I’ve been programming for a few years and have started getting into cybersec recently. Your videos have been one of the best resources I have found by far and I just wanted to let u know how helpful it’s been and that I appreciate everything you have done and are doing for the community!!
This video showed me exactly why finding things is so hard and exactly why the phrase "you don't need burp pro when starting" is bullshit. You are absolutely at a disadvantage if you don't have it.
Yeah this video just taught me a lot, but disheartened me at the same time. I was hoping to get into bug bounties to pad my resume so I could get into a security role, but I'm literally just staring at a fully automated workflow with paid software. I don't see how I would be finding bugs for any bounty program at my skill level.
There are very successful bug hunters that have very different workflows / methodologies. In fact, there are some very successful bug hunters that will only use tooling that they themselves coded, for some very good reasons. You don't have to use every tool under the sun. Get proficient at a scripting language, get some regex skills under your belt and you can do anything that these tools can do. I haven't spent a dime on tooling. Hurricane Electric (ASN nifo etc.) is free. Builtwith allows for a decent amount of use for free. Last time I checked their lowest tier paid plan it was crazy expensive. No excuses! ;)
lets say a person has developed a skill that allows said person to bypass firewalls and handshake situations on a global scale.. meaning there is not an existing firewall or situation that the person could not bypass if said person chose to do so.. how would you go about monetizing such a skill/trick to get the most from it?... subscribed. p.s... I realize a lot of people will see this and come sniffing around, trying to steal something they could simply ask for..so to those people I say this.. I have a SSH-HIT LIST and I can assure you it is a list that you do not want your axx to be on. Ask and ye shall receive but stay in your lane and off of my SSH-HIT LIST.
calling this training is an overstatement to say the least. the screen is too small to really see and understand what hes doing, and hes going so fast who can follow along except another pro
People says bounty hunting is "easy money" . Well , they say it because they have never tried it anyway. *stressed out by wasting so much time on bounty hunting*