Watch me hack a bug bounty-like target from scratch.
Рет қаралды 27,072
3 жыл бұрынIn this video, I will demonstrate a bug bounty hunting methodology on a CTF website that mimics a bug bounty target. I will start from scratch and become admin on multiple web applications. Many techniques will be used: Subdomain enumeration, directory bruteforcing, using tools such as assetfinder, ffuf and Burp Suite Intruder.
- Download your FREE Web hacking LAB: thehackerish.com/owasp-top-10...
- Read more on the blog: thehackerish.com/my-bug-bount...
- Support this work: thehackerish.com/how-to-support
- Facebook Page: / thehackerish
- Follow us on Twitter: / thehackerish
- Listen on Anchor: anchor.fm/thehackerish- Listen on Spotify: open.spotify.com/show/4Ht8jEb...
- Listen on Google Podcasts: podcasts.google.com/?feed=aHR...
Thumbnail photo by Andrea Piacquadio from Pexels
@itsalgore 2 ай бұрын
This is the most educative video so far, been going in circles
@CristiVladZ 3 жыл бұрын
Looking forward to reading it!
@goooooo9197 3 жыл бұрын
I think you don’t do ctf you do real thing called bug bounty
@TheWhaleon Жыл бұрын
I've taken a few bounty Udemy courses and have watched a ton of video guides on youtube and other places. I wouldn't say I'm new to the content but I'm definitely not a professional when it comes to bug bounties. I'm not even 5 minutes into this video and have already dubbed this one of the best beginner videos I've seen so far. Why? Because the step-by-step example methodology and information is gold.. Not really found in other places as far as I've seen so far. Other typically explain their seemingly complex methodology that they have adopted, and beginner courses tend to focus on very beginner content. This has been middle ground information that is really useful! Looking forward to more!
@thehackerish Жыл бұрын
I am glad your found the content helpful! Thanks for sharing your feedback!
@bertrandfossung1216 3 жыл бұрын
This video met me at the right time. Thank you very much. I'll definitely learn a lot from it.
@thehackerish 3 жыл бұрын
Glad the timing was perfect for you ! Enjoy
@avijitmazumder1762 2 жыл бұрын
Just the video I wanted. Thanks.
@medjassertoubib4467 3 жыл бұрын
those are the kind of video we want to see . great video dude wish you all the best
@thehackerish 3 жыл бұрын
Thanks!
@Xplo8E 3 жыл бұрын
Finally what I wanted I got🔥❤️👍
@a.for.arun_ 2 жыл бұрын
Great content 👍🏻
@xrfox1634 3 жыл бұрын
Thanks for the video!
@thehackerish 3 жыл бұрын
Enjoy! my pleasure :)
@jissjose1382 3 жыл бұрын
This was the one i searching for
@thehackerish 3 жыл бұрын
I am glad you liked it :) Enjoy!
@user-tg6vk4ig3i 3 жыл бұрын
Awesome. Maybe you can show us more challenges from this website and how you solve them:) It was a great help for me understanding how an Bug Bounty researcher is thinking!
@thehackerish 3 жыл бұрын
As much as I'd love to, this might spoil the fun for you and skew the leaderboard on the website. I will think about it though.
@user-tg6vk4ig3i 3 жыл бұрын
@@thehackerish Thank you so much!
@goodboy8833 3 жыл бұрын
Very Good Quality content.
@thehackerish 3 жыл бұрын
Thank you
@ahmedehab6899 3 жыл бұрын
great video i'm Looking forward to reading the book
@thehackerish 3 жыл бұрын
Hope you enjoy it!
@xbparmar 3 жыл бұрын
Awesome ❤️
@thehackerish 3 жыл бұрын
Thank you! Cheers!
@Adam-wc5ol 3 жыл бұрын
Nice video
@chrismcnabb3134 3 жыл бұрын
Great video! Thanks! Is the "A Bug Bounty Hunting Journey" book available yet?
@thehackerish 3 жыл бұрын
It is available: www.amazon.com/dp/B08T81PP65/
@psychoSherlock 3 жыл бұрын
You deserve more 👏👏👏
@thehackerish 3 жыл бұрын
Appreciate your comment! Share the channel in your hacking surroundings buddies :)
@psychoSherlock 3 жыл бұрын
@@thehackerish did already..... Ma discord buddies are on the way.... 😄
@thehackerish 3 жыл бұрын
@@psychoSherlock You are the best!
@psychoSherlock 3 жыл бұрын
@@thehackerish Nop, you are. I felt like you teach something in a way no other KZbinrs does........ That's y I asked them....
@darshanjogi5781 3 жыл бұрын
nice video
@thehackerish 3 жыл бұрын
Thanks
@naumanalam1 3 жыл бұрын
I just say woowwwww
@jbrown8274 3 жыл бұрын
so do the flags coincide with vulnerabilities within the domain, if this was real life would those flags be something that could be abused and therefore reported in a BB report?
@thehackerish 3 жыл бұрын
Some, not really. Others, definitely! It depends on the situation.
@vihangadeshan2587 3 жыл бұрын
Really Helpful. Where can I find the e-book (A bug bounty hunting journey...)
@thehackerish 3 жыл бұрын
Will be shared once ready :)
@vihangadeshan2587 3 жыл бұрын
@@thehackerish looking fwd to reading it :)
@androzilla9825 2 жыл бұрын
It’s ready or not 🌝
@zerobyte536 Жыл бұрын
Lol clicked video because it said you were going to hack an actual bugbounty target, then i see its a ctf. Was going to say how did het get to release this! Every bugbounty i have ever done has a non-disclosure. Lol any way good video for beginners
@thehackerish Жыл бұрын
I had permission from one developer to release a video doing bug bounty, well... web hacking, cuz I did it for free. Check it out, kzbin.info/www/bejne/l5qyomCvhN-ajZI
@maheshkarunanithi2970 3 жыл бұрын
alternative for burp collabrator
@position876 3 жыл бұрын
When did a CTF become a "bug bounty target"?
@thehackerish 3 жыл бұрын
When we started watching new websites providing bug bounty-like challenges in the form of a CTF.
@Arfat-Khan Жыл бұрын
I have exploit no rate limit, but now its been duplicate, what else i can do based on no rate limit. Further what can i exploit?
@thehackerish Жыл бұрын
bruteforce directories for interesting ones? passwod spraying using a custom wordlist?
@Arfat-Khan Жыл бұрын
@@thehackerish ok thanks
@asaad0x 2 жыл бұрын
Wow That was so smooth makes it look very easy to be hacker 😁 keep going bro
@karthik3913 Жыл бұрын
Idk why iam always finding errors while running the tools I applied as same as u applied
thehackerish
Рет қаралды 241 М.
Bug Bounty Reports Explained
Рет қаралды 144 М.
Bug Bounty Reports Explained
Рет қаралды 25 М.