Updated Beginners Guide to API Bug Bounty

Подписаться 82 тыс.

Просмотров 14 тыс.

50% 1

If you’re just getting started with bug bounty hunting, web APIs are a fantastic place to start, they’re easy to approach, can’t easily be automated and are full of bugs.
Join the free, API security live class on Zoom webinars www.traceable....
This series couldn't happen without the support of our sponsor Bugcrowd, Bugcrowd is the best place to start hacking with a wide range of public and private programs from APIs to Desktop Applications and everything in between. Not ready to jump into a public program yet? Fill out your platform CV and sign up for a waitlisted program. Tell Bugcrowd a bit about your skills, previous certifications or experience and they’ll match you up with the right program using their industry-leading CrowdMatch technology. Whatever your level, there’s a place for you in the crowd. You can sign up with my link here: bugcrowd.com/u....

Опубликовано:

28 сен 2024

Ссылка:

Скачать:

Готовим ссылку...

Добавить в:

Мой плейлист

Посмотреть позже

Комментарии : 44

@skysunset877 8 месяцев назад

I really love this video! Thank you very much!!!

@cybernerddante 8 месяцев назад

Thank you for educating the community. You are my favorite bug bounty educator. I have a question about ffuf...how slow should I run ffuf for enumeration? You can set a rate/second with "-rate" or a delay beteeen requests with "-p"... I'm paranoid and sometimes only run 1-2 requests per second...grandpa-style 👴🐢

@InsiderPhD 8 месяцев назад

Depends on the client, should be in their scope or on the program page

@swapCode 9 месяцев назад

Thank you for sure all of this information Where video links that you mention?

@Micah-m1o 9 месяцев назад

very good and helpful thanks

@shubham_srt 9 месяцев назад

thanks

@Alexander007A 9 месяцев назад

Thank you for the new information MAAM, I'm learning JS will it help me in my API? is learning JSON is worth for API?

@InsiderPhD 9 месяцев назад

JSON yes JavaScript it depends, id focus on react

@Alexander007A 9 месяцев назад

@@InsiderPhD alright thank you react is also good.. by the way can you tell me why I got unsubscribe from your RU-vid channel?? When I subscribe after few days I got unsubscribe.?

@camelotenglishtuition6394 8 месяцев назад

silly-ish question but why react and not javascript? Just wondering as I'm choosing one of them atm@@InsiderPhD

@mateuszwojtowicz6270 9 месяцев назад

where can I find images from OWASP API Top 10 slide (16:55)?

@InsiderPhD 9 месяцев назад

That’s from an upcoming video :) coming out this week

@mateuszwojtowicz6270 9 месяцев назад

@@InsiderPhD bless you all of for those!!!

@0xanupam 9 месяцев назад

what if program using authorization Bearer token

@InsiderPhD 9 месяцев назад

Barer tokens work exactly the same as cookies

@tbjehad106 8 месяцев назад

KITERUNNER is not working any more

@abosi2733 9 месяцев назад

I live in Iran and I can't work with bugcrowd or hakerone 😢💔

@InsiderPhD 9 месяцев назад

Yeah Iran is still under international sanctions, it’s going to be the case for most bug bounty platforms or companies they just aren’t allowed :(

@f.n.k.b8678 9 месяцев назад

Need help here

@orbitxyz7867 9 месяцев назад

hoping more videos on web apis 😊

@InsiderPhD 9 месяцев назад

I’m actually running some free live classes in January over Zoom!

@orbitxyz7867 9 месяцев назад

@@InsiderPhD can we join free classes

@hackergod00001 9 месяцев назад

@@InsiderPhD would love to join

@abubakarmohammed2436 9 месяцев назад

How can we join?

@InsiderPhD 9 месяцев назад

Yup! Going to share details on Monday but you just need to register it’s 100% free

@dexincheng9135 9 месяцев назад

Hello insiderPhD, can you share your PPT?

@InsiderPhD 9 месяцев назад

Sorry I don’t because people are dicks and steal it, you can find some older stuff on leak websites though

@volodyakost4354 3 месяца назад

@finchking 5 месяцев назад

Most of your video is just wasting time. Nothing Practical! nothing new! Nothing Helpful for real world scenario?

@AnthonyMcqueen1987 6 месяцев назад

Enough talking and show some examples step by step would be more helpful and just this nonsense get to the point.

@0xanupam 9 месяцев назад

I stuck when i see authorization bearer token

@0xanupam 9 месяцев назад

easy to play with cookies

@jasonl9266 5 месяцев назад

A brother that code is Brogrammer

@EZ-HACK 9 месяцев назад

thanks im changing sides

@Exploit5lover 9 месяцев назад

Greetings 🤗

@Loopbob4 9 месяцев назад

Tank you ❤

@MFoster392 9 месяцев назад

Thank you for the information :)

@orbitxyz7867 9 месяцев назад

Where is the zoom link mam

@InsiderPhD 9 месяцев назад

Will be announcing it soon, taking a bit longer to sort out the registration form than I expected

@ISaIGoI 9 месяцев назад

I have found an IDOR vulnerability but can't access other users' "id", should I report it?

@InsiderPhD 9 месяцев назад

As in you can’t find how you would discover the other ID?

@ISaIGoI 9 месяцев назад

@@InsiderPhD Yeah, ID looks like this " id=69690bb85f0ea26a7e5a962746cf008b8"