He made $100K in 2 months from Bug Bounty! Learn from one of the best! Big thanks to Brilliant for sponsoring this video! Get started with a free 30 day trial and 20% discount: brilliant.org/DavidBombal Ben (Nahamsec) hacks platforms legally and with their permission! He gives us his top 3 Bug Bounty tips for 2023. // Websites recommended by Ben // * hackerone.com * www.bugcrowd.com/ * picoctf.org/ * portswigger.net/web-security * www.intigriti.com/ * www.hacker101.com/ * www.synack.com/ // Ben’s Social // Twitch: www.twitch.tv/nahamsec KZread: kzread.info Github: github.com/nahamsec Instagram: instagram.com/nahamsec Twitter: twitter.com/NahamSec Website: nahamsec.com/ // Videos mentioned // Ben's $100K video: kzread.info/dash/bejne/hn99p7qwf8bIlsY.html Kali Linux Nethunter Android Install in 5 minutes (Rootless): kzread.info/dash/bejne/fayDqduud9SWhNY.html // KZread channels recommended by Ben// @InsiderPHD: www.youtube.com/@InsiderPhD @FarahHawa: www.youtube.com/@FarahHawa @STOKFredrik: www.youtube.com/@STOKfredrik @phd_security: www.youtube.com/@phd_security @_JohnHammond: www.youtube.com/@_JohnHammond @IamJakoby: www.youtube.com/@IamJakoby @HackerSploit: www.youtube.com/@HackerSploit @BugBountyReportsExplained: www.youtube.com/@BugBountyReportsExplained // Recommended Books // Atomic Habits by James Clear: amzn.to/46D8yDE Hacking API’s by Corey J. Ball: amzn.to/3NRTafh Bug Bounty Bootcamp by Vickie Li: amzn.to/3JAPZWS The Web Application Hacker’s Handbook 2 by Daffyd Stuttard and Marcus Pinto: amzn.to/3XvNmLp // MENU // 00:00 - Coming up 01:00 - Brilliant sponsored segment 02:31 - Making $100K in 2 months with bug bounty 04:43 - Top 3 tips for starting with bug bounty 06:15 - Top 3 technical tips for bug bounty 08:10 - "Don't learn to hack, hack to learn" // Consistency is key 11:32 - Top 3 free learning platforms for bug bounty 12:47 - Top 3 bug bounty platforms 15:08 - Vulnerability Disclosure Programs // How VDPs can open doors to opportunities 19:55 - Top 3 recommended KZread channels 21:27 - Top 3 recommended books 22:17 - Top 3 technologies to understand 23:45 - Helping others // Twitch, KZread & Twitter 25:35 - Conclusion // MY STUFF // www.amazon.com/shop/davidbombal // SPONSORS // Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel!

@rxtechandtrading

11 ай бұрын

i made 10million dollars in 1 year forex trading- do you beleive me??? is there any proof that this man actually made 100k in 2 months!!! if so, can u send me a link?? I mean this guy is making some pretty outrageous claims, mabey 20years ago he could of made that, but now, with ALL the compitition out there!! highly doubtfull man!!

David, I must express my deep appreciation and enjoyment for your videos. I've had the pleasure of watching around 30 to 40 of them, and with each one, I've gained valuable insights and knowledge. Your collaborations with other influential creators have been truly inspiring as you mutually support and uplift one another. I also want to mention that Ben's content is excellent; I hadn't come across him before, but now I'm eager to explore his videos as well. Your dedication and passion in creating these videos fuel my own aspirations, providing me with the inspiration and motivation I need to pursue my goals. I want to extend my heartfelt gratitude for everything you do for all of us. Thank you! You are a legend!

New sub! Thanks both. Circumstances changed for me in December, been looking for a complete change so my lifelong fascination with computers is now becoming the focus with a view to getting into IT, and this is definitely a field of interest. Currently doing the basics, A+ net+ and hopefully sec+ but more with a view to filling in the blanks rather than to get a help desk job. It's a journey not a destination so learning a little every day. Thanks for the great content.

Thanks David for the interview. It's informative and gives confidence.

Very informative video! Thanks a ton for all the valuable information, looking forward to starting my journey

Wow! That was so informative and encouraging. I started on the bug bounty path earlier this year and became quickly overwhelmed and discouraged. This video (David's insightful questions and Ben's thoughtful answers) has prompted me to reset, reassess, and start over with a more positive outlook. Many thanks to both Ben and David -- and yes, I've subscribed to both.

Been waiting for such interview a lot. Hope u do more videos like this in the future 🙏🙏. Really appreciate what u r doing for the community David❤❤ .

@davidbombal

11 ай бұрын

Thank you! And you're welcome!

I felt alot of what he said, especially as a bjj competitor you learn that everything needs consistency and teamwork

@davidbombal

11 ай бұрын

Agreed.

@BERTDELASPEED

11 ай бұрын

My man 🤜🏾🤛🏾

Thanks David Bombal ❤❤❤

Insightful 👌 it gives me more energy to learn

@davidbombal

11 ай бұрын

Happy to hear that!

Amazing knowledge

I've been following you ever since I got into hacking. I gotta say it, these interviews that you are doing is pretty amazing and nothing like the content you've made before. Always brings something new and interesting to the table. Please, keep it up. Looking forward to seeing more amazing guys soon.

@lucaszecat

10 ай бұрын

Would you advise any specific cert ?

Great video... Really motivated me a lot... I would also suggest another guy kinda in the pentesting side that's Sabyasachi. His explanation is awesome. Though he's new to content creation but still has valuable content. 🤗

Thank you for the Great content with amazing badass guest! Keep on rocking! 👏🤘🔥🔥

Brilliant interview as always !

Thats one of the most informative videos ive ever seen

Great advice thanks for this guys :) Something i am doing is Hack The Box Academy with walkthrough videos if i get stuck and then going to be doing Hack The Box guided mode after the academy as want to change from sysadmin to Cyber Security. I am 42 and was inspired by one gentleman who was 50 and got into hacking :)

I've learned so much from your channel and Ben's you guys are helping others everyday :-)

Great content as usual David. Thank you

Cool content David as always

David 👌 its absolutely true that interactive hands on is the best way to learn .personally its my preferred choice. Great content David and Ben 👍👍

@davidbombal

11 ай бұрын

Thank you! Glad you enjoyed the video :)

Subscribed. I see bug bounty as my retirement plan for extra cash. I have been doing IT and cyber security work since 95 and this may be a good way to keep me sharp and earn a few extra dollars. It will be nice not having to work except when I want to.

Interesting topic you presented and keep it up. 😎

@davidbombal

11 ай бұрын

Thank you. You can learn so much from Ben!

Great content again from mr Bombal. here's a suggestion, maybe DevOps next?

Just a weird question but when your doing the bug bounty are you grabbing boot leg to check the software? Asking for a friend

Thank u david for this video !!Love from india 🇮🇳

حلقه مميزه❤

The best Chanel ever!

Thank you David for bringing value people into your interviews as always

GOOD INFO. 😎👍🏾

A great guest, I love his channel.

@davidbombal

11 ай бұрын

Agreed! Ben posts amazing content!

@camelotenglishtuition6394

11 ай бұрын

@@davidbombal As do you David :)

@davidbombal

11 ай бұрын

Thank you :)

Du bon contenu, comme d'habitude continue comme ça.

@davidbombal

11 ай бұрын

Thank you!

Nice to see ben here. Thank you

@davidbombal

11 ай бұрын

Thank you for watching! Agreed - great to have Ben back :)

I recently turned 17 and about two years ago I made around 8k of off web hacking I get very frustrated when I spend days on target and I don't find anything, that's why I'm switching to web3 and smart contract hacking tbh, at least you're investigating your time with something worth the effort

@orbitmouf

11 ай бұрын

Where can I find more info on this? I would love to start doing this in addition to learning solidity, any discords or similar bug bounty groups I can look at?

Bug Bounty program saturation is a thing... And in my opinion it's the most important thing to bear in mind when looking at the profitability of your time in a bounty program.

@TheBenchPressBoss

7 ай бұрын

true

Ty

@davidbombal

11 ай бұрын

You're welcome!

Good day sir Mr Davidbombal. He talked about the E1-ELITE behind him is that also a book we could read or probably I could read speaking for myself and if years I'm finding it difficult to get the book Thanks

Thanks David for aspiring we the up coming hackers 🎉❤

The video idea is brilliant

@davidbombal

11 ай бұрын

All credit to Ben :)

THE FREAKING INTERVIEW / VIDEO / COLLAB WE NEEDED ON THIS CHANNEL !!! LOVE YOU BOTH MENTORS !! 🙏🙏🙏🙏💖💖💖💖🔥🔥🔥🔥❤‍🔥❤‍🔥❤‍🔥❤‍🔥

@davidbombal

11 ай бұрын

Thank you so much! Ben is amazing!

@rdx8122

11 ай бұрын

@@davidbombal you both are like blessing to me 🙏🙏❤❤

Awesome ❤❤❤

@davidbombal

11 ай бұрын

Thank you!

#davidbombal ....two legends in one video 💫😇🔥🔥

the only thing that matters in bug bounty is that how much your are consistent to work on

Great 👍

id really love to get into hacking , is there any specific way or concept to start with ? because it is really overwhelming :( im still an engineering student so if there is any way to start learning this (preferably for free ) i would really appreciate any kind of help . thanks for the cool content

Do you have access to the algorithm or something cause I’m literally learning ethical hacking and I want to do bug bounty

Gone try 👍

@davidbombal

11 ай бұрын

All the best!

I think my problem is just writing the reports lately and then when I find it and it work out I try to go longer looking for more and I eventually loose what I had found.

amazing

@davidbombal

11 ай бұрын

Glad you think so! Make sure you subscribe to Ben's KZread channel :)

@islem_23

11 ай бұрын

@@davidbombal Of course, I'm a subscriber, you're the best I've ever had 🇩🇿Greetings to you from Algeria

Good

@davidbombal

11 ай бұрын

Thank you!

Nice nahamsec here

@davidbombal

11 ай бұрын

Agreed. Great to have Ben back again :)

good👍

@davidbombal

11 ай бұрын

Thank you!

Helo sir plz Help me i am buying a leptop but very confused plz suggest a under 35k laptop for programming .

If it ain’t easy, it’s because it’s worth doing.

DAVID PLS REPLY ME. A lot of us have watched your videos specially the one video that you use WiFi adapter to hack WiFi or to do 4 way handshake. I but I know that a lot of us who are new to hacking or are green hat hackers. We can't find that adapter which supports monitor mode 😩🤔 sooo is there an other way to get the job done and do 4 way handshake using other methods ? Like maybe using python or other tools in Linux or using the powerful module scapy from python ? I'm saying that a lot of us can't get that WiFi adapter which supports monitor and injection modes. So what can we do it we can't literally find the WiFi adapter? Other ways to do the job ? Plsss reply me I'm a big fan and this is very useful information if you can help it would be great;)

What is VDS ???

@davidbombal

11 ай бұрын

Vulnerability Disclosure Programs (VDPs) - more detail here: www.hackerone.com/vulnerability-management/bug-bounty-vs-vdp-which-program-right-you

@omkarm.9340

11 ай бұрын

@@davidbombal Thank you so much David sir 🥰

PhD security 😊

❤🎉

I have been thinking about bug bounties, but what if I am slow learning and it takes months to get up to speed, should I still pursue web hacking???

@98854arjun

11 ай бұрын

would be difficult.

@Poopiesson

11 ай бұрын

The more you learn, the less you have to to learn. Persistence is key, I've never seen anyone fail at doing what they love to do.

Are cyber security jobs in danger due To Ai. Sir supposed you are a beginner in IT in this era would you like to enroll yourself in cyber security field?

@c0smoslive391

11 ай бұрын

Don't get fooled by the apparent intelligence of LLMs (and the hype train), they're cool but limited and we'll still need humans for a long time !

@Ehtisham_akhter

11 ай бұрын

@@c0smoslive391 so i can choose cyber security without any hesitation?

i found a way to put kali on an sd card

I know a South African when i hear one😂

Is there an Arabic language? I hope there is an Arabic language in this application

i really wonder how much of wat u say is BS , or the truth?? prob a mixture of both

Bug bounty is at best a side gig; a scam at worst. The payout depends on the company, and such companies want to pay as little as possible for the bounty.

Ippsec is my favorite... He is so good in Linux command and I love how he prevesc

you forgot networkchuck!

Or it's probably H1-elite =Hackerone elite !!

so i did some automated api endpoint enumeration testing (via feroxbuster) and managed to get into the /etc/passwd file on my friends web server he allowed me to hack-BUT - this was the contents of the file: root:x:0:0:root:/root:/bin/bash daemon:x:1:1:daemon:/usr/sbin:/usr/sbin/nologin bin:x:2:2:bin:/bin:/usr/sbin/nologin sys:x:3:3:sys:/dev:/usr/sbin/nologin sync:x:4:65534:sync:/bin:/bin/sync games:x:5:60:games:/usr/games:/usr/sbin/nologin man:x:6:12:man:/var/cache/man:/usr/sbin/nologin lp:x:7:7:lp:/var/spool/lpd:/usr/sbin/nologin mail:x:8:8:mail:/var/mail:/usr/sbin/nologin news:x:9:9:news:/var/spool/news:/usr/sbin/nologin uucp:x:10:10:uucp:/var/spool/uucp:/usr/sbin/nologin does anybody know how i can ACTUALLY get a hold of the password hashes for each user here in the second field after the first : ????????

You forgot to mention @LiveOverflow #LiveOverflow

NIGGA WE SHOULD GATEKEEP IT

We forget to mention the one of best in web hacking and the most humble one #Rana_Khalil ❤️❤️ @Ranakhalil101

@davidbombal

11 ай бұрын

Thanks for sharing! Rana is amazing!

Thank You David for another informative interview.