Hey Naham! How long it takes for a beginner to be really good that you start making some bucks? I'm not talking about millions of dollars here but maybe some hundred dollars?
Your live recon videos have helped me learn a lot, and they actually led me to find a $1000 bug. So, thank you for that! I'm referring to the old recon videos like Yahoo and some interviews where you conducted recon.
One thing I can't get good clarification on: a lot of bounty programs say something along the lines of 'no automated tools' but most bug bounty educational videos seem to tout the overall important and use of automated tools. It is not a sexy topic, but something I would love to see a bit about. No worries if it is something you don't want to cover!
Like someone else said - they don't want you to run vuln assessment tools that have likely already been used. The main thing is a lot of these tools spam massive amounts of requests and make a lot of "noise", which make it tougher on SOC teams to be able to differentiate BB hunters traffic from actual threat traffic.
good video, your video changed the way I look at web apps, starting from methodology and others, and now I always do manual tests even though it takes a long time, that's what makes me like BB
You don't really need a supercomputer for this. That processor is enough, you need at least 8 GB ram, 16 GB and up is recommended. For web application hacking you don't need a virtual machine, you could install Linux alongside with your windows.
You don't need such a good pc when starting out. Get something cheap like a lenovo thinkpad t480. Anything that has an i5, 8 or 16gb ram, and at least 256gb ssd will do the trick. Once you start earning money in bug bounties, you can eventually save up for better components, or a better laptop in that case.
Great video, love your content. As a complete beginner with a tremendous amount of motivation to get into big bounties and ethical hacking. Would you have any advice or words of encouragement how to get into this field. I just purchased your udemy course! Thanks for the great videos
Just stop thinking how to get started. Pick some websites, play around and understand how they work, look at login flaw, try to find open redirects as a beginner. My first bug was open redirect and then XSS. Just start hacking while learning.
Hi, i started bug bounty at 1 year ago , i need a peoples who work in this industry for their exp (sry for my bad eng , without translate)Thx for the videos
hey ben my plan is looking for idor only in every application i approach do you think it's a good idea ? and i thinking learn more about authorization issue's and file upload vulnerability what's your comment
That is not a bad idea but make sure it makes sense. That means the application has an API/GraphQL backend or makes AJAX calls to retrieve PII or sensitive information.
Thanks mate for being with us .Thanks for hoke me up with bb . Iam not just doing for money doing to challenge myself and get satisfaction of my hobby .Thanks and Happy new Year
No worry for this, everyone started at this point, you probably reporting some informative reports that are reported a long time ago before you. Always make sure your reports are valid and have impact, if so ask a mediation for help, I get a lot of duplicates by mistake of lazy triagers...
📚 Purchase my couse and learn about bug bounty hunting with over 11 hours of content, 100+ labs, and 15+ vulnerability types 👇
hhub.io/z6O6McIDYhU
done
Hey Naham! How long it takes for a beginner to be really good that you start making some bucks? I'm not talking about millions of dollars here but maybe some hundred dollars?
3 years
@@Whatisthis_1
@@mdowais6447 Whaat? 3 years to make a $100? Are you joking? or you meant $100,000
Can you post new coupon, please?
I was really needing phase 2. I don't think I've head a content creator mention to get to know yourself and what type of hacker you are. Love that
Your live recon videos have helped me learn a lot, and they actually led me to find a $1000 bug. So, thank you for that! I'm referring to the old recon videos like Yahoo and some interviews where you conducted recon.
Nice!! So happy to hear that!
That's awesome! Congrats!
How much time you needed for that?
@@milankomatinovic6614 started on September 8th got a bug on next year July 8th
What kind of bug was it?
One thing I can't get good clarification on: a lot of bounty programs say something along the lines of 'no automated tools' but most bug bounty educational videos seem to tout the overall important and use of automated tools. It is not a sexy topic, but something I would love to see a bit about. No worries if it is something you don't want to cover!
I believe by automated tools they mean is tools like nikto that does vulnerability assessment. There’s no need since they can use those tools too.
Thank you!!@@KhalifaYakub
Like someone else said - they don't want you to run vuln assessment tools that have likely already been used. The main thing is a lot of these tools spam massive amounts of requests and make a lot of "noise", which make it tougher on SOC teams to be able to differentiate BB hunters traffic from actual threat traffic.
Great explanation! This community rocks.@@effsixteenblock50
@@effsixteenblock50 so tools like subdomain enumeration ones or directory enums are okay?
Your Critical Thinking Bug Bounty Podcast was 🔥🔥🔥🔥
Thank you!!
Thank you so much for sharing. Now I got a very clear roadmap to follow😀
looking forward for the automation video too!
Well I get lost watching your videos, that's why I never start hunting. Man you are a very unique person. Thank you for your great work and energy.
good video, your video changed the way I look at web apps, starting from methodology and others, and now I always do manual tests even though it takes a long time, that's what makes me like BB
Thank you all bug bounty hunters!
You forgot Stock, he’s a good guy and he’s vibe is totally different from any other hacker at the community
love this! thanks
Glad you enjoyed it!
Bro i don't have good budget to buy a pc or laptop. Can i start with ryzen 3 3200g? Can we install virtual machine on it? Will it work?
You don't really need a supercomputer for this. That processor is enough, you need at least 8 GB ram, 16 GB and up is recommended.
For web application hacking you don't need a virtual machine, you could install Linux alongside with your windows.
@@atanaspeev4960 can I use i3?
Juz go for PC around 30000 price, there are plenty
You don't need such a good pc when starting out. Get something cheap like a lenovo thinkpad t480. Anything that has an i5, 8 or 16gb ram, and at least 256gb ssd will do the trick. Once you start earning money in bug bounties, you can eventually save up for better components, or a better laptop in that case.
Thanks! Looks like I'm in level 2 right now 😊
Nice! Keep up the great work. You'll get to level 4 in no time!
@@NahamSec Thanks my man, you're really an inspiration for me ✌️
Nice video ❤🎉,Thanks for the video
thanks for giving back to the community
Great video, love your content. As a complete beginner with a tremendous amount of motivation to get into big bounties and ethical hacking. Would you have any advice or words of encouragement how to get into this field. I just purchased your udemy course! Thanks for the great videos
Just stop thinking how to get started. Pick some websites, play around and understand how they work, look at login flaw, try to find open redirects as a beginner. My first bug was open redirect and then XSS.
Just start hacking while learning.
I heard the advice from someone like: not to learn how to hack, HACK to LEARN how to hack.
I can edit your videos with more graphics .
I'm ready for that
Hi, i started bug bounty at 1 year ago , i need a peoples who work in this industry for their exp (sry for my bad eng , without translate)Thx for the videos
Did you earn anything, and whats is your level of skill?
sir , can you suggest programs have large web application with ton of functionality for manual hunting
hey ben my plan is looking for idor only in every application i approach do you think it's a good idea ? and i thinking learn more about authorization issue's and file upload vulnerability what's your comment
That is not a bad idea but make sure it makes sense. That means the application has an API/GraphQL backend or makes AJAX calls to retrieve PII or sensitive information.
@@NahamSec k thanks
Im snagging this course for sure!
i started bug bounty because of motivation which you gave me
When did you started and how is it now?
♥️
Where can learn ios bug bounty?
The number 1 cause it information technology problems is black hats
which platforms for bug bounty?
Make a video on technology stack based testing
عالی هستی بهروز جان،این کورس برای مید لول هاست؟
Beginners for now
@@NahamSec تشکر،راستی لایو ریکان یا لایو هانت دیگه انجام نمیدین توییچ؟
Thanks mate for being with us .Thanks for hoke me up with bb . Iam not just doing for money doing to challenge myself and get satisfaction of my hobby .Thanks and Happy new Year
Yes please update the Course @Nahamsec.
Thank you Nahmsec im in Level 1.5 I start 8 month ago found 8 bugs (vdp) :)
That is amazing!! Congratulations and keep up the good work!
I have my audio maxed out, I think your video/voice is quiet, a bit hard to hear.
thanks Ben
I saw you recommended "black hat python" as 1 of 5 books, but in chapter 2 it's already too hard
So keep learning! This isn’t suppose to be easy.
Did you bother to learn Python first?
Thanks man
ThankYou Sir
Thanks
I have done the first three resources...
Fire
I'm a white hat. I hate Black hats
Love from India
Ambiguous Information … With Sprinkles of Advertising. Always repeating the same info
Your to close to your mic
Ez, just start with Call of Duty 😂
Where are we dropping?
Can you share coupon code for udemy cources
It's in the description of the video
www.udemy.com/course/intro-to-bug-bounty-by-nahamsec/?couponCode=TH-cam
Thanks I am also very interested in bug bounty and doing an internship
I always getting duplicates
No worry for this, everyone started at this point, you probably reporting some informative reports that are reported a long time ago before you. Always make sure your reports are valid and have impact, if so ask a mediation for help, I get a lot of duplicates by mistake of lazy triagers...
Wasted 2/3 years in bug bounty nothing happen😢
really ? how
@@KaTal-6 learned bug bounty cant find any bugs
Haha this is sad reality for most of you who wants to get into bbh..😅
you cant destroy what you cant build! and not all developers are hackers.
@@serialkiller8783 come at me bro!
❤❤❤❤❤❤❤
😢❤
Eyv knk
Başlanır mı yani
Noice
og
step 1 is learn web development
First ❤