40 bugs.
Hey, have you an advanced courses for bug bounty if we finish your intro to bug bounty course on udemy ?
Not yet. But it’s coming!
Loved it and sparked in my deap heart now it will be the volcano
Why is your reaction on thumbnail feels like " you're asking yourself why did you earn 100k 😂"
It was kind of hard to believe it at first!
@nahamsec congrats brotha. Seems like collaborations is the key, for higher payouts and higher impact bugs, that’s something I def need to do as I haven’t in almost a year.
So if anyone interested let’s get on the road to 100k!!!
Lesson from this Video:
Have a secondary bug bounty platform.
Put effort 60/40 of your hacking time or follow your own preference.
love it
Damm, nice one and motivational too, i'm going back to BB 😁
burp puts food on the table ;)
salute brother....
did you say at the start taxation is coming to an end in the US?
The tax season is coming to an end.. as in just for the year!
@@NahamSec got it! i was surprised thinking that the american gvt wont collect taxes again
All these vulnerabilities did you find it in this year? Many of the programs triage time is huge.
Hello sir yesterday hacking session with orwa when upload in youtube?
Give us free bug bounty course 😢
People only see success but not their hardwork😢❤
Is portswiger trainning enough for all of this?
It's a good start but eventually you need to stop doing labs and dive right into it.
Thanks Naham
Please can you post the interview with godgatherorwa
Oh no how it possible bro
Confusion confusion confusion
When i go for bug bounty i get confused what to do what to not 😢help !!!
Ben You from Iran??
Here we go. Subscribers ⬆
LET'S GO!!
I live in Ethiopia can I get my payments
I spent more than 6 months on bug bounty programs and I didn;t get any single bounty; I'm about to give up cause i need money to finance myself, in other words, i need money to pay for internet taxes and time spent
GZ
LF entry lvl job/internship
Python/CCNA/almost a hacker on HTB now learning JS.
insha'Allah that's gonna be me Allah will make me that dude
دایرکت بدم جواب میدی چنتا راهنمایی بگیرم داداش ؟
Ok maybe time to start doing bug bounty??????
Its tough, don't think if you start you have $
@@axelvirtus2514 it’d be more to keep up my skills tbh
yes - yes it is!
So a quarter of a mili in another two months? 🤔
probably not :(
motivated Bro
I made ZERO in three years flexing your bounties like so many others doesn’t help.
amazing sir.... i made $950 last month
presently learning API hacking just finished with corey j balls api hacking book..
God bless you for all you do.
Bro i have completed that course, can u please share your twitter ... Lets follow this journey together
bro with that course i found 2 bugs 250 euro and 300 euro on intigrty 😁 . can i know which platform u used? i hack on intigriti
Hackerone
@@oneplanet2198 thnx 👍
If you're not making a million dollars a week don't even talk to me 😤✋️
You have years of experience on your computer
I do!
@@NahamSec i know but how money years of experience do you have? 8-10 or more?
8:00 - So wait, you made $100k in two months purely on BB,.. and then also had enough time to do pentesting gigs and travel?
Personally, I understand burnout, especially when it comes to overbearing employers. Gets worse when you are your own boss if you don't check that greed at the door. My goal would be to hit like $12.5k/month ($150k per annum) and once I hit that goal around the middle to end of the month, just take the rest of the time off and do game dev (hobbyist passion of mine) to just unwind.
It's also super encouraging to hear you do this with absolutely zero automation and entirely in your spare time. As a fledgling BB hunter, I just get confused why a lot of people push automation when, if everyone uses it then you have to be the first in line or else you'll always be late.
I doubt it. I watch your streams sometimes and you struggle with burp academy. You don't have to lie to get views
all of your video sound is too low as other bug hunter ..i think thats a bug LOL
Generic API Key leak that is bug
Useful perspective. You are so pale I can tell you've been busy LMAO
Like and subscribe so I can afford a tanning membership. Jk. I do need to go outside more 😂
Can you make video live bug hunting Manually (Zero Automation or No recon)?
Because iam a beginner I don't know how to hunt bugs Manually, everyone teach recon, but i don't like it.
First 🥇❤
firstt
ping diff..someone else commented befroe me 😢😢
next time!
Great work
Thank you! Thanks for watching!
Love from india man. We met soon. Remember my name kedarkid or AKKI
If you wanna start bug bounty think twice, remember you compite with hackers with 10+ experience
There's room for everyone. I genuinely believe that. Don't let that mindset be the reason why you don't chase your dreams!
@@NahamSec no you need to be very good or collab with pro hackers lije you,zseano etc.I did bugbounty almost a year and find only duplicates or informative.So fuck this never spend a minute in my life on this shit
Please help with our cats food...... @Tanvir
Naham why Hacker1 cheat beginners i mean i reported 3 valid bugs they always say informative and close the report
Hi there, I was wondering if you could advise me on what route to go for a complete beginner?
Learning web fundementals -> TryHackMe -> Portswigger?
And generally, would I be wasting my time with this, couple of people here saying you’re competing with top hackers and I agree. But I am able to dedicate a lot of time to BB.
Thanks in advance!
me -> tryhackme - portswigger - pentesterlab - then api course from j ball
so i did some automated api endpoint enumeration testing (via feroxbuster) and managed to get into the /etc/passwd file on my friends web server he allowed me to hack-BUT - this was the contents of the file:
root:x:0:0:root:/root:/bin/bash
daemon:x:1:1:daemon:/usr/sbin:/usr/sbin/nologin
bin:x:2:2:bin:/bin:/usr/sbin/nologin
sys:x:3:3:sys:/dev:/usr/sbin/nologin
sync:x:4:65534:sync:/bin:/bin/sync
games:x:5:60:games:/usr/games:/usr/sbin/nologin
man:x:6:12:man:/var/cache/man:/usr/sbin/nologin
lp:x:7:7:lp:/var/spool/lpd:/usr/sbin/nologin
mail:x:8:8:mail:/var/mail:/usr/sbin/nologin
news:x:9:9:news:/var/spool/news:/usr/sbin/nologin
uucp:x:10:10:uucp:/var/spool/uucp:/usr/sbin/nologin
does anybody know how i can ACTUALLY get a hold of the password hashes for each user here in the second field after the first : ????????
From what you can learn on portswigger and tryhackme, what would you say is the minimum knowledge before diving into real programs?