IBM - Live bug bounty hunting on Hackerone 

Can you give your email ? I have some project if you intersted

Can you give your telegram i have some project if you interested

Hi! Can u make a tutorial on how to install the Spyhunt tool?

@@Justanormalguy01Do it yourself that’s how you learn the best 👍🏼

same here

really

Really

Really

really

really

In MacOS you can simply go to terminal settings and change your background to any photo you like (change the blur of the background, opacity etc.). The rest is ZSH.

If you mean origin ip, as in the backend of a website. Use Censys, Fofa, Zoomeye.

These "attacks" are completely legal. Companies will ask hackerone to connect with hackers to find network vulnerabilities, such as bug bounties

@@bo_68 but the guys i saw using vpn said they use vpn just if the tools to use make blacklisted your main ip while scanning

@@andresbarrera3298 As you can see, the author has not been blocked by ibm, if he was blocked he would have changed to using VPN. hahaha

@@andresbarrera3298 It depends on the scanning blocking mechanism set up by each service

Once you learn the owasp top ten, you can start hunting for the vulnerabilities

i think the OS doesnt care much, cuz tools are programmed with python, so if ur SO can run python u you wouldnt have problems

These tools look like they are all ran in python. It doesn't matter if you are on Mac, Windows, or Linux, as long as it can run python, you can do this method.

Personally I'm using the M1 macbook. It's not about the OS, it's about the structure the computer are based on. Like my macbook using the M1 chip built on ARM structor, I had have quite a hard time running a lot of tool because most of them are all built on x86 structor (most computer and cpu like Intel and AMD uses the x86 structor). My solution so far was to use an old laptop, install ubuntu and ssh into it like @Dani-Zsh, but it has some drawback of only viable through LAN cause I'm a college student and I can't mess with the dorm room network to open a NAT port for remote uses. Another solution that best work for me was to use a AWS cloud computer. They has x86 base and are free for low-end rig (750hours each month for a year. after a year just shut it down and create a new account) and they already has a public ip, PEM key made easy for remote use.

Older macbook that uses intel chip are fine tho

cat the requirements, pip install install requirements separately run spyhunter after each install (I am assuming it's spyhunter) see the error and repeat install process for each lib or software etc that is required.

Comience a hacer lo basico en la academia web de Portswiggers, aprendera mucho sobre todas las vulnerabilidades de web.

@@gotr00t0day gracias 👍 muy bueno tu contenido, seguí así Bro 💪

Dale sin miedo, eso es como cuando empiezas a usar linux, te da miedo la cli pero una vez te tiras ya la agarras ritmo. También estoy empezando al bug bounty pero la única manera de saber mas es practicando.

@@jameshernandezm.8563 uh yo no me animo mucho jaja, sobretodo porque en lo que "no está permitido", te ponen muchas restricciones con temas como el fuzzing web o enumeración de sub dominios y la verdad es que eso es necesario hacerlo, sino de que modo podrías encontrar algo?? Me da miedo más que todo el tirar una herramienta para realizar búsquedas porque podría tirar el servidor. Pero acá el amigo le manda sin miedo por lo que veo jaja

Puedes encontrar muchas en Google jeje. Solo toca buscar, se que también hay muchos vídeos que enseñan seguridad informática en español en RU-vid. Buena suerte ;)

It’s actually macOS ;)

​@@gotr00t0day How did you do it means Macs can't be used for hacking or penetration testing but how did you do it and do you have any related videos

@@MDKhairulIslamBablu Mac’s can be used for hacking and coding, not sure why people think otherwise lol ;)

@@gotr00t0day brother please upload a video about how can we make our Mac os as a Hacking Machine please 🥺

@@MDKhairulIslamBablu Ok ;)

16GB is enough, 512GB SSD with the M3 chip and wireless Magic Keyboard / mouse. ;)

I’m using the iMAC M3 16GB of RAM and 512 SSD which is awesome

​@@gotr00t0day I'm using M1! The whole lab set up on your local host??? or Use any cloud VM and connect through ssh???

@@gotr00t0day I'm using M1. This whole Lab setup on your local system (imac) or u are using cloud vm which you connect through ssh????

@@aritdutta8400 no

@@gotr00t0day That's mean you setup the whole lab on your local system (imac) ??

i think mitmproxy can also intercept and modify requests and it's command line based.

You can either brew install them or clone the repo from github

I write my own tools, that's why you see me modifying spyhunt on the fly. Burpsuite is the go to to intercept traffic and really test the application for vulnerabilities.

🫣🫣🫣

he has a github page

internet

Is processing, its always 4K.

Good to hear that continue and btw you are awesome@@gotr00t0day

x2

@@keloo5215 wdym?

Python

This is just macos & using it's terminal

as long as the company is aware of the vulnerability and fix it i think pretty safe.

Hahahahahaha

Open an issue request on github and I’ll look at it

@@gotr00t0day done

Idk lol, only if they knew that MacOS is based on Unix just like Linux.

Yeah, is mostly reconnaissance, I don’t like exploiting anything on the live, unless is CTF or something like that

@@gotr00t0day i got dude thanks :) keep going on

www.github.com/gotr00t0day/spyhunt ;)

The desktop wallpaper was made by a friend of mine, and the terminal background you can find on google by searching Fsociety ;)

run apt update first, then run install and if you have errors see my response further up

FAX

Not anymore ;)

here its 4k 🙄

Sorry, a lot of people like it with the background music lol

This is not kali, it's macbookpro with macos..

Fixed, you can pull now to update.

@@gotr00t0day thnx i will give it try again than i will tell u what happend

www.github.com/gotr00t0day/spyhunt

Thanks@@gotr00t0day