He made $100K in 2 months from Bug Bounty! Learn from one of the best! Big thanks to Brilliant for sponsoring this video! Get started with a free 30 day trial and 20% discount: brilliant.org/DavidBombal Ben (Nahamsec) hacks platforms legally and with their permission! He gives us his top 3 Bug Bounty tips for 2023. // Websites recommended by Ben // * hackerone.com * www.bugcrowd.com/ * picoctf.org/ * portswigger.net/web-security * www.intigriti.com/ * www.hacker101.com/ * www.synack.com/ // Ben’s Social // Twitch: www.twitch.tv/nahamsec KZbin: kzbin.info Github: github.com/nahamsec Instagram: instagram.com/nahamsec Twitter: twitter.com/NahamSec Website: nahamsec.com/ // Videos mentioned // Ben's $100K video: kzbin.info/www/bejne/inysdouthMiVnMU Kali Linux Nethunter Android Install in 5 minutes (Rootless): kzbin.info/www/bejne/gamyeKyrfNZjitU // KZbin channels recommended by Ben// @InsiderPHD: www.youtube.com/@InsiderPhD @FarahHawa: www.youtube.com/@FarahHawa @STOKFredrik: www.youtube.com/@STOKfredrik @phd_security: www.youtube.com/@phd_security @_JohnHammond: www.youtube.com/@_JohnHammond @IamJakoby: www.youtube.com/@IamJakoby @HackerSploit: www.youtube.com/@HackerSploit @BugBountyReportsExplained: www.youtube.com/@BugBountyReportsExplained // Recommended Books // Atomic Habits by James Clear: amzn.to/46D8yDE Hacking API’s by Corey J. Ball: amzn.to/3NRTafh Bug Bounty Bootcamp by Vickie Li: amzn.to/3JAPZWS The Web Application Hacker’s Handbook 2 by Daffyd Stuttard and Marcus Pinto: amzn.to/3XvNmLp // MENU // 00:00 - Coming up 01:00 - Brilliant sponsored segment 02:31 - Making $100K in 2 months with bug bounty 04:43 - Top 3 tips for starting with bug bounty 06:15 - Top 3 technical tips for bug bounty 08:10 - "Don't learn to hack, hack to learn" // Consistency is key 11:32 - Top 3 free learning platforms for bug bounty 12:47 - Top 3 bug bounty platforms 15:08 - Vulnerability Disclosure Programs // How VDPs can open doors to opportunities 19:55 - Top 3 recommended KZbin channels 21:27 - Top 3 recommended books 22:17 - Top 3 technologies to understand 23:45 - Helping others // Twitch, KZbin & Twitter 25:35 - Conclusion // MY STUFF // www.amazon.com/shop/davidbombal // SPONSORS // Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel!

I am 37 and I want to change the industry that I work! Great information!! Thank you for inviting him!

David, I must express my deep appreciation and enjoyment for your videos. I've had the pleasure of watching around 30 to 40 of them, and with each one, I've gained valuable insights and knowledge. Your collaborations with other influential creators have been truly inspiring as you mutually support and uplift one another. I also want to mention that Ben's content is excellent; I hadn't come across him before, but now I'm eager to explore his videos as well. Your dedication and passion in creating these videos fuel my own aspirations, providing me with the inspiration and motivation I need to pursue my goals. I want to extend my heartfelt gratitude for everything you do for all of us. Thank you! You are a legend!

New sub! Thanks both. Circumstances changed for me in December, been looking for a complete change so my lifelong fascination with computers is now becoming the focus with a view to getting into IT, and this is definitely a field of interest. Currently doing the basics, A+ net+ and hopefully sec+ but more with a view to filling in the blanks rather than to get a help desk job. It's a journey not a destination so learning a little every day. Thanks for the great content.

Wow! That was so informative and encouraging. I started on the bug bounty path earlier this year and became quickly overwhelmed and discouraged. This video (David's insightful questions and Ben's thoughtful answers) has prompted me to reset, reassess, and start over with a more positive outlook. Many thanks to both Ben and David -- and yes, I've subscribed to both.

I've been following you ever since I got into hacking. I gotta say it, these interviews that you are doing is pretty amazing and nothing like the content you've made before. Always brings something new and interesting to the table. Please, keep it up. Looking forward to seeing more amazing guys soon.

Subscribed. I see bug bounty as my retirement plan for extra cash. I have been doing IT and cyber security work since 95 and this may be a good way to keep me sharp and earn a few extra dollars. It will be nice not having to work except when I want to.

I felt alot of what he said, especially as a bjj competitor you learn that everything needs consistency and teamwork

Been waiting for such interview a lot. Hope u do more videos like this in the future 🙏🙏. Really appreciate what u r doing for the community David❤❤ .

Very informative video! Thanks a ton for all the valuable information, looking forward to starting my journey

Great advice thanks for this guys :) Something i am doing is Hack The Box Academy with walkthrough videos if i get stuck and then going to be doing Hack The Box guided mode after the academy as want to change from sysadmin to Cyber Security. I am 42 and was inspired by one gentleman who was 50 and got into hacking :)

I recently turned 17 and about two years ago I made around 8k of off web hacking I get very frustrated when I spend days on target and I don't find anything, that's why I'm switching to web3 and smart contract hacking tbh, at least you're investigating your time with something worth the effort

Great video... Really motivated me a lot... I would also suggest another guy kinda in the pentesting side that's Sabyasachi. His explanation is awesome. Though he's new to content creation but still has valuable content. 🤗

Thanks David for the interview. It's informative and gives confidence.

Insightful 👌 it gives me more energy to learn

Thats one of the most informative videos ive ever seen

Bug Bounty program saturation is a thing... And in my opinion it's the most important thing to bear in mind when looking at the profitability of your time in a bounty program.

David 👌 its absolutely true that interactive hands on is the best way to learn .personally its my preferred choice. Great content David and Ben 👍👍

THE FREAKING INTERVIEW / VIDEO / COLLAB WE NEEDED ON THIS CHANNEL !!! LOVE YOU BOTH MENTORS !! 🙏🙏🙏🙏💖💖💖💖🔥🔥🔥🔥❤‍🔥❤‍🔥❤‍🔥❤‍🔥

A great guest, I love his channel.

Nice to see ben here. Thank you

Thanks David Bombal ❤❤❤

Thank you for the Great content with amazing badass guest! Keep on rocking! 👏🤘🔥🔥

Interesting topic you presented and keep it up. 😎

Thank u david for this video !!Love from india 🇮🇳

the only thing that matters in bug bounty is that how much your are consistent to work on

Awesome ❤❤❤

GOOD INFO. 😎👍🏾

Thank You David for another informative interview.

Brilliant interview as always !

The best Chanel ever!

Amazing knowledge

Du bon contenu, comme d'habitude continue comme ça.

The video idea is brilliant

Great content again from mr Bombal. here's a suggestion, maybe DevOps next?

Cool content David as always

Thank you David for bringing value people into your interviews as always

I've learned so much from your channel and Ben's you guys are helping others everyday :-)

#davidbombal ....two legends in one video 💫😇🔥🔥

Ty

Great content as usual David. Thank you

Good day sir Mr Davidbombal. He talked about the E1-ELITE behind him is that also a book we could read or probably I could read speaking for myself and if years I'm finding it difficult to get the book Thanks

Thanks David for aspiring we the up coming hackers 🎉❤

id really love to get into hacking , is there any specific way or concept to start with ? because it is really overwhelming :( im still an engineering student so if there is any way to start learning this (preferably for free ) i would really appreciate any kind of help . thanks for the cool content

Just a weird question but when your doing the bug bounty are you grabbing boot leg to check the software? Asking for a friend

I think my problem is just writing the reports lately and then when I find it and it work out I try to go longer looking for more and I eventually loose what I had found.

If it ain’t easy, it’s because it’s worth doing.

حلقه مميزه❤

Nice nahamsec here

Gone try 👍

Great 👍

Is that too much matter called - "TALENT" !!

Do you have access to the algorithm or something cause I’m literally learning ethical hacking and I want to do bug bounty

amazing

good👍

Good

What is VDS ???

DAVID PLS REPLY ME. A lot of us have watched your videos specially the one video that you use WiFi adapter to hack WiFi or to do 4 way handshake. I but I know that a lot of us who are new to hacking or are green hat hackers. We can't find that adapter which supports monitor mode 😩🤔 sooo is there an other way to get the job done and do 4 way handshake using other methods ? Like maybe using python or other tools in Linux or using the powerful module scapy from python ? I'm saying that a lot of us can't get that WiFi adapter which supports monitor and injection modes. So what can we do it we can't literally find the WiFi adapter? Other ways to do the job ? Plsss reply me I'm a big fan and this is very useful information if you can help it would be great;)

I know a South African when i hear one😂

PhD security 😊

Are cyber security jobs in danger due To Ai. Sir supposed you are a beginner in IT in this era would you like to enroll yourself in cyber security field?

I have been thinking about bug bounties, but what if I am slow learning and it takes months to get up to speed, should I still pursue web hacking???

Helo sir plz Help me i am buying a leptop but very confused plz suggest a under 35k laptop for programming .

i found a way to put kali on an sd card

❤🎉

Bug bounty is at best a side gig; a scam at worst. The payout depends on the company, and such companies want to pay as little as possible for the bounty.

i really wonder how much of wat u say is BS , or the truth?? prob a mixture of both

Is there an Arabic language? I hope there is an Arabic language in this application

Ippsec is my favorite... He is so good in Linux command and I love how he prevesc

you forgot networkchuck!

Or it's probably H1-elite =Hackerone elite !!

so i did some automated api endpoint enumeration testing (via feroxbuster) and managed to get into the /etc/passwd file on my friends web server he allowed me to hack-BUT - this was the contents of the file: root:x:0:0:root:/root:/bin/bash daemon:x:1:1:daemon:/usr/sbin:/usr/sbin/nologin bin:x:2:2:bin:/bin:/usr/sbin/nologin sys:x:3:3:sys:/dev:/usr/sbin/nologin sync:x:4:65534:sync:/bin:/bin/sync games:x:5:60:games:/usr/games:/usr/sbin/nologin man:x:6:12:man:/var/cache/man:/usr/sbin/nologin lp:x:7:7:lp:/var/spool/lpd:/usr/sbin/nologin mail:x:8:8:mail:/var/mail:/usr/sbin/nologin news:x:9:9:news:/var/spool/news:/usr/sbin/nologin uucp:x:10:10:uucp:/var/spool/uucp:/usr/sbin/nologin does anybody know how i can ACTUALLY get a hold of the password hashes for each user here in the second field after the first : ????????

You forgot to mention @LiveOverflow #LiveOverflow

NIGGA WE SHOULD GATEKEEP IT

We forget to mention the one of best in web hacking and the most humble one #Rana_Khalil ❤️❤️ @Ranakhalil101