My Favorite API Hacking Vulnerabilities & Tips

Рет қаралды 6,036

6 күн бұрын

LIKE and SUBSCRIBE with NOTIFICATIONS ON if you enjoyed the video! 👍
📚 If you want to learn bug bounty hunting from me: app.hackinghub.io/hubs/nahams...
💵 FREE $200 DigitalOcean Credit:
m.do.co/c/3236319b9d0b
🔗 LINKS:
📖 MY FAVORITE BOOKS:
Bug Bounty Bootcamp: The Guide to Finding and Reporting Web Vulnerabilities -amzn.to/3Re8Pa2
Hacking APIs: Breaking Web Application Programming Interfaces - amzn.to/45g4bOr
Black Hat GraphQL: Attacking Next Generation APIs - amzn.to/455F9l3
🍿 WATCH NEXT:
If I Started Bug Bounty Hunting in 2024, I'd Do this - • If I Started Bug Bount...
2023 How to Bug Bounty - • How to Bug Bounty in 2023
Bug Bounty Hunting Full Time - youtu.be/watch?v=ukb79vAgRiY
Hacking An Online Casino - youtu.be/watch?v=2eIDxVrk4a8
WebApp Pentesting/Hacking Roadmap - youtu.be/watch?v=doFo0I_KU0o
MY OTHER SOCIALS:
🌍 My website - www.nahamsec.com/
👨‍💻 My free labs - app.hackinghub.io/
🐦 Twitter - / nahamsec
📸 Instagram - / nahamsec
👨‍💻 Linkedin - / nahamsec
WHO AM I?
If we haven't met before, hey 👋! I'm Ben, most people online know me online as NahamSec. I'm a hacker turned content creator. Through my videos on this channel, I share my experience as a top hacker and bug bounty hunter to help you become a better and more efficient hacker.
FYI: Some of the links I have in the description are affiliate links that I get a a percentage from.

Пікірлер: 36

@NahamSec 4 күн бұрын

app.hackinghub.io/hubs/nahamsec-bug-bounty-course USE CODE: UPDATE50OFF for a discount!

@IBDLFSEragon 4 күн бұрын

Its showing page not found. Do we need to login to access the page.

@zerooo88 3 күн бұрын

Is the course the same as the one on Udemy?

@xerox0x1 4 күн бұрын

Of course, We would like to see an episode about graphql and path traversal ❤

@pkmumbreon937 3 күн бұрын

A path traversal video sounds awesome!

@BEKTIPS 4 күн бұрын

graphql please

@SonaliSingh-ri6jq 4 күн бұрын

GraphQL Injection Good topic

@BEKTIPS 4 күн бұрын

@@SonaliSingh-ri6jq yeah it is

@agustinothadeus 3 күн бұрын

Informative video as always Ben, I would really like to hear about how you approach GraphQL APIs, being used to REST, GraphQL seems a whole lot of a different game. I have experimented with using clairvoyance on a couple of APIs but can't bring myself to be comfortable with it as I am with REST.

@6060fishy 4 күн бұрын

Awesome video, a nice summary, just what I need to upskill on at the moment. Would love to see Path Traversal next please bro!

@user-fp7fs9xl2t 2 күн бұрын

Great Episode ... Path Traversal Next ...

@ralphaeljames9570 2 күн бұрын

Thank you for the graphql in advance

@gk_eth 4 күн бұрын

need both path traversal and graphql based vulns ben🙂

@user-pn7ey6bm7g 4 күн бұрын

great

@KaishKhan1234 3 күн бұрын

graphql + Path Traversal plz

@zbording80 4 күн бұрын

A Path Traversal video it would be super nice

@Enigma-qf9xz 4 күн бұрын

Graphql and dir traversal

@BLKSD 3 күн бұрын

Both plz

@monikasharma4403 4 күн бұрын

SIR PLEASE REPLY ME I have found a API key hard-coded in a javascript file but I have a confussion that should I report it as a information disclosure vulnerability or look forward to saw impact but I don't know what to do next . please assist me sir

@h0udini420 4 күн бұрын

definitely look for more impact... try to find out what purpose the API key is serving, a lot of times such tokens are used for logging or analytics services which are marked informative if you report them.

@monikasharma4403 4 күн бұрын

@@h0udini420 hey are you a hunter

@h0udini420 3 күн бұрын

@@monikasharma4403 yes