#NahamCon2024
LIKE and SUBSCRIBE with NOTIFICATIONS ON if you enjoyed the video! 👍
There's a lot of hype around AI at the moment. Join Jason Haddix (@jhaddix) as he cuts through all the BS to show you 5 practical ways to use AI to supercharge your bounty hunting RIGHT NOW. Jason will cover AI for Recon, JavaScript analysis, Vulnerabilty Discovery, Payload Generation, and Reporting.
📚 If you want to learn bug bounty hunting from me: bugbounty.nahamsec.training
💻 If you want to practice soem of my free labs and challenges: app.hacking.hub.io
🔗 LINKS:
📖 MY FAVORITE BOOKS:
Bug Bounty Bootcamp: The Guide to Finding and Reporting Web Vulnerabilities -amzn.to/3Re8Pa2
Hacking APIs: Breaking Web Application Programming Interfaces - amzn.to/45g4bOr
Black Hat GraphQL: Attacking Next Generation APIs - amzn.to/455F9l3
🍿 WATCH NEXT:
If I Started Bug Bounty Hunting in 2024, I'd Do this - • If I Started Bug Bount...
2023 How to Bug Bounty - • How to Bug Bounty in 2023
Bug Bounty Hunting Full Time - youtu.be/watch?v=ukb79vAgRiY
Hacking An Online Casino - youtu.be/watch?v=2eIDxVrk4a8
WebApp Pentesting/Hacking Roadmap - youtu.be/watch?v=doFo0I_KU0o
MY OTHER SOCIALS:
🌍 My website - www.nahamsec.com/
👨💻 My free labs - app.hackinghub.io/
🐦 Twitter - / nahamsec
📸 Instagram - / nahamsec
👨💻 Linkedin - / nahamsec
WHO AM I?
If we haven't met before, hey 👋! I'm Ben, most people online know me online as NahamSec. I'm a hacker turned content creator. Through my videos on this channel, I share my experience as a top hacker and bug bounty hunter to help you become a better and more efficient hacker.
FYI: Some of the links I have in the description are affiliate links that I get a a percentage from.
Пікірлер: 13
Reconnaissance and Asset Discovery: [00:01:16] Discusses the importance of reconnaissance in bug bounty hunting, particularly finding assets to attack within the scope of a bounty. Application Analysis: [00:01:37] Covers the application analysis phase, where the application is broken down to understand it deeply and find potential attack vectors. Exploitation: [00:01:51] Talks about the exploitation phase, which is similar to any red team practitioner’s work, such as penetration testing. Reporting Vulnerabilities: [00:01:59] Explains the process of reporting vulnerabilities to the client and the importance of taking care of one’s tools. AI Methodology: [00:02:35] Introduces an abbreviated AI methodology necessary for setting up AI for various tasks, not just hacking. Model Choice: [00:03:07] Discusses the need to choose an appropriate model for AI tasks, highlighting the strengths and limitations of different models. RAG and System Prompting: [00:04:46] Describes the choice between using retrieval augmented generation (RAG) or system prompting to build AI helpers. Agents: [00:05:27] Talks about the concept of agents in AI, which are defined as small minibots that perform specific tasks. Temperature Control: [00:06:10] Explains the concept of temperature in AI, which controls the level of creativity of the AI bots. Context and Prompting: [00:06:49] Emphasizes the importance of providing context to AI bots to make them smarter and more effective. Prompting Framework: [00:09:11] Discusses the prompting skill and the use of a framework to improve interactions with AI models. Building Prompts: [00:10:31] Provides insights into building effective system prompts for AI bots to enhance their performance. Subdomain Discovery: [00:15:47] Introduces a bot called Subdomain Ninja, which helps in finding subdomains by building permutations. Acquisition Research: [00:17:19] Describes a bot designed to find acquisitions during the reconnaissance phase of bug bounty hunting. Application Code Analysis: [00:20:39] Talks about using AI to analyze application code and identify potential vulnerabilities. Vulnerability Checks: [00:33:39] Discusses how AI can be used to build quick vulnerability checks and automate parts of the bug hunting process.
I loved this talk, Ben. Thanks for having him on!
jhaddix FTW!
niceeee 🎉🎉🎉
thank you for the upload! :)
You're dope man!
Nice
Wow
🧘🏿♂️
lol! I am the AI bot operating at 40%
Sup Bee?
:)