My First Bounty Award

Рет қаралды 8,874

Andy Li

Күн бұрын

Пікірлер: 50

@andyli 2 жыл бұрын

1 month update kzbin.info/www/bejne/fanKamOlqJt_rM0

@EnigmaticRapper 2 жыл бұрын

Awesome video. I'm 60 now and just starting to learn about security and such to get into bug bounty hunting as an old retired man. I'm strickly going to teach myself using the internet "Google searching with Dorks" and KZbin videos. No need to get into security as a job, or get hired, at my age. But it will be something "other than watching TV all day" to pass my time a little more productively.

@andyli 2 жыл бұрын

Nice!

@gkags2848 2 жыл бұрын

This is fantastic, thanks a lot for all the resources you are curating here, it is so welcome !

@andyli 2 жыл бұрын

Glad you enjoy it!

@benbeale2727 2 жыл бұрын

I've been lurking in their Discord, and I think you've just convinced me to jump all the way in!

@andyli 2 жыл бұрын

nice, good luck!

@frametrails 2 жыл бұрын

Hi Andy, good to watch your new video. It’s been a month I was waiting for another great video. Your content is great as usual. Keep it up buddy. 👍🏻

@andyli 2 жыл бұрын

Hey, thanks!

@chitralima2208 2 жыл бұрын

@@andyli we want more videos like this Mr Li

@yufang173 2 жыл бұрын

Great video, informative, thank you, sir.👍

@andyli 2 жыл бұрын

thanks

@jaym4697 2 жыл бұрын

Came for the osrs content. Stayed because your passion for all things you do.

@andyli 2 жыл бұрын

Thanks

@devadevans700 2 жыл бұрын

hey love you , u are an inspiration

@andyli 2 жыл бұрын

Thanks

@apostle5135 2 жыл бұрын

awesome content dude :) looking for more videos on these !

@andyli 2 жыл бұрын

Thanks! More content on this soon

@apostle5135 2 жыл бұрын

@@andyli one more question , how long do they take to decide/award a bounty after reporting ?

@andyli 2 жыл бұрын

@@apostle5135 at the moment around 20-40 days

@jxkz7 6 ай бұрын

Can you share some roadmap or anything for learning web3 bug hunting

@ka2edking507 2 жыл бұрын

Dude just question : can penetration tester keep all his work remotely for example like ur current role. Can u do the work done from home without going to office. "not bug bounty hunting" just real pentest like external/internal. Or this feature for programers only.

@andyli 2 жыл бұрын

at the moment I am working pretty much entirely at home, definitely possible

@jeffcui3660 2 жыл бұрын

This is amazing. Do you recommend any way to learnt about solidity security?

@andyli 2 жыл бұрын

Thanks. I talk about some of the learning resources in my videos. Secureum is a good place to start secureum.substack.com

@computerscience1008 2 жыл бұрын

Hello dear, thank you for this wonderful video. I have a simple question what level of programming do I need to learn and after that I learn bug bounty ? And Thank you very much 🤗🤗

@andyli 2 жыл бұрын

Mostly you will be reading a lot of Solidity code. I recommend going through a few tutorials to understand the language.

@computerscience1008 2 жыл бұрын

@@andyli Thank you

@MufazaPT 2 жыл бұрын

Can I start on junior penetration tester job without experience with these 4 certificates ? Comptia A+ Comptia Security+ Comptia Network+ Comptia Pentest+

@andyli 2 жыл бұрын

Some IT experience and those certs would get you a job. Otherwise without experience I recommend the OSCP to show practical skills

@ashhadali7592 2 жыл бұрын

Will u create a video how to start auditing? smart contract bug bounty

@andyli 2 жыл бұрын

yeah I made a video on that

@shockblockjohnson4599 2 жыл бұрын

Hello, can you please do a video regarding the legal risks involved in doung bug bounty? It's a critical issue that surprisingly doesnt get addressed. Thank you.

@andyli 2 жыл бұрын

You just need to make sure to stay in scope when testing production systems. For code review type bounties there is no concern

@shockblockjohnson4599 2 жыл бұрын

Thank you so much for the reply! I do have one more question if you don't mind: Do I need to contact the company first before hunting? Or can I just start hunting right away as long as they have a public program on a platform like hackerone, and I stay within the scope as you mentioned? Thank you for your time!

@andyli 2 жыл бұрын

for public programs you can just start

@shockblockjohnson4599 2 жыл бұрын

@@andyli Ok thank you very much!

@yourdailyblockchain 2 жыл бұрын

Great video thanks

@andyli 2 жыл бұрын

thanks

@hell0kitje 2 жыл бұрын

wow there are 6 contents now live, if you find more bugs maybe some video analysis one of them?

@andyli 2 жыл бұрын

Yeah crazy, I did submit some findings for them. Planning to do more videos on this

@44azeaze8 2 жыл бұрын

what is the best thing to do when u burnout ?

@andyli 2 жыл бұрын

Don't be too hard on yourself if you burn out. Exercise, go to the gym helps too

@muratkurtulus151 2 жыл бұрын

Can you share the links of the discord channels related to the security you joined? thanks

@andyli 2 жыл бұрын

Code4rena discord.gg/q3Ty5dEQes Secureum discord.gg/BxDEW6xRRF Smart Contract Developer discord.gg/r8VbC4HdGW Damn Vunerable Defi discord.gg/uKAqmvE9t5

@prosperdeogratius4888 2 жыл бұрын

I thought I clicked fast..but its 21 minutes late.fuck youtube algo

@andyli 2 жыл бұрын

first comment! :)

@prosperdeogratius4888 2 жыл бұрын

@@andyli keep the good work up man..this inspiration is so much helpful..I decided to reduce some efforts in network penetration based CTFs and learn web app development well before I fully focus on web apps vulns,the idea of learning owasp top 10 without knowing how sql and how all those injections come about sounded like a shortcut to me...so just decided,I'll re-do all this in a year or more,wish me luck Li🤣🤣