Come hangout with us on Discord! discordapp.com/invite/ucCz7uh Remember my example is simplified for the sake of this video and I did have to jump through a few hoops like: a small filter bypass, CSP, and finding a legacy API endpoint in order to get my account takeover to work. The next time you find an XSS find a way to gain access to your "victim's" account without just trying to leak their current session/cookies. P.S.: Course update is underway!

Try to make videos about SSTI and SQLi. All are finding SQLi in cookie,param and login page. I can’t understand how the SQLi works in some areas. Please make a video about SSTI and SQLi.

Good stuff and I can actually understand the way you explain stuff.

I would love to have you opinion on wether i as a beginner should learn one vulnerability first and look for it anywhere, or i should pick a target and learn how to look for many vulnerabilities there.

Thanks, your videos are really well explained. Learning with your videos is a time saver in some research’s.

Information Disclosure --> It is popular and it has so many different types

Thats a cool escalation, Thanks for the continues contribution to the community👏🙏,

ey Naham you just got rickrolled by coffin haha

I see you have hella notion notifications lol same same....hey you got any cool templates for notion or anything? Hacky things lol? Check lists? Im a sucker for a good checklist lol

How do you like the 8bitdo keyboard? I've been thinking about getting one.

Fire video bro

Hey, will you do an update of the course materials? If so, when? :)

Hii, Can you share the links for 5 week program? I totally lost.

Is "US Dept Of Defense" paid bug bounty program or free?

Am new to this game any direction because I don't knw wey to start from and those 100+ pages books aren't helping

I have got a stored XSS, but you need to be an admin to inject payload. Any tips on this 😕

It would be great to create SSRF content

very informative video thanks :)

Please Sir make a video on Business Logic Error vulnerability

give us top 5 bugs finding tutorials..

I would love if you could make your voice louder as it is a bit hard to hear from my side

Add some videos about SQLi , how ,where to find, how to identify and exploitation.

Hey Nahmsec! Hope you are well!

Wow sir keep it up , present

Thanks bro ❤

Business Logic Flaw 🤓🤓🤓🤓🤓🤓

Great Content ...

need some video on RCE on latest app

Deep Dive RCE or SQLi

we want vuln explain

Great!!

Awesome 🥰

nice one

RCE naham

IDOR

You always talk about money, and I think you are trying to attract viewers because you know that they need money. You follow the same method as financial speculation videos and stock exchanges in attracting victims. The topic of Bounty Bugs is very difficult and requires knowledge and time to learn, and not in this way that you present and simplify it in order to attract views.

Can you guys validate this is this a valid bug: If there is a email change feature in application after login. In here by putting victim email instead of sending link to unregistered email we getting link on attacker email (base email ) is this a valid case or some case there is no verification email. We click on link and get registered? With victim email

This dude still selling bs about big bounty come on man do your stuff and stop try to sell lies to people that wants to get a career cause you damn know very well that bug bounty unless you have another job and a lot of time do not pay shit