Hacking when all the bugs have been found?
Рет қаралды 5,115
Күн бұрынFinding bugs on the main app is something a lot of people are a little afraid of, a lot of people think that if a program has been out a while that there's no point even looking at it. But actually the majority of my bugs have actually been on the main application and rarely do I write off a program as unhackable. As you all know by now recon is definitely one of my weakest skills, so here are some tips for approaching the main app and actually getting bugs.
This series couldn't happen without the support of our sponsor Bugcrowd, Bugcrowd is the best place to start hacking with a wide range of public and private programs from APIs to Desktop Applications and everything in between. Not ready to jump into a public program yet? Fill out your platform CV and sign up for a waitlisted program. Tell Bugcrowd a bit about your skills, previous certifications or experience and they’ll match you up with the right program using their industry-leading CrowdMatch technology. Whatever your level, there’s a place for you in the crowd. You can sign up with my link here: bugcrowd.com/user/sign_up.
@MFoster392 7 ай бұрын
Thank you as usual :) Just so you know at 18:52 you have Ffuz instead of FFUF on your points so you'll have to fix that if you use it in any more videos :)
@InsiderPhD 7 ай бұрын
Thanks for that!
@MFoster392 7 ай бұрын
@@InsiderPhD I'm sorry, i always watch your videos a few times and idk if you checked but i gave you she wrong time stamp it's around 8:44 not 18:52 that's the end of the movie
@kittoh_ 7 ай бұрын
One of the videos with substantial knowledge gained! Awesome! It would also be cool if you can show a demo . Cheers!
@Sam-wl7vn 7 ай бұрын
The realest advice out there as per!
@comosaycomosah 7 ай бұрын
your videos been a huge help!
@Not0ver 7 ай бұрын
Thanks for these vids I really learn a lot!
@mynameisrezza 7 ай бұрын
What a legit content, katie! I'm still stuck on understanding how to fuzz api/graphql endpoint manually :(
@knowledgeboxbd9625 7 ай бұрын
Great video, want more
@danishbhat1536 7 ай бұрын
Doing the same approach from past 2 years.
@warnawarni5227 7 ай бұрын
if i don't have AWS and i can't using IP rotator....how to avoid WAF when we FUZZ the app
@user-xw7qi3wx5w 7 ай бұрын
Same question
@MFoster392 7 ай бұрын
Use a VPN
@RR-hl6zi 7 ай бұрын
@@MFoster392Self-hosted VPN, right?
@Proxyone444 7 ай бұрын
❤
@mehdi35191 7 ай бұрын
👏👏👏❤️🙏
@mnageh-bo1mm 7 ай бұрын
why bugcrowd not hackerone?
@InsiderPhD 7 ай бұрын
Already made a h1 video a few years ago look for “choosing your target” on my channel
@memento-mori-amor 7 ай бұрын
the video’s lessons apply regardless of platform. AFAIK the differences between the platforms tend to be cosmetic
Kirill Multitool
Рет қаралды 68 МЛН
DEFCONConference
Рет қаралды 311 М.