The 3 Tools You Need // How To Bug Bounty

Рет қаралды 30,680

Күн бұрын

Purchase my Bug Bounty Course here 👉🏼 bugbounty.nahamsec.training
Buy Me Coffee:
www.buymeacoffee.com/nahamsec
Live Every Sunday on Twitch:
/ nahamsec
Free $100 DigitalOcean Credit:
m.do.co/c/3236319b9d0b
Follow me on social media:
/ nahamsec
/ nahamsec
twitch.com/nahamsec
hackerone.com/nahamsec
/ nahamsec1
Github:
github.com/nahamsec
Nahamsec's Discord:
discordapp.com/invite/ucCz7uh
#offensivesecurity #redteam #bugbounty #hackerone #hackers #hacking #infosec #hackingtutorial #owasp #educational

Пікірлер: 80

@MikeTyson-ms2cl Жыл бұрын

I promise someday in future, I will become a great hacker and a great bug bounty hunter and i will make it into top 100 best hackers

@NahamSec Жыл бұрын

You got this!

@axelvirtus2514 Жыл бұрын

Tyson go fight old man 🤣

@amoh96 Жыл бұрын

@handsinthepocketsguy2036 HEHE

@ReligionAndMaterialismDebunked Жыл бұрын

@@axelvirtus2514 Mike Tyson xD Haha. Just that age reversal is around the corner in mainstream science, so let's see his age reverse. Hehe

@Fixenet5 9 ай бұрын

How are you doing right now ? I am also on the same path as you :)

@samk1491 Жыл бұрын

*TLDR* You only really need a handful of free tools to get going with bug bounties. Asset Discovery: amass subfinder Fuzzing/Dir Brute Forcing: ffuf dirsearch Proxy Tool: Burp Suite ZAP

@xzuky0233 Жыл бұрын

I just started learning hacking. Thanks so much for making these videos man! They're really helpful for me!

@NahamSec Жыл бұрын

Thanks for watching!

@coolkalli8574 Жыл бұрын

a full in-depth video about content discovery using ffuf or feroxbuster like multiple technology sites need which kind of wordlists and how to find those sites to be precise like which targets to choose to perform content discovery. could be really helpful. Thanks a lot for your videos.

@qazwacook1983 Жыл бұрын

Would be awesome to see a video of you doing recon and, looking for bugs with just these 3 tools!

@jessicaphillips8096 Жыл бұрын

Clear and juicy... Thank you 😊

@محمّد.09 8 ай бұрын

This is a great reminder to quit your obcession and getting overwhelmed by automation tools. Focus on improving your skill more and more.

@G3msFinder 10 ай бұрын

Thanks bro, we will be thankful if you do the video's of all all these tools

@jruok Жыл бұрын

Thanks NahamSec! Video was short and sweet. I appreciate when you project the names of the tools on the screen bc sometimes the caption doesn't translate what you're saying correctly (my hearing sucks lol). Just a thought but could AI be used for those trivial tasks that are usually automated? Sorry if this was addressed in another video.

@wizardff358 Жыл бұрын

You're my Idol. please make playlist on these 3 category in details video for beginners🥺💖💖

@abdonito8254 Жыл бұрын

We need live or video about all recon before start hunt (ports, subdomaine .....) New tools + ai ...

@CM-xr9oq Жыл бұрын

Dude, he has done so many videos on that....

@ahmedahmedx9600 Жыл бұрын

Yes its a good idea

@abdonito8254 Жыл бұрын

@@CM-xr9oq can you share with me links ❤️

@NahamSec Жыл бұрын

Check out my video that’ll get released later this week!

@recepby Жыл бұрын

Asset Discovery: amass + subfinder Content Discovery(Fuzzing/Directory Bruteforcing): ffuf + dirsearch Proxy Tool: Burp Suite + ZAP

@eritech Жыл бұрын

Thanks for everything you do, Nahom, It would helpful if you do a video exclusively on burpsuite or any of the tools you use. I really like the advice not to focus on too many tools.

@NahamSec Жыл бұрын

Great suggestion! Will try and make something soon!

@akashsarkar9579 Жыл бұрын

Yes sir I really want to learn Bug Bounty hunting. Please show us the basics of all tools.

@Frawkesish Жыл бұрын

I would love to see a more indepth video on the devtools honestly.. its free and messy but it seems you found some success with it in your video talking about making 10k in a week.

@peternavarroiii3944 Жыл бұрын

Good stuff. This got me thinking, could you use burp suite to verify if a link on a suspicious email is phishing?

@ahsan-li7sh Жыл бұрын

I love all your videos, i have also bought your Udemy course. Please make a video all these tools you mentioned. Specially burp suite professional! Thanks in advance!

@SyedImran-qf1eh Жыл бұрын

Thanks Nahamsec, I would like to also do this bug hunting. But before starting we need to learn something like how networking works. Can you give me some advice on this. Thanks

@zivintoplomjer8889 Жыл бұрын

hey man, thanks for the video. would you be down to share some POC videos on disclosed vulns, like how you actually found the bug and showed impact?

@NahamSec Жыл бұрын

Maybe - Hard to do it without the program's permission.

@AyushXtha Жыл бұрын

You are a good man. ThankYou😊

@HassanRaza-ek3mv Жыл бұрын

Thank you for this informative video.

@mdashifuzzamanshawon Жыл бұрын

Awesome. Very very informative...

@santiagotaboada4584 Жыл бұрын

Great video!! Could you please do a video about how to use Amass? I know that it’s a super powerful tool but the syntax is a bit confusing. Thank you in advance :)

@EverettJWashington Жыл бұрын

Agree here. Been trying to use that to its full potential and curious on his take on it. I read some stuff that Hakluke recommended in regards to using it, which included adding a lot of API keys, but then read that ReconFTW was even better but that one seems to be even more complicated as it combines a ton of recon tools together including amass! Anyway, any info on either would be good. (Particularly to maximize recon results)

@Death_User666 10 ай бұрын

You sir are a legend and have a guaranteed spot in heaven

@haksauc3 Жыл бұрын

Ok so I’m new. I’m curious, like how do you know when you’ve found a bug. Is it just like when you find a vulnerability? If u find u can do command injection. That’s the bug?

@rahmat_qurishi Жыл бұрын

Great as always♥️could you please make a video about api security🙂

@NahamSec Жыл бұрын

Soon

@user-or9sh5pr9y Жыл бұрын

I have always been you fan . I have been away from bug bounty for quite a some time now , How to restart

@Dr_Aways Жыл бұрын

thanks pro , can you share how do ecternal recon for wild scope

@siliconrobot6522 2 ай бұрын

I saw some bug bounty programs asking bug hunters not to use automation hacking tools like burpsuite and metasploit!! Is it fair to ask people to reinvente the wheel in order to find bugs for some companies that will accept it or refuse it at the end if all the big efforts he made?

@bugs-lk3jf Жыл бұрын

Like a Boss ...

@kaleykaley2389 Жыл бұрын

we want this tools used one by one plzz make video on this

@chizzlemo3094 Жыл бұрын

My big frustration is that when bug teachers show how bugs work its always on a contrived app like DVWA and doesnt feel realistic, but of course only recon is legal for live yt

@CodeAcademia00 Жыл бұрын

please make a video on how to use these tools

@Ajay-kz6zw Жыл бұрын

We need video how to test mannualy 🙂I believe you do.

@medofc1300 Жыл бұрын

We need live about What after recon

@maheshfan8178 Жыл бұрын

@NahamSec please make a video on the tools..your explanation is simply awesome

@learn-with-noob-007 Жыл бұрын

Sir did you just release a full bug Bounty course and for that we have to be a member??

@NahamSec Жыл бұрын

No. It's from my stream on Sunday, it's available to Members fro now.

@mominul0x01 Жыл бұрын

Great

@bibekand Жыл бұрын

please create video of each tools

@ReligionAndMaterialismDebunked Жыл бұрын

Yee! 🔥🤗

@h1-hackermater 9 ай бұрын

Amass Subfinder FFUF BurpSuite

@smitrabadiya234 Жыл бұрын

Bug bounty basic on tools please

@vaseemakram6692 Жыл бұрын

Can't able to JOIN, it says => "can't open the link"

@NahamSec Жыл бұрын

What do you mean?

@microburn Жыл бұрын

You said you pay for burp but you don’t use any of burp paid functionality! All of that intruder stuff you can do for free! Solid stuff tho. Keep it up

@didigaming-lc9zm Жыл бұрын

no hay para mac

@vivekkhandagre9274 Жыл бұрын

wow 😍😚☺

@zahiruddinahmad55 Жыл бұрын

please make a video subdomain takeover

@NahamSec Жыл бұрын

You mean like this one? kzbin.info/www/bejne/g3OXgKapiK2LetU

@saikiran80555 Жыл бұрын

✨Hi

@NahamSec Жыл бұрын

🌟

@zahiruddinahmad55 Жыл бұрын

Hello Sir.

@NahamSec Жыл бұрын

Hello! 👋🏽

@elronhalf-elven6491 Жыл бұрын

Probably get this question a lot, but do I really need to get a degree to become a SOC Analyst ? Should I be able to find a job if if get my Comptia Security+ and Network+ ? I understand showing some other skills is important too, but I feel like a 4 year degree will just be a waste of money for me. I can't afford it.