Dr, apparently. Lecturer in Cyber Security at a university, ex-Bugcrowd triager. #BugBounty hunter & #infosec KZreadr making videos about how to get into Bug Bounty
Hi Kattie! I watch a lot of your videos and I keep watching them and learning! I don't know if i this video, but I came here to tell you that I found my first IDOR and looks quite serious because I can log in other users account too! Thank you so mucho for your content and This course is great!
@bradnaylor3511 сағат бұрын
Great video! You have a serious aptitude for teaching. Enjoying all the bug bounty basics lessons
@rdx8122Күн бұрын
Thanks didi !
@asuhayda14 күн бұрын
You mentioned putting several links in the description but there aren't any there.
@asuhayda14 күн бұрын
I really appreciate your point of view on this topic. I'm just getting started learning cybersecurity and found your video to be super helpful. Thanks!
@user-ju6fi7vh7n6 күн бұрын
just be honest. I'm frustrated about bug bounties
@Sakuraigi7 күн бұрын
You are a philosopher
@friend-el3fc9 күн бұрын
literally you are the best !! please keep on posting Bug Bounty videos
@khaledmohamed556414 күн бұрын
You are the most helpful Bug bounty content creator and I learnt a lot from you, I hope you make more videos about Android Pentesting because Web is sooooo much competitive.
@maapi15 күн бұрын
I'm having an issue with autorize picking up requests that should be out of scope. Anyone else have this issue? This leads to a lot of extra requests to parse through, which really slows me down
@V.WalkingTours17 күн бұрын
Luckily I found your channel! I am exiting to watch all course!
@user-ts2of2nz1h17 күн бұрын
Love your videos ! I’ve a simple question, in your opinion for someone( like me , 32 old) wants to start hacking in 2024 ( bug hunting ) , a learning path ?
@user-ts2of2nz1h17 күн бұрын
Love your videos ! I’ve a simple question, in your opinion for someone( like me , 32 old) wants to start hacking in 2024 ( bug hunting ) , a learning path ?
@volodyakost435418 күн бұрын
<
@tokyorockstarVALORANT19 күн бұрын
ty for the video. wanted to ask what languages i should learn to reverse engineer.
@detecht21 күн бұрын
This is so good. Everyone that watches this video, almost automatically becomes a better hunter. It's like the video we all wanted, even though we didn't realize it. Thank you, Katie. We're really lucky to have you. (P.S. AI Avatar Katie, is super cute. I gotta make me one of those...)
@snookieNaija24 күн бұрын
Thanks love
@xas-oi7sv26 күн бұрын
Started watching you about a month ago and started testing IDORs everywhere. Got my first serious IDOR granting account takeover & PII disclosure in 2 massive internet companies where I live , thanks!
@ChineseRatfaceCHANG27 күн бұрын
Just a heads up, theres almost no work in this field and if you havent been doing this stuff since 16 or younger youll be lacking skills against other candidates. Cs degree + multiple pentesting certifications doesnt help anymore
@katmandu028 күн бұрын
My fav bug bounty tool is u doctor katie😊.#bbhammer
@user-us4yi6mc7iАй бұрын
great
@arman-ez3irАй бұрын
love these kind of tuts, well done
@LindsayLppzzАй бұрын
Not the video I was looking for but thanks
@ihebhamad1477Ай бұрын
Thank you @kati would you do some web application testing, how do you approach a real target.
@ahmedmohamednabil4789Ай бұрын
Where i can practice for bug hunting when i learn new bugs ?
@anukiranghosh637Ай бұрын
Great video! Is the blog article up yet?
@KiDR_IANIАй бұрын
Do enjoy ❤❤
@The_reaperBHАй бұрын
Busted!!!🔥🔥🔥looking for more videos like this🔥🔥🔥🔥
@eileensbianАй бұрын
❤️❤️❤️
@heyiamudayАй бұрын
That's awsome
@alperkaya8919Ай бұрын
We love you 😊❤😊❤😊❤
@mduduzithanjekwayo8404Ай бұрын
Thank you for this! I really appreciate it!
@superfish4603Ай бұрын
Not sure if intentional or not but you are leaking the target you against for the 1st bug in one of your screenshots.
@wiseshabazz-el1202Ай бұрын
Can I set up some personal training?
@skysunset877Ай бұрын
This is SO AMAZING😭😭 Nobody told me these kinds of insights. I really love this video!!!❤❤❤❤ Thank you SO MUCH!!!
@joaopaulogvАй бұрын
thank u so much for this great content! does companies paid bug bounties for discoveries like ID database exposure? like the example you have around ID (12) and the UUID as key id to look for data in database.
@InsiderPhDАй бұрын
Not usually but if you find an IDOR on a app that uses UUID you can boost the severity
@skysunset877Ай бұрын
OMG this is SUPER usefu❤❤❤❤ I was desperate for a manual recon method, and I was bored with automatic recon. Thank you so much for sharing a great way!💪💪
@katwitt952 ай бұрын
thank you so much for this video!!
@PizzaParker-EAB35242 ай бұрын
Doc, thank you so much for these videos. As a new comer to bug bounties your videos have been a lifeline.
@mickymcfarts57922 ай бұрын
it sounds like you gave good reasons why you should put at least one story into a video.
@mickymcfarts57922 ай бұрын
I dont have an options tab.
@mickymcfarts57922 ай бұрын
Most useful video I've found so far. Thank you. Could we watch you find a bug this way from start to finish?
@inteliconn9952 ай бұрын
Thanks!
@MentalMarathon_2 ай бұрын
Great video actually wanted to do a big rce until I finally researched but I still want to just will take more time like you are saying Great video and also very good lessons on Bug Crowd University :)
@jasonl92662 ай бұрын
A brother that code is Brogrammer
@user-zu4ft8yw9e2 ай бұрын
The stages involved in addressing the issues caused by CVE-2020-5902 include: 1. Identifying the Vulnerability: Scan the network using specific tools to identify the presence of the Remote Code Execution (RCE) vulnerability (CVE-2020-5902). 2. Applying Patches: Apply the patches released by F5 Networks to fix the critical RCE vulnerability in the affected versions of BIG-IP. 3. Monitoring for Exploitation: Keep monitoring for any active attempts to exploit the vulnerability in the wild and stay updated on mitigation details provided by F5. 4. Implementing Security Measures: Design and implement a comprehensive security policy based on insights from the CVE database to prevent exploitation and enhance overall security posture.
Пікірлер
Hi Kattie! I watch a lot of your videos and I keep watching them and learning! I don't know if i this video, but I came here to tell you that I found my first IDOR and looks quite serious because I can log in other users account too! Thank you so mucho for your content and This course is great!
Great video! You have a serious aptitude for teaching. Enjoying all the bug bounty basics lessons
Thanks didi !
You mentioned putting several links in the description but there aren't any there.
I really appreciate your point of view on this topic. I'm just getting started learning cybersecurity and found your video to be super helpful. Thanks!
just be honest. I'm frustrated about bug bounties
You are a philosopher
literally you are the best !! please keep on posting Bug Bounty videos
You are the most helpful Bug bounty content creator and I learnt a lot from you, I hope you make more videos about Android Pentesting because Web is sooooo much competitive.
I'm having an issue with autorize picking up requests that should be out of scope. Anyone else have this issue? This leads to a lot of extra requests to parse through, which really slows me down
Luckily I found your channel! I am exiting to watch all course!
Love your videos ! I’ve a simple question, in your opinion for someone( like me , 32 old) wants to start hacking in 2024 ( bug hunting ) , a learning path ?
Love your videos ! I’ve a simple question, in your opinion for someone( like me , 32 old) wants to start hacking in 2024 ( bug hunting ) , a learning path ?
<
ty for the video. wanted to ask what languages i should learn to reverse engineer.
This is so good. Everyone that watches this video, almost automatically becomes a better hunter. It's like the video we all wanted, even though we didn't realize it. Thank you, Katie. We're really lucky to have you. (P.S. AI Avatar Katie, is super cute. I gotta make me one of those...)
Thanks love
Started watching you about a month ago and started testing IDORs everywhere. Got my first serious IDOR granting account takeover & PII disclosure in 2 massive internet companies where I live , thanks!
Just a heads up, theres almost no work in this field and if you havent been doing this stuff since 16 or younger youll be lacking skills against other candidates. Cs degree + multiple pentesting certifications doesnt help anymore
My fav bug bounty tool is u doctor katie😊.#bbhammer
great
love these kind of tuts, well done
Not the video I was looking for but thanks
Thank you @kati would you do some web application testing, how do you approach a real target.
Where i can practice for bug hunting when i learn new bugs ?
Great video! Is the blog article up yet?
Do enjoy ❤❤
Busted!!!🔥🔥🔥looking for more videos like this🔥🔥🔥🔥
❤️❤️❤️
That's awsome
We love you 😊❤😊❤😊❤
Thank you for this! I really appreciate it!
Not sure if intentional or not but you are leaking the target you against for the 1st bug in one of your screenshots.
Can I set up some personal training?
This is SO AMAZING😭😭 Nobody told me these kinds of insights. I really love this video!!!❤❤❤❤ Thank you SO MUCH!!!
thank u so much for this great content! does companies paid bug bounties for discoveries like ID database exposure? like the example you have around ID (12) and the UUID as key id to look for data in database.
Not usually but if you find an IDOR on a app that uses UUID you can boost the severity
OMG this is SUPER usefu❤❤❤❤ I was desperate for a manual recon method, and I was bored with automatic recon. Thank you so much for sharing a great way!💪💪
thank you so much for this video!!
Doc, thank you so much for these videos. As a new comer to bug bounties your videos have been a lifeline.
it sounds like you gave good reasons why you should put at least one story into a video.
I dont have an options tab.
Most useful video I've found so far. Thank you. Could we watch you find a bug this way from start to finish?
Thanks!
Great video actually wanted to do a big rce until I finally researched but I still want to just will take more time like you are saying Great video and also very good lessons on Bug Crowd University :)
A brother that code is Brogrammer
The stages involved in addressing the issues caused by CVE-2020-5902 include: 1. Identifying the Vulnerability: Scan the network using specific tools to identify the presence of the Remote Code Execution (RCE) vulnerability (CVE-2020-5902). 2. Applying Patches: Apply the patches released by F5 Networks to fix the critical RCE vulnerability in the affected versions of BIG-IP. 3. Monitoring for Exploitation: Keep monitoring for any active attempts to exploit the vulnerability in the wild and stay updated on mitigation details provided by F5. 4. Implementing Security Measures: Design and implement a comprehensive security policy based on insights from the CVE database to prevent exploitation and enhance overall security posture.
best
how often do you look for bugs
Thank you for this 🥰
at 6:04 there should be AAAA instead of AAA