When I hunt on a target, I notice that headers, parameters, and cookies are all validated. However, when I see someone’s (PoC) on Twitter, the cookies are minimal, and there are very few headers. It looks similar to a PortSwigger lab request/response-no token validation, minimal security. They simply use basic time-based SQLi payloads and successfully get an SQL injection. I think I might be choosing targets that are too difficult. Could you make a video on how to select the right target?
Great Video, Learn a lot , having same problem and got my answer though this video , ( got this video in my feed and its absolutely amazing ) , great job , Keep Going
Baller video, lots of info nuggets here and there. Hope algo gods are kind to you! Good luck, hope to work with you guys one day! Take care, all the best! :)
Sadly, I feel am no closer to finding my first paying bug than I was when I started. I have no idea what I am doing. I sit in front of my computer all day, just wasting my life. I am not sure how to get on track, but thanks for trying.
@@sumitkumar-uo9jm to say that I "hack" would be an insult to hacker. I am A HACK, that wants to hack, but don't know if I can hack it. Just feeling overwhelmingly discouraged. I have been studying and learning this for about 2 years now and I have not made a single penny doing it. Its my own fault.
Infosec is updating day by day, with the help of AI some of the task and stuffs can be lifted off, but with emerging AI its also increasing the attack surface for bug bounty hunters to look for bugs in there AI integrations.
Bro I appreciate your work. Can you share this report (Internal backlog) hackerone report link please. It'll be more helpful to add your report in the reference/supporting material section. Thanks.
@@MaulikGohil-wg2vt Its a gem bro, I am very much satisfied and happy. To the point, no BS and sharing all the possible details of his report and methodologies and researches.
sir can you plz explain some more buga ,so i earn some money . my financial condition is very bad so i cant afford the course .once i earn something i will definatly join your course