6 ай бұрын
9 ай бұрын
9 ай бұрын
9 ай бұрын
9 ай бұрын
9 ай бұрын
11 ай бұрын
Жыл бұрын
Жыл бұрын
2 жыл бұрын
2 жыл бұрын
2 жыл бұрын
2 жыл бұрын
2 жыл бұрын
Пікірлер
@L30x408 8 сағат бұрын
Your content is gold thanks!!!!
@AkshayBhujbal-h9m 3 күн бұрын
Notes: Methodology: 1. figure out what an application/feature does. 2. click every button and link. (Sometimes do some fuzzing) 3. identify Interesting endpoints. The Cycle: Try exploit>Doesn't work?(if it works exploit it)>workout why>change exploit.
@JoeSharber-t5k 15 күн бұрын
Walker Elizabeth Lee John Taylor Elizabeth
@wardellcastles 18 күн бұрын
FYI, the latest Yahoo app is doing SSL pinning. However it will run on a rooted device.
@arslanniazi9073 21 күн бұрын
Burpsuit #bbhammer
@Macj707 22 күн бұрын
just now got here... chef wuz here
@PullmanMagee-t6u 23 күн бұрын
Moore Elizabeth Lopez Jeffrey Martinez Christopher
@CourtneyWarren-c5b 23 күн бұрын
Davis Kenneth Johnson Patricia Hall Jennifer
@HackTheMatric 24 күн бұрын
Thanks, it's really helpful! I would like to request a practical video on this topic, specifically Remote Code Execution (RCE).
@GregoryTripp-p7r 27 күн бұрын
Matilda Extension
@DavidRawls-b9p 27 күн бұрын
Grady Inlet
@Unhacker 29 күн бұрын
Excellent strategic advice, Insider!
@Unhacker 29 күн бұрын
You are excellent.
@Themoralofthestory. Ай бұрын
So i finished my google cyber security course and started my INE ejpt. Should i start bug bounty now or wait a little bit then start?
@InsiderPhD 18 сағат бұрын
I would say start before you think you're ready, it's really easy to get caught in a cycle of learning and never actually feel like you have a critical mass of knowledge for bug hunting
@mr__whale Ай бұрын
Awesome
@Welshpatriots Ай бұрын
Katie you are the best keep hacking
@ulkeshchaugule3615 Ай бұрын
Love from INDIA you too good in APIs
@lsik231l Ай бұрын
For hierarchical note-taking, I use selfhost bookstack. On the fly note-taking, I'm starting to use Obsidian. You don't have to pay for the syncing feature if you get creative with your vault storage.
@Abood-wn1fi Ай бұрын
Please make shorts for api hacking. Also the audio is not clear ☺️
@ak0904 Ай бұрын
I also found a business logic issue in Apple , but sadly it's not their bounty category 😞, but still got credited though.
@linuxluminary 2 ай бұрын
Thank you so much for the motivation, I started bug hunting on bugcrowd in July and so far I have reported over 15 bugs and all of them got either duplicate or information or not applicable. I am watching your videos to get motivated 😉😉😉
@serhanesaidi3140 6 күн бұрын
kudos to you cheer up i belive in you
@linuxluminary 5 күн бұрын
@@serhanesaidi3140 thanks dear! Really it means a lot 💕💕
@InsiderPhD 18 сағат бұрын
Dupes are GOOD - that means you're finding the right stuff BUT you're just not fast enough, that's when you've gotta play the bb meta of finding new scope before other people, recon helps a lot with that. Informational/not applicable is super dependent on the client, it's usually a risk they're happy to accept not necessarily that you haven't found an issue. Keep on it there are so many people out there who haven't even been brave enough to report a single bug, you're smashing it compared to them.
@hzhz9013 2 ай бұрын
alot of thx katie ❤️❤️❤️
@ce_cabeza 2 ай бұрын
You never finished the series 😭😅
@bloatless 2 ай бұрын
thanks for sharing your knowledge , God bless you
@khai-vq5hn 2 ай бұрын
Burpsuite! #bbhammer
@vipracitti 2 ай бұрын
It's been a week I have been watching these videos but got overwhelmed because most of Researchers assume one might know about these starting points and got lost in all this process. Your video really help in clearing my mind and for that Thanks a lot. Really appreciate your efforts in producing such easy to understand content.
@saikirangoud118 2 ай бұрын
great video
@georgepagel7706 2 ай бұрын
OWASP web security testing guide has been useful for me as a checklist going through an app. 23:57
@ihebhamad1477 2 ай бұрын
Thank you for this great explanation
@helalsadat2077 2 ай бұрын
i have watched this video 1 and half month ago and i was able to identify a function prone to IDOR , i spent 20 days on that function and at the End i was able to bypass the access controls and view invoices, billing addresses, finance records, my report is triaged and waiting for bounty , thank you this video really gave me an Idea where to look for IDORs :) , But now i am watching it again since i started API hacking and i hope i will learn something new again in this video about API hacking
@InsiderPhD 18 сағат бұрын
NICE, now you need to unsubscribe because you are a pro ;)
@helalsadat2077 2 ай бұрын
for those who want to make word list of get a good word list i would recommend asset notes API routes word list it's really big and give really good results , Happy API Hacking
@helalsadat2077 2 ай бұрын
I have watched the Full video , Thank you very much Katie , I am Regularly following this playlist of API Hacking
@ahmedezealdean6189 2 ай бұрын
Bussiness Logic errors are so similar to IDORS, and according the web applications hacker handsbook it a type of IDOR.
@helalsadat2077 2 ай бұрын
Starting TOday Lets rock and roll :))
@M3dU5aXX_Ray_Tierney 2 ай бұрын
Katie, you are a life saver!!! I could not wrap my brain around these for college exam!!❤🎉
@dukedud9743 2 ай бұрын
1- finding ur first bug 2- firefox containers 3- api top 10 4- api enumeration
@x7331x 2 ай бұрын
Great content, congratulations!
@x7331x 2 ай бұрын
Great video and tutorial, thanks for doing that!
@chetansalunke9632 2 ай бұрын
How to fuźz with the list of urls .txt with ffuf??
@flavioferlin3127 3 ай бұрын
Howdy to all. Dear Katie, bless your heart. Thank you, kudos.
@helalsadat2077 3 ай бұрын
By Learning From You , You Will See One Day i Will Tag You in a Tweet , thank you very much i am learning alot about API hacking From your videos and Corey J Ball's Book , Lot Of Love and Respect , God Bless You
@V.WalkingTours 3 ай бұрын
Hi Kattie! I watch a lot of your videos and I keep watching them and learning! I don't know if i this video, but I came here to tell you that I found my first IDOR and looks quite serious because I can log in other users account too! Thank you so mucho for your content and This course is great!
@InsiderPhD 18 сағат бұрын
Amazing - how did it go?
@bradnaylor35 3 ай бұрын
Great video! You have a serious aptitude for teaching. Enjoying all the bug bounty basics lessons
@rdx8122 3 ай бұрын
Thanks didi !
@asuhayda1 3 ай бұрын
You mentioned putting several links in the description but there aren't any there.
@asuhayda1 3 ай бұрын
I really appreciate your point of view on this topic. I'm just getting started learning cybersecurity and found your video to be super helpful. Thanks!
@RyanGiggs-w7i 3 ай бұрын
just be honest. I'm frustrated about bug bounties
@Sakuraigi 3 ай бұрын
You are a philosopher
@friend-el3fc 3 ай бұрын
literally you are the best !! please keep on posting Bug Bounty videos
@khaledmohamed5564 3 ай бұрын
You are the most helpful Bug bounty content creator and I learnt a lot from you, I hope you make more videos about Android Pentesting because Web is sooooo much competitive.
@InsiderPhD 18 сағат бұрын
Definitely plan to in the meantime I really recommend hex tree's android course, it's completely free