Bug Bounty Course 2024 Updated
All my videos are for educational purposes with bug bounty hunters and penetration testers in mind KZread don't take down my videos 😉 Ethical hacking web application hacking and bug bounty hunting
Install Virtual Machine • Beginner to Advanced B...
links to resources used in this course
overthewire.org/wargames/natas/
sourceforge.net/projects/juic...
gchq.github.io/CyberChef/
perspectiverisk.com/mssql-pra...
www.invicti.com/blog/web-secu...
tryhackme.com
hackerone.com
hackthebox.com
www.jetbrains.com/pycharm/dow...
• Beginner Bug Bounty Co...
chrome download - www.google.com/chrome/downloads/
chrome driver - chromedriver.chromium.org/dow...
0:00 About the course
1:33 ALL about Recon
01:46:33 URL Hacking
02:08:52 Installing Juice Shop
02:17:06 IDOR & BL
03:05:25 Updated IDOR
03:13:25 Updated SQL Injection
04:10:02 Path Traversal
04:28:03 Updated XML & XXE
04:42:05 Updated HTML & JavaScript
05:38:23 Updated XSS Cross Site Scripting
06:02:35 Updated API Enumeration
06:16:507 Updated JWT Hacking
06:25:56 SSRF Server Side Request Forgery
06:48:30 Command Injection
07:14:30 File Upload
07:35:42 LFI & RFI
08:04:53 Cookies and Tokens
08:25:32 Wordpress and CMS
08:49:25 Introduction to Python
09:44:46 Python GitHub Scraper
10:40:46 Introduction to Bash Scripting
Пікірлер: 167
Damn I watched "How to start Bug Bounty 2023" last year, passed my PJWT cert this year, found recently my first bug, but I'm still gonna watch this year edition, always something new to learn!
@TCS0
2 ай бұрын
Hi! Congratulations on your PJWT certification. I have a question to ask you. When you finished "How to start Bug Bounty 2023" last year, what did you do next? Because right now, I'm a bit lost. I don't know where to learn new things and where to practice for free. Hack The Box seems interesting, but it paid. If you can help me, thank you.
@Nckstr983
Ай бұрын
what type of bug?
@HoraceLM
Ай бұрын
@@Nckstr983 I've found Reflected XSS with ATO
@HoraceLM
Ай бұрын
@@Nckstr983 Reflected XSS with ATO
Awesome contents! Bravo . Been going through your 😢 past courses on your bug bounty for the past couple of days while going via the HTB CPTS . Bravo!
You read my mind man, thanks sir your content can't be matched on youtube, we're really glad that you provide such a quality content. Going to complete in two days anyhow, thanks a lot man : )
Many many thanks for this. This is awesome. I would prefer each chapter as a separate video in a playlist as trying to work along at the same time searching the timeline is a nightmare.
OMG, this is a massive course. Thank you so much for all your effort and commitment with our community.💗💓💖
Boss, could you please create a comprehensive video series covering advanced topics such as advanced time based blind SQL injection injection, XSS, LFI, RFI, and RCE, including the process of uploading web shells on Apache and IIS web servers in live website scenarios? Traditional platforms like test.vulner, DVWA, bWapp, PortSwigger, etc., fail to address real-world challenges like identifying origin IPs, DNS brute force attacks, reverse IP lookups, WAF/IDS/IPS circumvention, AWS/CDN/Tor, reverse proxies, and CMS security 🤙. Your unique content would be invaluable in educating the bug bounty hunting community about genuine issues and solutions. Thanks in advance for your contributions to the community.
@Yellow_Wolf25
6 ай бұрын
Boss he is making for beginners not for advance people
@BelWAir-lt7mx
6 ай бұрын
Try Harder
@rakanal.2925
6 ай бұрын
But boss those beginners will need advance topic some day @@Yellow_Wolf25
@silentfighter8070
5 ай бұрын
yeah i think there should be a real world example cuz after doing these courses we often face the difficulties that whenever we try to go for bug bounties we have seen that we are far behind to find a decent vulnerability i myself is now trying out burp suite labs to get some professional way of finding bugs i hope to get a better video or place where i can train myself to find decent vulnerabilities
@thrillhouse4784
5 ай бұрын
Boss trying to flex with reverse ip lookup lol
Thank you for your hard work and quality content that you share with us
Thanks man I usually don't watch this kind of content, but after seeing the length of it I got intrigued and now I'm half an hour in😅
11 hour course and It's free, you are god send sir, thank you so much.
At 8:03:33 "i:0" works for the access token because the server is comparing the access_token that is in our cookie to a valid one on the server. When it compares the two it uses the "==" operator. This operator behaves differently in PHP, basically our token is stored as a string normally, but if we modify the token in our cookie it to be an integer 0, it will cause the server to compare an integer to a string. PHP is weird in that it automatically tries to convert strings to integers if you ever try to compare the two with the "==" operator. If the string happens to start with a nonnumerical character it'll just convert the string to the integer 0. So 0=0 will evaluate as true and the access_token will be valid.
thank you so much for this! will have to watch it again for full video, after AOC
ive learned alot from the key group of ethical hackers who make content but your full free guides take the cake man! appreciate the time you all put in!
Wow i just got about an hour into your other bug bounty course and was loving it. Now time to switch to this course 😂
ty man gonna watch it throughout the next two weeks or so
Thank You a lot for all Your effort!
Thank you for such a great work 😊
I just got into hacking a few months ago, and your videos have been a massive help to me. I have yet to get into the bug bounty hunting process, but I'm excited to get started! Thanks for the impressive guides!
@lukuwazzow9553
3 ай бұрын
How?
Thanks for the course!
Thank you very much this course is the best ❤
thank you
thanks thanks thanks every detail of the update version of the previous version of the 11 hr course was written by hand the lines of code and references basically a lot of incredible stuff was written, I hope you read it because you are helping a lot with my work thanks we will still hunt a bug together I will be active thanks for the content really wtf bro this new version of yours is advanced vision a hug I hope you read it, a hug from a bughunter thanks again golden content
Great content... Great to explore for beginners
thanks for all your hard work
shout out to you man, thanks for providing this good content
Legend ❤ thanks
This is awesome! Thanks man.
Really appreciate your content.
Salute.... Thank you so much
Currently on the bash scripting part. Made till this far. I would just say a single word for this course and it is : marvelous
thanks bro
Thank You so much for your generosity 🙏❤️
Thank you sir ❤
You are the best
You are really awesome Man👍
Thank you so much❤
hey currently at the jucie shop part, is it okay that I do all of these challenges on my normal desktop(windows) not a virtual machine ?
really appreciate this course if youre still looking for suggestions would love to see more in depth and advanced videos on JWT hadnt ever really encountered that topic till now and its pretty cool. are these becoming prevalent in the wild?
MASSIVE, thanks a lot! Will you update your existing Udemy course as well? Or create another one? :) Thanks
Thanks
Thank you very much for your great effort!!
How did you achieve that smooth camera movement in this video?
thanks sir🙏
Thank you very very much!
Where would I find tutorials from a newbie perspective in a form of baby steps?
Great video
Wow, not many people share this amount of content for free on youtube! I am subscribing just for that!
Hey, tysm but how can this help in bug boounty hunting as a data analyst?
Legend ❤
Thank you
Legend
Ryan John is a good man; and thorough.
@UGPVlogsLA
4 ай бұрын
Yep, he’s a very very good man! And so say all of us!! 😂
sweet ty sir.
Bro you saved us really time and money thnx man.
Amazing thanks
Ty
Bro I love you
nice thank you
thank you in my bottom of my heart
11:09:45 Condition operators ge - greater or equal than le - less or equal than
2 hours 31 minutes and 4 seconds into this video you realized you were going to info dump about the backspace idor and cut it ......but that info could have been so valuable....... i support the rambles on this journey lol hopefully that'll be me one day
I am a Newbie. Is this a beginner friendly course? I mean what things should i know before jumping into this course? Btw, thanks for the course 🖤
Do you have a bug bounty pathway you recommend?
THANK YOU SO MUCH!!!!!!!!
Hello. Thanks for the video! I have bought and am about to start your Complete Ethical Hacking Course | Bug Bounty on Udemy. Would you recommend this or the one on Udemy considering this is recently updated? Thank you
@oliverokonkwo7560
2 ай бұрын
which one did you later go for??
This is GOLD 🤯❤
you have that first mentioned nmap tutorial?
Can i be able to discover bugs in bug bounty programs after i watch this course.?
at 1:07:11 it shows only sub-domains in the results here, but when i do the exact same line of code with the same flags i get lots and lots of different stuff in it too. like MX and NS servers, ip's, mac adresses , and like a 100 lines of results. There's no way i can copy/paste all of those easily by how it prints. Why is my output different? Anyone please help!
Please I want to download your Udemy bug bounty. But it isn’t updated over there, what do I do, or can you please update it?
Sorry if this is a dumb question but by the end of this course will it be enough to prepare somebody with no prior cybersecurity knowledge to catch their first bug? Thanks and love your channel btw u earned a new sub!❤
God Bless you.
between your udemy course and this one, which one should I do first or if someone could give me some guidance?
@ryan_phdsec
6 ай бұрын
This one its free
thank you teacher
Does this course cover the basic principles for beginners?
@HaiderAli-vo4sl
6 ай бұрын
yes
@rabingaire9381
5 ай бұрын
Yes, it's actually for beginners happy learning happy hacking.
Dude you are the goat 🐐
keep up the good work.
i love you
sigma❤
cd opt command no such file directory came what can i do
Can i start with this course ? am a beginner in the field , I’ve studied ccna and have some security basics, thank you for the answer
@unknownboi9084
4 ай бұрын
yes you can. even the explaination given by this man is easy to under stand and awesome so you should go for it.
hi i was following you video and i have a question is it better to use nmap or another tool call rustscan thanks love the video i learnt a lot 😄😄😄😄😄
Brother, is this a course for beginners? What will I benefit from when I complete this course?
@kungsmechackasher6405
6 ай бұрын
Knowledge
@ryan_phdsec
6 ай бұрын
This course is designed for someone who doesn't know anything and wants to get started in cybersecurity.
Thank you bro
amazing please put proxy config tutorial at the beginning of this video to avoid ip-ban as one follows along.
I want to start in the field of cybersecurity, how to follow the roadmap, please answer me,thanks !
hey i would love to know if i should follow this course only or take the one from tcm security
@ryan_phdsec
6 ай бұрын
If you want to be a penetration tester do TCM.
8:03:28 0 == "Example string" // true In PHP, when you compare a number to a string using the == operator, PHP will attempt to convert the string to a number if possible. If the string does not start with any numeric characters, PHP will convert it to 0. So, when you compare 0 == "Example string", PHP converts the string "Example string" to a number, resulting in 0. As both sides of the comparison are now 0, the comparison evaluates to true. This behavior is part of PHP's type juggling mechanism, where it tries to make sense of comparisons between different types by converting one or both operands to a compatible type.
Amazing video. A request. It's 2024 almost. Can you please make the videos in 4k? Sorry if it sounds rude. :(
Is it a nice video for begginers who know how to do basic things with linux ?
@ryan_phdsec
6 ай бұрын
This course is designed for someone who doesn't know anything and wants to get started in cybersecurity.
@neoreign
6 ай бұрын
@@ryan_phdsec damn! exactly what I need.
Hi, could you please do live bug bounty on vdp that would be really learning experience for us and we would know how a experience bug bounty hunter start a recon and then proceed further
I love you
the updates are really worth it
@ryan_phdsec
6 ай бұрын
If you have been through the other course I would just check out the section on API's and JWT's
@mnageh-bo1mm
6 ай бұрын
@@ryan_phdsec yup did that, really useful.
👍🏻
Can we get those slides?
What about Prototype Pollution?
thx brudda
Should I watch the previous version of the bug bounty or just this one ??
@ronyhassan4407
2 ай бұрын
only this is enough
You are best bro I don't know how to thank you
do i have to watch the old course first ? pls answer me
@ryan_phdsec
6 ай бұрын
I think this one is better and would stick with it 😁
Is this something a beginner can understand or there are pre requisites required?