Updated Beginners Guide to API Bug Bounty
If you’re just getting started with bug bounty hunting, web APIs are a fantastic place to start, they’re easy to approach, can’t easily be automated and are full of bugs.
Join the free, API security live class on Zoom webinars www.traceable.ai/resources/lp...
This series couldn't happen without the support of our sponsor Bugcrowd, Bugcrowd is the best place to start hacking with a wide range of public and private programs from APIs to Desktop Applications and everything in between. Not ready to jump into a public program yet? Fill out your platform CV and sign up for a waitlisted program. Tell Bugcrowd a bit about your skills, previous certifications or experience and they’ll match you up with the right program using their industry-leading CrowdMatch technology. Whatever your level, there’s a place for you in the crowd. You can sign up with my link here: bugcrowd.com/user/sign_up.
Пікірлер: 44
I really love this video! Thank you very much!!!
Thank you for the information :)
Thank you for sure all of this information Where video links that you mention?
very good and helpful thanks
thanks im changing sides
thanks
Tank you ❤
Thank you for educating the community. You are my favorite bug bounty educator. I have a question about ffuf...how slow should I run ffuf for enumeration? You can set a rate/second with "-rate" or a delay beteeen requests with "-p"... I'm paranoid and sometimes only run 1-2 requests per second...grandpa-style 👴🐢
@InsiderPhD
4 ай бұрын
Depends on the client, should be in their scope or on the program page
Thank you for the new information MAAM, I'm learning JS will it help me in my API? is learning JSON is worth for API?
@InsiderPhD
6 ай бұрын
JSON yes JavaScript it depends, id focus on react
@Alexander007A
6 ай бұрын
@@InsiderPhD alright thank you react is also good.. by the way can you tell me why I got unsubscribe from your KZread channel?? When I subscribe after few days I got unsubscribe.?
@camelotenglishtuition6394
5 ай бұрын
silly-ish question but why react and not javascript? Just wondering as I'm choosing one of them atm@@InsiderPhD
I stuck when i see authorization bearer token
hoping more videos on web apis 😊
@InsiderPhD
6 ай бұрын
I’m actually running some free live classes in January over Zoom!
@orbitxyz7867
6 ай бұрын
@@InsiderPhD can we join free classes
@hackergod00001
6 ай бұрын
@@InsiderPhD would love to join
@abubakarmohammed2436
6 ай бұрын
How can we join?
@InsiderPhD
6 ай бұрын
Yup! Going to share details on Monday but you just need to register it’s 100% free
Greetings 🤗
what if program using authorization Bearer token
@InsiderPhD
6 ай бұрын
Barer tokens work exactly the same as cookies
where can I find images from OWASP API Top 10 slide (16:55)?
@InsiderPhD
6 ай бұрын
That’s from an upcoming video :) coming out this week
@mateuszwojtowicz6270
6 ай бұрын
@@InsiderPhD bless you all of for those!!!
I have found an IDOR vulnerability but can't access other users' "id", should I report it?
@InsiderPhD
6 ай бұрын
As in you can’t find how you would discover the other ID?
@ISaIGoI
6 ай бұрын
@@InsiderPhD Yeah, ID looks like this " id=69690bb85f0ea26a7e5a962746cf008b8"
Hello insiderPhD, can you share your PPT?
@InsiderPhD
6 ай бұрын
Sorry I don’t because people are dicks and steal it, you can find some older stuff on leak websites though
Where is the zoom link mam
@InsiderPhD
6 ай бұрын
Will be announcing it soon, taking a bit longer to sort out the registration form than I expected
Need help here
KITERUNNER is not working any more
A brother that code is Brogrammer
I live in Iran and I can't work with bugcrowd or hakerone 😢💔
@InsiderPhD
6 ай бұрын
Yeah Iran is still under international sanctions, it’s going to be the case for most bug bounty platforms or companies they just aren’t allowed :(
easy to play with cookies
Most of your video is just wasting time. Nothing Practical! nothing new! Nothing Helpful for real world scenario?
Enough talking and show some examples step by step would be more helpful and just this nonsense get to the point.