This free video covers a lot more topics than a course. I really appreciate what you guys are doing. I really like watching your videos. Love from India Sir.
TCM is recommended to anyone with little to no knowledge about cybersecurity in general. I’m preparing for OSCP and didn’t know where to start but tcm made is super easy.
Thanks, guys. I bought the Pnpt and a 3 month membership mainly for this course, during the sale. Thought I'd be able to complete it too with PNPT. Kinda overestimated myself and am still working through PEH. 10th March my monthly subscription ends, and I don't think I can afford it anymore. Was really sad that this one will remain incomplete. At least now I know that even if my subscription ends, I can still cover some part of the curriculum because of this upload.😢
Thank you, Heath, for providing us with this amazing information, we all need to learn the Practical aspects of Bug Bounty especially for some of us that would like to earn some extra cash.
Yes this is the first half of the practical bug bounty he also has a free complete course on ethical hacking if you're wanting to be a Penetration Tester th-cam.com/users/results?search_query=practical+ethical+hacking+-+the+complete+course @@Manas0_0
Using curl on APIs in room 5 returns generic error, regardless if I copy the command from the room or try with credentials from tutorial (those creds are not visible to me). {"status":"error","message":"Required fields missing"} Tried resetting the lab and db with init.php still nothing. Time stamp: 4:12:28 Edit: For anyone that has this problem, json username and password fields were missing double quotes
I have a doubt. IF the scope says that automation tools are not allowed, is this related only for vuln scanners or to all other tools, like directory/asset discovery. Tools like ffuf, gobuster, etc.
If anyone else ran into an error when setting up the lab stating "'172.20.0.4' is not allowed to connect to this MySQL server in /var/www/html/db.php". I was able to resolve this by removing the volumes for the mysql container, bb-db, in the compose file
Hello Heath/others/comments, I need help with Burpsuite, feel free to to send advice my way, but it just won’t work for me. If it’s a server thing, I’d understand, but I have the certificate and everything installed in my Linux machine, yet it still won’t work, advice? I’d appreciate it. Edit: I have figured out what to do, but do you have to keep manually forwarding traffic? Wish there was an automatic way.
im really weak in web apps compared to network, this is incredibly helpful. Thank you. Is the TCM course for practical bug bounty more in depth than this youtube video?
im having trouble with the api labs, server keeps responding with missing fields and i didn't manipulate the prepared requests, i copy pasted them into my terminal.
I am having a problem, I cannot open the Lab locally, what is the local host port it's running on? In the video he just went to localhost without any port or IP
@@TCMSecurityAcademy Thanks, what course in you website do you recommend to start, i am a freshman in cybersecurity and networking, another question is is true that Most programs follow a "first-to-report" rule, meaning only the first hacker to discover and report a specific vulnerability gets the reward.. thanks for answering
when i run the curl command to get information, i get a 403 error, i tried bypassing this with the “-c cookie.txt” option, but the results aren’t satisfactory. anyone else experiencing this?
Taking the PJWT (the relevant cert for this course) tomorrow! Massively excited to put what I’ve learned to the test!
Good luck! I wanna take it too
Good luck! 💜
Good luck my friend
Good Luck!
Good luck!
This free video covers a lot more topics than a course. I really appreciate what you guys are doing. I really like watching your videos. Love from India Sir.
TCM is recommended to anyone with little to no knowledge about cybersecurity in general. I’m preparing for OSCP and didn’t know where to start but tcm made is super easy.
I"ve got a subscription to TCM Academy but I just wanted to show some love here. You guys are awesome. Thanks for all you do for the community
Thanks, guys. I bought the Pnpt and a 3 month membership mainly for this course, during the sale. Thought I'd be able to complete it too with PNPT. Kinda overestimated myself and am still working through PEH. 10th March my monthly subscription ends, and I don't think I can afford it anymore. Was really sad that this one will remain incomplete. At least now I know that even if my subscription ends, I can still cover some part of the curriculum because of this upload.😢
How's is the tcm Security Courses?? Are they worth it in terms of skills and do they provide practical lab to practice??
Best course for a bug bounty I have seen for now
Thank you, Heath, for providing us with this amazing information, we all need to learn the Practical aspects of Bug Bounty especially for some of us that would like to earn some extra cash.
Currently doing the PNPT. Enjoying it. More so than the PEN-200
Thank you, Heath, for providing us with this amazing information!
What you learned after completing this ?
Awesome, I'm doing this on the TCM website right now. :)
Is this the exact first part of that website course?
Yes this is the first half of the practical bug bounty he also has a free complete course on ethical hacking if you're wanting to be a Penetration Tester th-cam.com/users/results?search_query=practical+ethical+hacking+-+the+complete+course @@Manas0_0
Can't believe this premium content available for free
Awesome video guys, thanks. Ill be coming over to your website to take some training soon.
Awesome! Here's a link to our bug bounty course: www.tcm.rocks/pbb-y
Using curl on APIs in room 5 returns generic error, regardless if I copy the command from the room or try with credentials from tutorial (those creds are not visible to me).
{"status":"error","message":"Required fields missing"}
Tried resetting the lab and db with init.php still nothing. Time stamp: 4:12:28
Edit: For anyone that has this problem, json username and password fields were missing double quotes
Hey.... Dear,
Can I run this BugBounty-v1.1 LAB on my Windows OS...???
I have a doubt. IF the scope says that automation tools are not allowed, is this related only for vuln scanners or to all other tools, like directory/asset discovery. Tools like ffuf, gobuster, etc.
It's related to vulnerability scanners only like nuclei
@@prathmeshchaudhari7613 Good to know .. thanks !!
@@soanzin welcome!
If anyone else ran into an error when setting up the lab stating "'172.20.0.4' is not allowed to connect to this MySQL server in /var/www/html/db.php". I was able to resolve this by removing the volumes for the mysql container, bb-db, in the compose file
Let's go! 🔥
Question - what makes an "automated tool"? Wouldn't brute forcing count as an automated tool? Great video by the way, thanks.
i have a question. in the rules for azena program.
it said request_header: X-Intigriti-Username: {Username}
how to add it?
Great resource for 2024
Heath with another fat W taking care of the noobs (like me) !
Hello Heath/others/comments, I need help with Burpsuite, feel free to to send advice my way, but it just won’t work for me. If it’s a server thing, I’d understand, but I have the certificate and everything installed in my Linux machine, yet it still won’t work, advice? I’d appreciate it.
Edit: I have figured out what to do, but do you have to keep manually forwarding traffic? Wish there was an automatic way.
im really weak in web apps compared to network, this is incredibly helpful. Thank you. Is the TCM course for practical bug bounty more in depth than this youtube video?
@16:40 I thought the dog snoring in the background was mine.
Thanks always for the free content. Can we get the Detection engineering for beginners course content please? Thank you!
Is it a full detail course on bug bounty?
im having trouble with the api labs, server keeps responding with missing fields and i didn't manipulate the prepared requests, i copy pasted them into my terminal.
I love this! Thank you so much!
Please upload the full course
I am having a problem, I cannot open the Lab locally, what is the local host port it's running on? In the video he just went to localhost without any port or IP
i want to give italian kiss to this course>>>>>😗
If there is scope given in bb program do we need to do directory bruteforcing?
Brute force the domain that's in scope at a rate that won't flood the programs defense team
Capstone folder is missing in Google drive link
thanks for the great video
however, i cannot access the lab as my kali linux keep saying i cant install docker-compose
any alternative guys
Love your Videos......awesome
Thank you Heath
How to download lab ?
Very awesome Content
i love you TCM.
2:40 is it free??
Please sir hope you are having a wonderful time
How can i get the course lab sur
1:50:00
I wish I could start hacking so I can make money to subscribe to this course 🤦♂️
We have a free tier of courses on the way!
4:29:14
This video is more detailed about Burpsuite...
Cool
❤
Aye!
30,362
Can you really make money out of bug bounty??
You can! Amount will vary but it is possible to make money off bug bounty.
@@TCMSecurityAcademy Thanks, what course in you website do you recommend to start, i am a freshman in cybersecurity and networking, another question is is true that Most programs follow a "first-to-report" rule, meaning only the first hacker to discover and report a specific vulnerability gets the reward.. thanks for answering
when i run the curl command to get information, i get a 403 error, i tried bypassing this with the “-c cookie.txt” option, but the results aren’t satisfactory. anyone else experiencing this?
please upload the other half.@TCMSecurityAcademy
2:55:43
2:20:00
❤
3:37:00