Pentesting and the requirements of the clients actually moved me away from recon, as more than 98% of the web pentests I did involved single scope web apps requiring a lot of manual testing via burp and code review. Was a blessing in disguise and made me love hacking even more
I really appreciate the perspective!! I feel like I found a lightweight and easy recon workflow to find endpoints but I definitely get stuck looking for misconfigurations versus exploring the core apps.
I'm new to the bug bounty space, but I find your live streams and content really helpful! I just started and I've not gotten any bounties yet, but I've been able to better understand web apps and how to approach the process. Thanks so much for what you do!
@@amoh96 I don't really have a road map yet lol. I am just trying to get better at understanding the functionality of applications and trying to focus on identifying specific attacks. There's too much for me to try and learn all at once.
@VerticalWordOfChrist yes I have found a few bugs now. These kinds of videos are helpful, but I wouldn't substitute them for hands-on practice. Once I put my mind to actually hacking I had a better go at it. Good luck!
manual hunting is the true function of the bug bounty, automation is already overused by Scanners, pentesters, and recently AI tools. Zseano has a manual methodology he will like this video.
Hi @nahamsec please make some more video like this to approach a target. And exactly where to look for vulnerability. your talks and tutorials aare so informational and easy to learn quickly. This kind of videos on how to approach to a target are very less on internet so please do some more videos like this . Thanks ❤️🇮🇳
would be very helpful to show us more examples on how do u look at apps, what u check and so on (maybe a series on VDP's) something like "no recon monday" dunno, very great content btw
I don't really enjoy automation because the tools does the job for me, and the reason I like web application researching is to do things manually. that's a cool choice of yours, and a hard one as well
The live stream you just did was amazing!!! You should totally publish it to youtube and just blur out the secrets and whatnot! It would be a crime not to
I've done team engagements against large organizations and I was by far the whole that found the most useful data for us. Just sucks that the thing I'm best at is just not that sought after
I am struggling pretty bad right now making money and I am not able to finish my Cybersec degree at university because of it. I want so badly to do this type of work, not necessarily for the money but because this type of work really appeals to me. My current job has nothing to do with computers and staying with it will not yield any of my goals. Im really not sure where to start as I am a bit intimidated but I feel that this is probably my best shot to change my career and life.... Any tips would be greatly appreciated. ❤
please make whole process video , moreover can you make video upon wordpress like if i had vulnerable version of wordpress and its is vulnerable from xss , prototype pollution , ssrf then how could i find them ? i found this vulnerable version from wpscan tool it give me all vulnerabilities but i dont know how to find them so can you make video on then . if you dont mind can make video on how to approach on wordpress site .
The compression and quality of your screen recording is a little bad for a few seconds sometimes, have you changed your screen recorder settings? it is artificing quite a bit in places.
Hey I came from your live stream!
Pentesting and the requirements of the clients actually moved me away from recon, as more than 98% of the web pentests I did involved single scope web apps requiring a lot of manual testing via burp and code review. Was a blessing in disguise and made me love hacking even more
That's a very cool explanation and hoping that we see the part -2 asap!! Thank YOU FOR THIS!!.
Soon!
Yes, would love a part 2 please. Really enjoying these frequent sort videos focussed on a specific topic. Keep it up man
Part 2 for sure, nice vid again! I'd love to see what you'd see as the "core" tests on an application that does not have or allow logins, users etc
Best video naham..
This is the exact content I was Expecting that elites like you would have made...
Live website, live recon, live methodology...
I really appreciate the perspective!! I feel like I found a lightweight and easy recon workflow to find endpoints but I definitely get stuck looking for misconfigurations versus exploring the core apps.
This is great. I love finding things manually. We just love doing that.
I'm new to the bug bounty space, but I find your live streams and content really helpful! I just started and I've not gotten any bounties yet, but I've been able to better understand web apps and how to approach the process. Thanks so much for what you do!
Hi im new too i still learn basics and u tell me about your roadmap ?
@@amoh96 I don't really have a road map yet lol. I am just trying to get better at understanding the functionality of applications and trying to focus on identifying specific attacks. There's too much for me to try and learn all at once.
@@heathstewart2090 nice im still learn i finish HTML and im in JavaScript did u have any background language
@@amoh96 i recommend to start on portswigger
@VerticalWordOfChrist yes I have found a few bugs now. These kinds of videos are helpful, but I wouldn't substitute them for hands-on practice. Once I put my mind to actually hacking I had a better go at it. Good luck!
manual hunting is the true function of the bug bounty, automation is already overused by Scanners, pentesters, and recently AI tools. Zseano has a manual methodology he will like this video.
Thanks for sharing, great video as always looking forward to part 2
Hi @nahamsec please make some more video like this to approach a target. And exactly where to look for vulnerability. your talks and tutorials aare so informational and easy to learn quickly. This kind of videos on how to approach to a target are very less on internet so please do some more videos like this . Thanks ❤️🇮🇳
As always ben, you never disappoint
❤️❤️🙏🏼
Just bought your course! I'm starting to take interest in this field and i hope this will lead me somewhere better.
Please make more videos like this in which you are auditing on real websites so that we can understand the methodology to find bugs.
Have you seen my live recon videos?
@@NahamSecshare your live recon videos link here please
@@NahamSec and also share that which tools you used for recon and automated bugs finder tools which you used please 🙏🙏
@@NahamSec make video of hunting on live target also n not just recon pls...........and pls make part 2of this in longer version
@@NahamSec 😂😂😂
Thank you for the valuable content. Quick question: Are your twitch videos for only paid members? I am having "error 5000 with video unavailable".
Thank you for this video, we love to see more videos like this, like crawling the app with burp suite and etc
Thanks for all that you do dude
would be very helpful to show us more examples on how do u look at apps, what u check and so on (maybe a series on VDP's) something like "no recon monday" dunno, very great content btw
I don't really enjoy automation because the tools does the job for me, and the reason I like web application researching is to do things manually. that's a cool choice of yours, and a hard one as well
Thank you for the video ❤. I have a question, did you find the vulnerabilities for the 10 000 in public programs?
The live stream you just did was amazing!!! You should totally publish it to youtube and just blur out the secrets and whatnot! It would be a crime not to
Maybe! It's too much effort to blur those out, so I may just keep them for members for now.
Love such content, Ben! Thank you for making it. Really insightful. Please continue to make more of these! Grateful.
I've done team engagements against large organizations and I was by far the whole that found the most useful data for us. Just sucks that the thing I'm best at is just not that sought after
Going back to basics helps to develop the mindset & trust own instinct.
I'm coming from your live right now... though I already watched the video previously lol
Would love a part 2
Can’t wait for part 2, thanks man
Hey I came from your live! =D
Great content Ben, please make part 2 but more detailed :)
Yes, please, more of this.
So, much information.
Hey I came from your live!
Came here from your live !!! Sooooo goood contents Thank you so much!!!!
🙏🏼🙏🏼
I will be happy to see part 2 of this.
Watching from Ethiopia, Africa! As always awesome content ben.
Thank you so much sir ❤️
Really interesting and informative
Heard about this vid from your live
From the live stream! Nahamsec says the internet is a series of tubes, this is legit stuff!
Would love to see some more on the devtools
Thank you sir 🙏🙏💖💖
Ya, pls make the part 2, love this kind of content !!!!!!
can we replace one id from other to check for IDOR using network tab as we do it in burp suit?
I am struggling pretty bad right now making money and I am not able to finish my Cybersec degree at university because of it. I want so badly to do this type of work, not necessarily for the money but because this type of work really appeals to me. My current job has nothing to do with computers and staying with it will not yield any of my goals.
Im really not sure where to start as I am a bit intimidated but I feel that this is probably my best shot to change my career and life.... Any tips would be greatly appreciated. ❤
I am doing the same from past 2 years. My 90% bugs are access control issues with manual approach.
great video ben!!! i really enjoyed your content nowadays.
I appreciate that!
Hey come from your live.I like your vedio.its easy to understand all security staff.Tnx.
please make whole process video , moreover can you make video upon wordpress like if i had vulnerable version of wordpress and its is vulnerable from xss , prototype pollution , ssrf then how could i find them ? i found this vulnerable version from wpscan tool it give me all vulnerabilities but i dont know how to find them so can you make video on then . if you dont mind can make video on how to approach on wordpress site .
Just came from your live recon video!!
BTW You did live recon on sunday also!!! xD
Thanks bro, I'm learning bug bounty and your videos always have great info ;-)
Great video as always :)! Learning a lot from you
I realy enjoy whatch the video and the way you aproch the application
Please make more video for manualy aproch like this
I got you!
AMAZING. Thanks man!
Great ! We need videos like this
coming over from live. solidarity forever y'all
So Gold! Part 2 pls!
Came from the live. Already watched the video and thanks for doing what you do.
🙏🏼🙏🏼
Great video, looking forward for more content like this.
Yeah Imma need a part 2
i definitely want 2nd video this is too interesting just hit the core without using tools dayum sounds cool
I just have to think of how to do it so it’s not just me talking to a camera
Definitely more videos like this!
Kidding. Great video 💜
amazing bro as always
Fantastic video sir 😍😎you are awesome. Every time I learnt new content from your videos ❤️
Please make part 2 to this video topic
It was amazing video🤠
Thanks for sharing!
I need to learn about all bug bounty step by step
Hello! I come from the Live! Good stuff!
Thanks Man
More of this please
The compression and quality of your screen recording is a little bad for a few seconds sometimes, have you changed your screen recorder settings? it is artificing quite a bit in places.
hey Coming from your live
love you man
I am really bad at recon, Liked your way, hope to find some bugs !
Hey I came from your live
Nice content. We need more content like the live one
love you bro ❣❣
Love this video it would be awesome if you will make more videos like these Ben ❤
Coming from your live right now
thanks
Love it! From twitch!
Love these videos!
Thanks for watching!
Bro can you make a video about js files recon? Thank you
Hey, came from livestream!
thank u
You're welcome 😊
Put a video about endpoint analysis
Hey I came from your live!
Maybe a part 2 on recon xD
Nice work!
Part 2 please :)
Make a part 2 🙏
Came from your live
Great video
Part 2 please
live stream took me here
Please part 2
Love it!(from twitch though)
please make part2
Part 2 please......!!!!
Legend 🔥❤
Love u bro
we want part 2