Another bug bounty platforms:
1-https://app.inspectiv.com
2-https://issuehunt.io
3-https://standoff365.com
1-https://app.inspectiv.com
2-https://issuehunt.io
3-https://standoff365.com
β€34
Live Hunting #4 β Real Bug Bounty Hunting:
https://youtu.be/RdKw3WXyynw?si=Rs2Db_tQ3j1JEqL-
https://youtu.be/RdKw3WXyynw?si=Rs2Db_tQ3j1JEqL-
YouTube
Live Hunting #4 β Real Bug Bounty Hunting
A real-time bug bounty session focused on practical vulnerability testing and hands-on security analysis.
Follow the full workflow from target selection to testing and assessment, while breaking down the mindset behind each step. The goal is not just toβ¦
Follow the full workflow from target selection to testing and assessment, while breaking down the mindset behind each step. The goal is not just toβ¦
β€34π₯9π2
How to Find Origin IP (Bypass WAF) | Bug Bounty Recon:
https://youtu.be/e--s76tsyb0?si=XWpLuNmHNjI1FBYh
https://youtu.be/e--s76tsyb0?si=XWpLuNmHNjI1FBYh
YouTube
(6)How to Find Origin IP (Bypass WAF) | Bug Bounty Recon
In this video, I explain what Origin IP is and why it is important in bug bounty hunting and penetration testing.
Origin IP is the real server IP behind a website.
Even if a site is protected by services like Cloudflare or a WAF, the real server still existsβ¦
Origin IP is the real server IP behind a website.
Even if a site is protected by services like Cloudflare or a WAF, the real server still existsβ¦
β€33β€βπ₯4
HTML Injection + Open Redirect Attack | Easy Bug Bounty Finds:
https://youtu.be/YXkfYZoKqgo
https://youtu.be/YXkfYZoKqgo
YouTube
(7)HTML Injection + Open Redirect Attack | Easy Bug Bounty Finds
In this video I demonstrate how security researchers and bug bounty hunters discover and exploit HTML Injection and Open Redirect vulnerabilities in real-world applications.
You will learn practical techniques used in real bug bounty hunting and penetrationβ¦
You will learn practical techniques used in real bug bounty hunting and penetrationβ¦
π₯31β€10β€βπ₯3
The Art of Knowing Everything Before You Hack Anything part 1:
https://medium.com/@NeM0x00/the-art-of-knowing-everything-before-you-hack-anything-part-1-14fad1e575f3
https://medium.com/@NeM0x00/the-art-of-knowing-everything-before-you-hack-anything-part-1-14fad1e575f3
Medium
The Art of Knowing Everything Before You Hack Anything part 1
Introduction
β€26β€βπ₯3
You can read the subtitles in English on the YouTube video using this extension:
https://chromewebstore.google.com/detail/glot-extension/dbnjpielondlkmdjbembloegkaabfakc
https://chromewebstore.google.com/detail/glot-extension/dbnjpielondlkmdjbembloegkaabfakc
β€13
Weβve just released 6 new videos covering real-world vulnerabilities:
β’ Exposed API Grant Unauthorized Access to Premium Option
https://www.youtube.com/watch?v=W0aCx6aaKaw
β’ Email Verification Bypass
https://www.youtube.com/watch?v=HqH3IXYT3Ds
β’ Business Logic Bugs: Admin Couldnβt Delete Files!
https://www.youtube.com/watch?v=w28D0_evC80
β’ Bypassing the AI Chat Limit
https://www.youtube.com/watch?v=sPaZzk37PWA
β’ How Pre-Account Takeover Works + Access Control Bypass
https://www.youtube.com/watch?v=ehNHpbaQrPY
β’ Unauthorized Email Modification & Account Lockout
https://www.youtube.com/watch?v=qMa9BZ6QQ8k&t=8s
β’ Exposed API Grant Unauthorized Access to Premium Option
https://www.youtube.com/watch?v=W0aCx6aaKaw
β’ Email Verification Bypass
https://www.youtube.com/watch?v=HqH3IXYT3Ds
β’ Business Logic Bugs: Admin Couldnβt Delete Files!
https://www.youtube.com/watch?v=w28D0_evC80
β’ Bypassing the AI Chat Limit
https://www.youtube.com/watch?v=sPaZzk37PWA
β’ How Pre-Account Takeover Works + Access Control Bypass
https://www.youtube.com/watch?v=ehNHpbaQrPY
β’ Unauthorized Email Modification & Account Lockout
https://www.youtube.com/watch?v=qMa9BZ6QQ8k&t=8s
YouTube
(17)Exposed API Grant Unauthorized Access to Premium Option
In this video, I walk through a real issue where an exposed API endpoint allowed access to premium features without any proper authorization.
The idea here is simple: the backend trusted a request it shouldnβt trust.
Iβll break down:
- How exposed APIsβ¦
The idea here is simple: the backend trusted a request it shouldnβt trust.
Iβll break down:
- How exposed APIsβ¦
β€55π₯8π₯°1πΎ1