Bug Bounty bootcamp // Get paid to hack websites like Uber, PayPal, TikTok and more

David Bombal · Beginner ·🔐 Cybersecurity ·3y ago
How to get experience with no experience? Have a look at bug bounty programs. Vickie Li demos Insecure Direct Object References (IDOR) and tells us how to get into bug bounty. We also discuss why her book Bug Bounty Bootcamp is a fantastic book to buy if you want to get into bug bounty. Get real world experience today. // MENU // 00:00 - In plain text! 00:24 - Introducing//Vickie Li 00:58 - Part 1//The Interview 01:01 - Origin//Bug Bounty Bootcamp 03:37 - What are Bug Bounty Programmes? 05:26 - Part Time Bug Hunting? 05:44 - Easy Way to Get Experience 07:45 - Which Bug Bounty Programmes for B…
Watch on YouTube ↗ (saves to browser)

Chapters (36)

In plain text!
0:24 Introducing//Vickie Li
0:58 Part 1//The Interview
1:01 Origin//Bug Bounty Bootcamp
3:37 What are Bug Bounty Programmes?
5:26 Part Time Bug Hunting?
5:44 Easy Way to Get Experience
7:45 Which Bug Bounty Programmes for Beginners?
10:51 Beginners//Don't Compete with Pros
13:15 Duplicates as Valid Experience
14:23 What You Need to Start
14:59 Linux//Do You Need It?
15:55 Automate!//Which Programming Language?
18:03 Beginner Friendly Vulnerabilities
21:17 Part 2//Exploiting IDOR Vulnerability Demo
21:24 What is IDOR?
22:51 PortSwigger IDOR Lab
24:05 Live Chat IDOR
24:48 View transcript
25:12 Burp Suite Intercept
26:05 What to Look For//IDs Aren't Always Obvious
26:56 Burp Suite//Looking Through Headers
27:56 Burp Suite//Repeater
28:30 Testing View Transcript Again
29:18 GET Request//Identifying Exploitable Endpoint
30:26 Modifying GET Request
31:35 Finding the right headers to modify
33:47 Why the first attempt didn't work
34:09 IRL//What You Would Do
34:23 Password in Live Chat Transcript
35:40 How to Prevent IDORs
36:01 IDORs//Worth Pursuing?
39:57 Bug Bounties//How to Start
41:21 Learn More!//Vickie's Blog
41:38 Follow Vickie's Twitter!
41:52 Thank You & Closing

Playlist

Uploads from David Bombal · David Bombal · 59 of 60

← Previous Next →
1 16 secs to break it! 😱 70% of real world WiFi networks owned!
16 secs to break it! 😱 70% of real world WiFi networks owned!
David Bombal
 2 Traceroute explained // Featuring Elon Musk // Demo with Windows, Linux, macOS
Traceroute explained // Featuring Elon Musk // Demo with Windows, Linux, macOS
David Bombal
 3 Bug Bounty 2022 Guide: Where to focus // How to make money // How to get started today
Bug Bounty 2022 Guide: Where to focus // How to make money // How to get started today
David Bombal
 4 How Nmap really works // And how to catch it // Stealth scan vs TCP scan // Wireshark analysis
How Nmap really works // And how to catch it // Stealth scan vs TCP scan // Wireshark analysis
David Bombal
 5 TLS Handshake Deep Dive and decryption with Wireshark
TLS Handshake Deep Dive and decryption with Wireshark
David Bombal
 6 Real World Talks: pfsense firewalls for home and business? // Featuring Tom Lawrence
Real World Talks: pfsense firewalls for home and business? // Featuring Tom Lawrence
David Bombal
 7 Bug Bounty: Get paid to hack PayPal and TikTok // Featuring Nahamsec
Bug Bounty: Get paid to hack PayPal and TikTok // Featuring Nahamsec
David Bombal
 8 Troubleshooting slow networks with Wireshark // wireshark filters // Wireshark performance
Troubleshooting slow networks with Wireshark // wireshark filters // Wireshark performance
David Bombal
 9 Hacking Linux // Linux Privilege escalation // Featuring HackerSploit
Hacking Linux // Linux Privilege escalation // Featuring HackerSploit
David Bombal
 10 Computer Science isn't programming! // How to become a Master Programmer // Featuring Dr Chuck
Computer Science isn't programming! // How to become a Master Programmer // Featuring Dr Chuck
David Bombal
 11 Hacking Power Plants and Industrial Control Systems (Scada)
Hacking Power Plants and Industrial Control Systems (Scada)
David Bombal
 12 Hacking networks with Python // Creating malicious packets and breaking TCP/IP rules
Hacking networks with Python // Creating malicious packets and breaking TCP/IP rules
David Bombal
 13 OSINT: You can't hide // Your privacy is dead // Best resources to get started
OSINT: You can't hide // Your privacy is dead // Best resources to get started
David Bombal
 14 Website Hacking Demos using Cross-Site Scripting (XSS) - it's just too easy!
Website Hacking Demos using Cross-Site Scripting (XSS) - it's just too easy!
David Bombal
 15 Hacking APIs and Cars: You need to learn this in 2023!
Hacking APIs and Cars: You need to learn this in 2023!
David Bombal
 16 How TCP really works: MTU vs MSS
How TCP really works: MTU vs MSS
David Bombal
 17 Hacking CCTV and IP cameras: Are you safe?
Hacking CCTV and IP cameras: Are you safe?
David Bombal
 18 They said this doesn't work 🤣 Hacking networks with VLAN hopping and Python
They said this doesn't work 🤣 Hacking networks with VLAN hopping and Python
David Bombal
 19 WiFi has changed: Is UniFi better than Cisco?
WiFi has changed: Is UniFi better than Cisco?
David Bombal
 20 You need to take control
You need to take control
David Bombal
 21 My channel changes today
My channel changes today
David Bombal
 22 Synology NAS Quick Setup
Synology NAS Quick Setup
David Bombal
 23 Best Hacking Podcast in the world?
Best Hacking Podcast in the world?
David Bombal
 24 Hack like Mr Robot // WiFi, Bluetooth and Scada hacking
Hack like Mr Robot // WiFi, Bluetooth and Scada hacking
David Bombal
 25 Do you realize that they are watching you? Protect your online privacy
Do you realize that they are watching you? Protect your online privacy
David Bombal
 26 Learn to hack in 60 seconds?
Learn to hack in 60 seconds?
David Bombal
 27 Hacking is not a crime. A real world story.
Hacking is not a crime. A real world story.
David Bombal
 28 Get the Best Python Books for Free
Get the Best Python Books for Free
David Bombal
 29 She hacked me!
She hacked me!
David Bombal
 30 You are in a Cyber War. Don't be a dumb*** and try to ignore it
You are in a Cyber War. Don't be a dumb*** and try to ignore it
David Bombal
 31 OSINT tools to track you down. You cannot hide.
OSINT tools to track you down. You cannot hide.
David Bombal
 32 Best Hacking Python Book?
Best Hacking Python Book?
David Bombal
 33 SMS spoofing and Raspberry Pi Scada hacking
SMS spoofing and Raspberry Pi Scada hacking
David Bombal
 34 Hacker saves the world. Teaches you hacking.
Hacker saves the world. Teaches you hacking.
David Bombal
 35 Shodan demo vs hot cybersecurity trend?
Shodan demo vs hot cybersecurity trend?
David Bombal
 36 The Internet just changed.
The Internet just changed.
David Bombal
 37 Hack Wifi from $1.80
Hack Wifi from $1.80
David Bombal
 38 The truth about AI and why you should learn it - Computerphile explains
The truth about AI and why you should learn it - Computerphile explains
David Bombal
 39 Kali Linux NetHunter Android install in 5 minutes (rootless)
Kali Linux NetHunter Android install in 5 minutes (rootless)
David Bombal
 40 Is this the future of the Internet? UDP Deep Dive.
Is this the future of the Internet? UDP Deep Dive.
David Bombal
 41 Warning! Python Remote Keylogger (this is really too easy!)
Warning! Python Remote Keylogger (this is really too easy!)
David Bombal
 42 Free API Hacking course!
Free API Hacking course!
David Bombal
 43 Kali Linux on all the things! (6 minute install)
Kali Linux on all the things! (6 minute install)
David Bombal
 44 #1 reason for data breaches! Free AppSec courses!
#1 reason for data breaches! Free AppSec courses!
David Bombal
 45 Warning! This is how cars are hacked. Just like in Mr Robot.
Warning! This is how cars are hacked. Just like in Mr Robot.
David Bombal
 46 Uber, Rockstar fell for this attack. Will you?
Uber, Rockstar fell for this attack. Will you?
David Bombal
 47 Is Skynet watching you already?
Is Skynet watching you already?
David Bombal
 48 Warning! Android phone remote control // Hackers can hack your phone
Warning! Android phone remote control // Hackers can hack your phone
David Bombal
 49 My YouTube channel being hacked // Lessons learned from hack
My YouTube channel being hacked // Lessons learned from hack
David Bombal
 50 Hacker hunting with Wireshark (even if SSL encrypted!)
Hacker hunting with Wireshark (even if SSL encrypted!)
David Bombal
 51 Best WiFi Hacking tools: Airgeddon, Kismet, Raspberry Pi and Kody's favourite wifi tools
Best WiFi Hacking tools: Airgeddon, Kismet, Raspberry Pi and Kody's favourite wifi tools
David Bombal
 52 Linux and Python on your phone for free in 2 minutes // iPhone or Android
Linux and Python on your phone for free in 2 minutes // iPhone or Android
David Bombal
 53 OSINT social media: Are you crazy to share so much information online? 😱
OSINT social media: Are you crazy to share so much information online? 😱
David Bombal
 54 Hacking cell phones like Mr Robot
Hacking cell phones like Mr Robot
David Bombal
 55 Hacking WiFi with a Hak5 Pineapple
Hacking WiFi with a Hak5 Pineapple
David Bombal
 56 Did you know this about Virtual Machines (VMs)? Kali Linux, Ubuntu, Windows 11, macOS?
Did you know this about Virtual Machines (VMs)? Kali Linux, Ubuntu, Windows 11, macOS?
David Bombal
 57 Rat hacks website in 5 minutes 😱
Rat hacks website in 5 minutes 😱
David Bombal
 58 Is it possible to hack WiFi with a phone?
Is it possible to hack WiFi with a phone?
David Bombal
 Bug Bounty bootcamp // Get paid to hack websites like Uber, PayPal, TikTok and more
Bug Bounty bootcamp // Get paid to hack websites like Uber, PayPal, TikTok and more
David Bombal
 60 OSINT: Have U been pwned?
OSINT: Have U been pwned?
David Bombal
HARDEST Comp Sci Challenge for $500 🤑🤑
Next Up
HARDEST Comp Sci Challenge for $500 🤑🤑
Sajjaad Khader