Come hangout with us on Discord! discordapp.com/invite/ucCz7uh Remember my example is simplified for the sake of this video and I did have to jump through a few hoops like: a small filter bypass, CSP, and finding a legacy API endpoint in order to get my account takeover to work. The next time you find an XSS find a way to gain access to your "victim's" account without just trying to leak their current session/cookies. P.S.: Course update is underway!

Try to make videos about SSTI and SQLi. All are finding SQLi in cookie,param and login page. I can’t understand how the SQLi works in some areas. Please make a video about SSTI and SQLi.

I would love to have you opinion on wether i as a beginner should learn one vulnerability first and look for it anywhere, or i should pick a target and learn how to look for many vulnerabilities there.

You always talk about money, and I think you are trying to attract viewers because you know that they need money. You follow the same method as financial speculation videos and stock exchanges in attracting victims. The topic of Bounty Bugs is very difficult and requires knowledge and time to learn, and not in this way that you present and simplify it in order to attract views.

Good stuff and I can actually understand the way you explain stuff.

give us top 5 bugs finding tutorials..

Hii, Can you share the links for 5 week program? I totally lost.

need some video on RCE on latest app

Wow sir keep it up , present

we want vuln explain

This dude still selling bs about big bounty come on man do your stuff and stop try to sell lies to people that wants to get a career cause you damn know very well that bug bounty unless you have another job and a lot of time do not pay shit

Thanks, your videos are really well explained. Learning with your videos is a time saver in some research’s.

I would love if you could make your voice louder as it is a bit hard to hear from my side

RCE naham

Add some videos about SQLi , how ,where to find, how to identify and exploitation.

Am new to this game any direction because I don't knw wey to start from and those 100+ pages books aren't helping

I see you have hella notion notifications lol same same....hey you got any cool templates for notion or anything? Hacky things lol? Check lists? Im a sucker for a good checklist lol

Is "US Dept Of Defense" paid bug bounty program or free?

Information Disclosure --> It is popular and it has so many different types

Please Sir make a video on Business Logic Error vulnerability

ey Naham you just got rickrolled by coffin haha

Hey, will you do an update of the course materials? If so, when? :)

I have got a stored XSS, but you need to be an admin to inject payload. Any tips on this 😕

How do you like the 8bitdo keyboard? I've been thinking about getting one.

IDOR

very informative video thanks :)

It would be great to create SSRF content

Business Logic Flaw 🤓🤓🤓🤓🤓🤓

Deep Dive RCE or SQLi

Thats a cool escalation, Thanks for the continues contribution to the community👏🙏,

Fire video bro

Great Content ...

Great!!

Awesome 🥰

nice one

Thanks bro ❤

Hey Nahmsec! Hope you are well!

Can you guys validate this is this a valid bug: If there is a email change feature in application after login. In here by putting victim email instead of sending link to unregistered email we getting link on attacker email (base email ) is this a valid case or some case there is no verification email. We click on link and get registered? With victim email