Updated Beginners Guide to API Bug Bounty
Рет қаралды 12,294
6 ай бұрынIf you’re just getting started with bug bounty hunting, web APIs are a fantastic place to start, they’re easy to approach, can’t easily be automated and are full of bugs.
Join the free, API security live class on Zoom webinars www.traceable.ai/resources/lp...
This series couldn't happen without the support of our sponsor Bugcrowd, Bugcrowd is the best place to start hacking with a wide range of public and private programs from APIs to Desktop Applications and everything in between. Not ready to jump into a public program yet? Fill out your platform CV and sign up for a waitlisted program. Tell Bugcrowd a bit about your skills, previous certifications or experience and they’ll match you up with the right program using their industry-leading CrowdMatch technology. Whatever your level, there’s a place for you in the crowd. You can sign up with my link here: bugcrowd.com/user/sign_up.
@skysunset877 5 ай бұрын
I really love this video! Thank you very much!!!
@MFoster392 6 ай бұрын
Thank you for the information :)
@user-sh6bp7mt6p 6 ай бұрын
very good and helpful thanks
@swapCode 6 ай бұрын
Thank you for sure all of this information Where video links that you mention?
@EZ-HACK 6 ай бұрын
thanks im changing sides
@Loopbob4 6 ай бұрын
Tank you ❤
@shubham_srt 6 ай бұрын
thanks
@dantesderivatives 5 ай бұрын
Thank you for educating the community. You are my favorite bug bounty educator. I have a question about ffuf...how slow should I run ffuf for enumeration? You can set a rate/second with "-rate" or a delay beteeen requests with "-p"... I'm paranoid and sometimes only run 1-2 requests per second...grandpa-style 👴🐢
@InsiderPhD 5 ай бұрын
Depends on the client, should be in their scope or on the program page
@orbitxyz7867 6 ай бұрын
hoping more videos on web apis 😊
@InsiderPhD 6 ай бұрын
I’m actually running some free live classes in January over Zoom!
@orbitxyz7867 6 ай бұрын
@@InsiderPhD can we join free classes
@hackergod00001 6 ай бұрын
@@InsiderPhD would love to join
@abubakarmohammed2436 6 ай бұрын
How can we join?
@InsiderPhD 6 ай бұрын
Yup! Going to share details on Monday but you just need to register it’s 100% free
@Alexander007A 6 ай бұрын
Thank you for the new information MAAM, I'm learning JS will it help me in my API? is learning JSON is worth for API?
@InsiderPhD 6 ай бұрын
JSON yes JavaScript it depends, id focus on react
@Alexander007A 6 ай бұрын
@@InsiderPhD alright thank you react is also good.. by the way can you tell me why I got unsubscribe from your KZbin channel?? When I subscribe after few days I got unsubscribe.?
@camelotenglishtuition6394 5 ай бұрын
silly-ish question but why react and not javascript? Just wondering as I'm choosing one of them atm@@InsiderPhD
@Exploit5lover 6 ай бұрын
Greetings 🤗
@0xanupam 6 ай бұрын
I stuck when i see authorization bearer token
@mateuszwojtowicz6270 6 ай бұрын
where can I find images from OWASP API Top 10 slide (16:55)?
@InsiderPhD 6 ай бұрын
That’s from an upcoming video :) coming out this week
@mateuszwojtowicz6270 6 ай бұрын
@@InsiderPhD bless you all of for those!!!
@ISaIGoI 6 ай бұрын
I have found an IDOR vulnerability but can't access other users' "id", should I report it?
@InsiderPhD 6 ай бұрын
As in you can’t find how you would discover the other ID?
@ISaIGoI 6 ай бұрын
@@InsiderPhD Yeah, ID looks like this " id=69690bb85f0ea26a7e5a962746cf008b8"
@0xanupam 6 ай бұрын
what if program using authorization Bearer token
@InsiderPhD 6 ай бұрын
Barer tokens work exactly the same as cookies
@dexincheng9135 6 ай бұрын
Hello insiderPhD, can you share your PPT?
@InsiderPhD 6 ай бұрын
Sorry I don’t because people are dicks and steal it, you can find some older stuff on leak websites though
@orbitxyz7867 6 ай бұрын
Where is the zoom link mam
@InsiderPhD 6 ай бұрын
Will be announcing it soon, taking a bit longer to sort out the registration form than I expected
@jasonl9266 3 ай бұрын
A brother that code is Brogrammer
@f.n.k.b8678 6 ай бұрын
Need help here
@tbjehad106 6 ай бұрын
KITERUNNER is not working any more
@abosi2733 6 ай бұрын
I live in Iran and I can't work with bugcrowd or hakerone 😢💔
@InsiderPhD 6 ай бұрын
Yeah Iran is still under international sanctions, it’s going to be the case for most bug bounty platforms or companies they just aren’t allowed :(
@volodyakost4354 Ай бұрын
@0xanupam 6 ай бұрын
easy to play with cookies
@finchking 3 ай бұрын
Most of your video is just wasting time. Nothing Practical! nothing new! Nothing Helpful for real world scenario?
@AnthonyMcqueen1987 3 ай бұрын
Enough talking and show some examples step by step would be more helpful and just this nonsense get to the point.
Kirill Multitool
Рет қаралды 68 МЛН