1. Persistence 2. Automation 3. Quality Educational Resources(Pentesterlab, The web application hacker's handbook) 4. Collaboration 5. Community 6. Health 7. Know the basics 8. Do what you're good at 9. Hack where there's less competition 10. Just Start
See, I'm looking for videos on hunting bugs, like irl bugs, moths, bees, butterflies, beetles, THAT type of bugs. And I sat here SO confused for a solid couple minutes- anyways, still a great video! Really well put together
Brother I must say . I love the way you Communicate very down to earth and trying to help other . Just subscribed for you're Greta attitude . Keep on doing great works .
Damn damn damn, I've been following you on twitter and I am one of the first people to sub as I know your worth man I'm sharing your channel and videos so that many people can get your valuable tips and knowledge ♥️ thank you so much man for doing this for us.
I got involved in the 'hunting' less than a week ago. I really got obsessed and went through 100/200 topics, videos, websites, hunters, tweets, etc ... and you are the first one to mention OWASP Top 10 + the Fundamentals metaphor, this touched me a lot and I think it's the most important, together with the Persistence ( and Curiosity ). THANK YOU for your contributions and existence 🙏
I've learned how to use nmap recently and made a script that takes the IPs of all subdomains and pipes it threw nmap and the stores the results in its own directory and file. Im very stoked on what I've learned
This is really a great video that everyone must watch in their initial phase of bug hunting. This should be the actual guide .. great work ✌️.. this helps me 😇
I love your way to see things, and not just about bugbounty,but life in general (when u talked about the law of the universe , for example). Amazing tips ! Can I ask you ... because that really gave me motivation...You really believe that with hardwork and dedication a guy thats just a beginner could achieve something as bugbounty? Sometimes it looks like its really difficult... today I was studying xss and men... It looked really hard and almost impossible to learn! And other thing if you may... About collaboration... U think there is somebody that wants to collaborate with an beginner in this world? Thanks for your videos! Keep up with this great content! 🙏
Absolutely - everyone who is successful in anything was a beginner once, and now they're successful! You would be able to find some people to collaborate with in the various bug bounty discords and slacks around the place :)
@@hakluke Thanks for your kind words 🙏! It really helps! Im still on the getting knowledge phase before try real bugbounty. Can u advice some discords? Im on bugcrowd and h1. Thanks for your time
I could see two different titles and more are close to each other The Web Application Hacker's Handbook: Finding and Exploiting Security Flaws he Web Application Hacker's Handbook: Discovering and Exploiting Security Flaws Any specific version or edition you refer?
@hakluke What all can be automated and how can be , can you please make a video on that, thanks for your support, i heard you saying for that to automate stuff for consistency, Appreciate in advance
Hey buddy great video. When you say get involved in the community, do you mean discord? What exactly do you mean? If you do mean discord it’d be great to have some links 🙏
Do you think it's possible to get into bug bounty hunting if you don't come from a Dev background? And if yes, where do you think would be the best place to start, or what skills to focus on?
Heard a friend talking about this and wanted to check it out. Been surfing youtube. My problem is there is no foundation to start on. People say there is so many different way to do this that there is no one way. You have to start where your skills are at or what you're passionate about. I know nothing about any of this but it does interest me. I do have a small background in networking but that is all. Did you find your answer on were to start? If so please give details.
Hello, sir, I had watch your video in bugcrowd (How to Crush Bug Bounties in the first 12 Months) and I am totally confused that you talk about bug bounty automated and earn passive income that means you explain about investing or something. could you plz explain sir
I have one question, I picked a relatively small program to start with, how much time should we invest in such a program before we move on to another program in case we are unable to find anything?
There really isn't a correct answer to this, it depends on the program and your skill set. I'd say if you feel like you've exhausted everything on that program - time to move on.
I am just starting out and cam across your blog about automating sub domain takeover recon. It seems a good starting point. Would you still recommend subfinder over amass ?
i just have a question , i am hunting only 2h up to 3h every day the rest of my time trying expanding my knowledge , so should i expend more time in hunting then learning , i just try full time hunting every Thursday but also no result at all
I wanna do this, but isnt it weird to just rely on that trust? Like you tell a company "hey, look, this is broken and this can happen" then what if the company ignores you and just fixes that? Or do you make some kind of a contract before looking for their bugs?
I guess you told in a video smtime ago Like start trying(may be in this video only.. I m bit on drinks.. hving trouble figuring out, sorry) .. I hv started actively after seeing your video though.. and, thanks to you.. I was just learning labs on portswigger n wen I tried exploring with bit free hand after ur advice to try, I came across subdomain takeovers. Wealth of knowledge out there on so many things.. and, actually before that I tried checking Real companies from hackerone after ur advice to try. And, what I saw in labs n wat I was seeing wen intercepting real things was like, if I hv to say, disappointing, scary n heart wrenching. It’s as if I thought Like I cud find a bug but the site was literally humiliating me. What can we do except for learning things like an amateur🤭.. I will keep trying.. I may fail again n again n again.. thanks for valuable words💐
If I hv to confess shamelessly, I get scared wen I see so mny requests rolling in burp proxy with just a single click on website. Whatever concepts I hv learned don’t seem applicable there. It frustrates.. may b tats y ppl like hakluke advise to try n Feel it.. I m trying wen I can.. let’s see😐😴
Wow,,never see you,,no 8 oufff you want to kill me,,listen a 2 first minute and i’m totaly stuck on your parole......long time no see,and never write that....new wold,peace
1. Persistence
2. Automation
3. Quality Educational Resources(Pentesterlab, The web application hacker's handbook)
4. Collaboration
5. Community
6. Health
7. Know the basics
8. Do what you're good at
9. Hack where there's less competition
10. Just Start
thanks
Nice to hear u
Bruh THAAAANK YOOOOUUUUU 😅❤❤
See, I'm looking for videos on hunting bugs, like irl bugs, moths, bees, butterflies, beetles, THAT type of bugs. And I sat here SO confused for a solid couple minutes- anyways, still a great video! Really well put together
😂😂
Brother I must say .
I love the way you Communicate very down to earth and trying to help other .
Just subscribed for you're Greta attitude .
Keep on doing great works .
Damn damn damn, I've been following you on twitter and I am one of the first people to sub as I know your worth man I'm sharing your channel and videos so that many people can get your valuable tips and knowledge ♥️ thank you so much man for doing this for us.
Thank you!
I got involved in the 'hunting' less than a week ago. I really got obsessed and went through 100/200 topics, videos, websites, hunters, tweets, etc ... and you are the first one to mention OWASP Top 10 + the Fundamentals metaphor, this touched me a lot and I think it's the most important, together with the Persistence ( and Curiosity ).
THANK YOU for your contributions and existence 🙏
I've learned how to use nmap recently and made a script that takes the IPs of all subdomains and pipes it threw nmap and the stores the results in its own directory and file. Im very stoked on what I've learned
This is really a great video that everyone must watch in their initial phase of bug hunting.
This should be the actual guide .. great work ✌️.. this helps me 😇
Very first video I watched fully on TH-cam ❤️the way you speak hits different ❤️ HUMBLE ❤️ Respect to you sir❤️
After watching your video i am gonna take 100 days of learning challenge and will update it regularly 👍👍
Could not agree more about the health side of thing. I have been the one man I.T army who's always on call 24 /7 - it doesn't end well
I like the way you touched on health, most people ignore it, thanks for the video
Luke, can you make your own discord server, please?
Hey Luke, did somebody told u that u r awsm in explaining n teaching things ? Awsm video n tips 👍
Thank you for this video, it's an energy boost for me!
I love your way to see things, and not just about bugbounty,but life in general (when u talked about the law of the universe , for example). Amazing tips ! Can I ask you ... because that really gave me motivation...You really believe that with hardwork and dedication a guy thats just a beginner could achieve something as bugbounty? Sometimes it looks like its really difficult... today I was studying xss and men... It looked really hard and almost impossible to learn! And other thing if you may... About collaboration... U think there is somebody that wants to collaborate with an beginner in this world? Thanks for your videos! Keep up with this great content! 🙏
Absolutely - everyone who is successful in anything was a beginner once, and now they're successful! You would be able to find some people to collaborate with in the various bug bounty discords and slacks around the place :)
@@hakluke Thanks for your kind words 🙏! It really helps! Im still on the getting knowledge phase before try real bugbounty. Can u advice some discords? Im on bugcrowd and h1. Thanks for your time
Amazing content! Subscribed, greetings from Chile.
Its really good motivator and brings more energy after seeing this video. Also, clearly explained the tips based on your experience
Thanks for these tips, I'm just starting out bug bounty hunting.
I could see two different titles and more are close to each other
The Web Application Hacker's Handbook: Finding and Exploiting Security Flaws
he Web Application Hacker's Handbook: Discovering and Exploiting Security Flaws
Any specific version or edition you refer?
Thanks Master Luke , building my Skyscraper foundation :)
Nice one ;)
I really needed to hear this advice and I didn't even know it. Thanks a lot! Cheers from Argentina
Outstanding advice mate - keep this type of thing up, people need to hear it! 🤙 cheers from BNE, AU
Thanks Justin! We live in a great city!
God bless you for the direction...good man
Fantastic content man! Thank you for this.
Excellent 10 tips Luke! Thanks a lot from Argentina ... Also you make top toolz in Github!
Hey @hakluke, can you add timestamps for the upcoming videos? Might be really helpful.
Sure :)
We want another one 🔥🔥 waiting !
Luke you are the best! Can you share tips on how to script the automation part efficiently?
@hakluke What all can be automated and how can be , can you please make a video on that, thanks for your support, i heard you saying for that to automate stuff for consistency, Appreciate in advance
another amazing person on youtube !!!
just subscribed 😚😚 😍😍
Hey buddy great video. When you say get involved in the community, do you mean discord? What exactly do you mean? If you do mean discord it’d be great to have some links 🙏
Ty
Great person and great video! Nothing but the best for luke!
Thanks for sharing Luke Bro
Can you make a video series on how hackers should get started with coding
Do you think it's possible to get into bug bounty hunting if you don't come from a Dev background? And if yes, where do you think would be the best place to start, or what skills to focus on?
Yes it is possible, and I'd follow the steps in this video :) Also checkout my talk from levelup on the same topic.
Heard a friend talking about this and wanted to check it out. Been surfing youtube. My problem is there is no foundation to start on. People say there is so many different way to do this that there is no one way. You have to start where your skills are at or what you're passionate about. I know nothing about any of this but it does interest me. I do have a small background in networking but that is all. Did you find your answer on were to start? If so please give details.
Hakluke rocks.
I also work for bugcrowd and have been struggling a bit...
Hello, sir, I had watch your video in bugcrowd (How to Crush Bug Bounties in the first 12 Months) and I am totally confused that you talk about bug bounty automated and earn passive income that means you explain about investing or something. could you plz explain sir
Thanks for starting the channel 😃
All checked except 2 and 4... Poor in automation and collaboration... You explain well within words... Keep going... Kudos..
I have one question, I picked a relatively small program to start with, how much time should we invest in such a program before we move on to another program in case we are unable to find anything?
There really isn't a correct answer to this, it depends on the program and your skill set. I'd say if you feel like you've exhausted everything on that program - time to move on.
@@hakluke thanks! Really appreciate it! ❤️
What are the basics we need to know other than Burpsuite? I am learning JavaScript and python. I'm a beginner. Tips?
I am just starting out and cam across your blog about automating sub domain takeover recon. It seems a good starting point. Would you still recommend subfinder over amass ?
brilliant vid man. helped me alot
Excellent Video , loved it , keep doing more videos .....
Do bug bounties include attacking the actual server or network as well? Like Hackthebox CTF style?
Depends on the scope, but generally yes
sorry how long did it take you to find your first bug my Man?
Hakluke is the best.
i just have a question , i am hunting only 2h up to 3h every day the rest of my time trying expanding my knowledge , so should i expend more time in hunting then learning , i just try full time hunting every Thursday but also no result at all
What tool do we use to automation
03:21 fresh programs, new target, new subdomains, new ip adress range, acquisitions, changes to DNS records, endpoints, refurbished the website
Thank you Luke
Ok Sir
Thank you for the awesome video !!
Thanks!
does pentesterlab help for someone who doesnt have any it background??
I wanna do this, but isnt it weird to just rely on that trust? Like you tell a company "hey, look, this is broken and this can happen" then what if the company ignores you and just fixes that? Or do you make some kind of a contract before looking for their bugs?
Then next time to you find one you sell it online lol
Good content keep going
Take my subscription 🤪
Thanks heaps mate!
Hope you're well haxormad!
@@hakluke Yes I am 😁
Hoping you doing well alongside the fam there!
Awesome man with the awesome video.:D
i dont know how to find a community? can u give me a example
Love your content brooooooooooo !!
1:20 damn same!
Thanks, this was really good and motivating. Liked, subscribed and press that bell icon! ( :
Thanks man...
Really good, it helps
Thanks man 🧑❤️
thanks man for this great video❤
Thanks for commenting!
sir make a series for developing tools/scripts related to bash
Thanks a lot
thanks for this video
Awesome content 😯
Where would i go to find some collaborators? I think its easier to learn in a group, need to find a good group
I've been practising for sometime recently and open to collab
@@nithinr5959 on Instagram or Twitter I will dm u
@@robertfling6173 do you mind if i join too?
@@brandonroldan5430 and if you don't mind me too
@@robertfling6173 Drop by your discord sir, I'll dm you.
Amazing video Keep up
Thank You ❤️❤️❤️
Persistence 💯💯💯
Awesome tips!
Thank you😊
Can you make a video for how to make an automation script for monitoring or scanning a certain stuff ... thanks for your help.
We shall see!
makeMORE.exe !!!!!!!!!!
Love ya man ^^ thank you for that !
Bro please share you bug pocs🥰
Is real world bug bounty hunting 2019 book is good for beginners
I have not heard of it
@@hakluke its a revised version of web hacking 101
Thankyou 🙂
Thank you
Just started
Awesome 👍
I guess you told in a video smtime ago Like start trying(may be in this video only.. I m bit on drinks.. hving trouble figuring out, sorry) .. I hv started actively after seeing your video though.. and, thanks to you.. I was just learning labs on portswigger n wen I tried exploring with bit free hand after ur advice to try, I came across subdomain takeovers. Wealth of knowledge out there on so many things..
and, actually before that I tried checking Real companies from hackerone after ur advice to try. And, what I saw in labs n wat I was seeing wen intercepting real things was like, if I hv to say, disappointing, scary n heart wrenching. It’s as if I thought Like I cud find a bug but the site was literally humiliating me.
What can we do except for learning things like an amateur🤭.. I will keep trying.. I may fail again n again n again..
thanks for valuable words💐
If I hv to confess shamelessly, I get scared wen I see so mny requests rolling in burp proxy with just a single click on website. Whatever concepts I hv learned don’t seem applicable there.
It frustrates.. may b tats y ppl like hakluke advise to try n Feel it..
I m trying wen I can.. let’s see😐😴
Love from Pakistan
thanks!
A gem 💯
Crushing bug bounties with 15k others
"get enough sleep" ehhhhhmmmmm
For the second tip...I want to add...Just learn bash stuff
❤️
subscribe button: [on fire]
You rock man!!!!!!
Here, take my sub.
Hope you're well Ceos3c!
Tips❤❤
Wow,,never see you,,no 8 oufff you want to kill me,,listen a 2 first minute and i’m totaly stuck on your parole......long time no see,and never write that....new wold,peace
Ahh