Bug Bounty: Get paid to hack PayPal and TikTok // Featuring Nahamsec
Want to hack companies like PayPal and TikTok? What about the Department of Defense? Lots of companies that you can hack legally - and get paid doing it! This is a practical guide on how to get started hacking today.
// MENU //
00:00 ▶️ Introduction
00:17 ▶️ Who is Nahamsec?
01:18 ▶️ Different Bug Bounty Platforms
01:40 ▶️ Why Nahamsec Prefers These Platforms
02:34 ▶️ Intigriti Quick Overview
02:58 ▶️ Bugcrowd Quick Overview
03:25 ▶️ Hackerone Quick Overview
04:01 ▶️ What is Bug Bounty?
04:57 ▶️ Non-Monetary Rewards: Nahamsec's Red Bull Hack
05:57 ▶️ The Lyft, Snapchat and Undisclosed Travel Company Hack
07:02 ▶️ Interface Walkthrough
08:45 ▶️ Scope
10:18 ▶️ Top Hacker Profiles on Bug Bounty Programmes
11:04 ▶️ Profile Hacktivity Feed
13:54 ▶️ Using the site wide hacktivity feed to learn from previous bug bounties
15:31 ▶️ Getting Started: hacker101
17:24 ▶️ Getting Started: hackerone
20:58 ▶️ Submitting/Writing a Report
29:23 ▶️ Report Terminology
31:06 ▶️ How to Find a Company's Websites
33:05 ▶️ Nahamsec's Approach: Certificate Transparency
36:30 ▶️ Why NahamSec Prefers Dev Sites
38:05 ▶️ How to Find a Website's SSL Certificate
41:21 ▶️ Targeting a Company' Main Website vs Targeting Subdomains
42:25 ▶️ Researching a Company's Assets
43:43 ▶️ If You're New to the Bug Bounty Thing
47:40 ▶️ Ways to Learn
49:18 ▶️ Books to Help You Get Started Hacking
53:49 ▶️ Online Resources to Help You Get Started
55:28 ▶️ Final Advice
// Connect with David //
Discord: https://discord.com/invite/usKSyzb
Twitter: https://www.twitter.com/davidbombal
Instagram: https://www.instagram.com/davidbombal
LinkedIn: https://www.linkedin.com/in/davidbombal
Facebook: https://www.facebook.com/davidbombal.co
TikTok: http://tiktok.com/@davidbombal
YouTube: https://www.youtube.com/davidbombal
// Connect with Nahamsec //
Twitter: https://twitter.com/nahamsec
YouTube: https://www.youtube.com/c/nahamsec
Github: https://github.com/nahamsec/Resources-for-Beginner-Bug-Bounty-Hunters
Discord: ht
Watch on YouTube ↗
(saves to browser)
Sign in to unlock AI tutor explanation · ⚡30
Playlist
Uploads from David Bombal · David Bombal · 0 of 60
← Previous
Next →
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
RYU SDN Controller Part 4: Graphical User Interface (GUI): Practical GNS3 SDN and OpenFlow
David Bombal
HPE Network Protector SDN Application Part 1 - Introduction
David Bombal
HPE Network Protector SDN Application Part 2 : DNS Interception using OpenFlow
David Bombal
HPE Network Protector SDN Application Part 3 - Lab Setup using Physical Switches
David Bombal
HPE Network Protector SDN Application Part 4 - Demo of malicious websites blocked
David Bombal
HPE Network Protector SDN Application Part 5 - Demo OpenFlow table interception flows
David Bombal
HPE Network Protector SDN Application Part 6 - Demo of Physical Switch configuration
David Bombal
HPE Network Protector SDN Application Part 7 - Demo Service Insertion Tunnel / GRE Tunnel
David Bombal
HPE Network Protector SDN Application Part 8 - Demo SDN OpenFlow Reporting
David Bombal
HPE Network Protector SDN Application Part 9 - Demo switches interception of DNS traffic
David Bombal
GNS3 Talks: GNS3 version 1.5.X Appliance Tips
David Bombal
CCNA 200-125 Exam: AAA demo: TACACS+ with GNS3
David Bombal
GNS3 2.0.0 beta 2 install
David Bombal
CCNA #012: Learn SNMP with GNS3, Wireshark and Solarwinds NPM - CCNA 200-125 exam
David Bombal
CCNA #013: Spanning Tree CCNA Exam Questions: Know the answer? CCNA 200-125 exam
David Bombal
GNS3 2.0.0 beta : GNS3 VM integration with GNS3 GUI
David Bombal
CCNA #018: Routing exam questions: Who wins? OSPF, EIGRP or RIP? Sure? CCNA 200-125 exam
David Bombal
CCNA #019: Spanning Tree CCNA Exam Questions: Root Bridge, Root Port and more: CCNA 200-125 exam
David Bombal
GNS3 Download, installation and configuration - GNS3 1.5.3 and Windows 10
David Bombal
CCNA #023 EIGRP Neighbor Troubleshooting (DUAL Issues) for the CCNA 200-125 Exam
David Bombal
GNS3 2.0 Architecture and schema Part 1: What is the GNS3 Controller?
David Bombal
GNS3 2.0 Architecture and schema Part 2: Emulators and virtualization
David Bombal
CCNA #028 VTP Troubleshooting for the CCNA 200-125 Exam
David Bombal
CCNA #029 VTP & DTP Troubleshooting for the CCNA 200-125 Exam
David Bombal
CCNA #030 VTP Troubleshooting for the CCNA 200-125 Exam
David Bombal
GNS3 : How to download Cisco IOS images and VIRL images. Which is the best? How do you get them?
David Bombal
GNS3 ASA setup: Import and configure Cisco ASAv with GNS3
David Bombal
GNS3 switching setup and options: Cisco and other switching options in GNS3
David Bombal
GNS3 switching setup and options Part 2: GNS3 unmanaged built-in switch
David Bombal
GNS3 switching setup and options Part 3: Router on a sick with GNS3 unmanaged built-in switch
David Bombal
GNS3 switching setup and options Part 4: Etherswitch Router for Cisco Dynamips Part 1
David Bombal
GNS3 switching setup and options Part 5: Etherswitch Router for Cisco Dynamips Part 2
David Bombal
GNS3 switching setup and options Part 6: Etherswitch, Wireshark, 802.1Q, InterVLAN routing
David Bombal
GNS3 Talks: Docker, Open vSwitch, SDN and OpenFlow Part 1: GNS3 Switching Part 7
David Bombal
GNS3 Talks: Docker, Open vSwitch, SDN and OpenFlow Part 2: GNS3 Switching Part 8
David Bombal
GNS3 Talks: Docker, Open vSwitch, SDN and OpenFlow Part 3: GNS3 Switching Part 9
David Bombal
GNS3 Talks: Docker, Open vSwitch, SDN and OpenFlow Part 4: GNS3 Switching Part 10
David Bombal
GNS3 Talks: Docker, Open vSwitch, SDN and OpenFlow Part 5: GNS3 Switching Part 11
David Bombal
GNS3 Nexus (NX-OSv) switch setup and configuration Part 1: GNS3 switching options Part 12
David Bombal
GNS3 Nexus (NX-OSv) switch setup and configuration Part 2: GNS3 switching options Part 13
David Bombal
GNS3 Talks: Docker, Open vSwitch, SDN and OpenFlow Part 6: GNS3 Switching Part 14
David Bombal
GNS3 Talks: Docker, Open vSwitch, SDN and OpenFlow Part 7: GNS3 Switching Part 15
David Bombal
GNS3 Cisco CSR 1000v setup and configuration Part 1: GNS3 NFV
David Bombal
GNS3 Cisco CSR 1000v setup and configuration Part 2: GNS3 NFV
David Bombal
GNS3 Talks: Use the NAT node to connect GNS3 to the Internet easily!
David Bombal
GNS3 Talks: GNS3 2.0 RC1 is now available
David Bombal
GNS3 Talks: GNS3 2.0 Portable Projects - easily export and import GNS3 projects
David Bombal
GNS3 Talks: Multiple clients sharing projects in real time, plus console session shadowing!
David Bombal
CCNA #035 NAT Troubleshooting Scenario 1 - Can you find the issue? CCNA Exam 200-125 troubleshooting
David Bombal
CCNA #036 NAT Troubleshooting Scenario 2 - Can you find the issue? CCNA Exam 200-125 troubleshooting
David Bombal
GNS3 Talks: ESXi, GNS3 VM and KVM support Part 1: leverage servers and the cloud
David Bombal
CCNA #037 OSPF Troubleshooting - can you find the issue? CCNA Exam 200-125 troubleshooting
David Bombal
GNS3 Talks: ESXi, GNS3 VM and KVM support Part 2: leverage servers and the cloud
David Bombal
CCNA #038 NAT Troubleshooting Scenario 3 - Can you find the issue? CCNA Exam 200-125 troubleshooting
David Bombal
CCNA #039 - OSPF DR, BR and DROTHER Election - do you know the answers?
David Bombal
CCNA #040 NAT Troubleshooting Scenario 4 - Can you find the issue? CCNA Exam 200-125 troubleshooting
David Bombal
GNS3 Talks: Arista vEOS GNS3 import and configuration Part 1
David Bombal
CCNA #041 - OSPF DR, BR and DROTHER Election - do you know the answers?
David Bombal
GNS3 Talks: Arista vEOS GNS3 import and configuration Part 2
David Bombal
GNS3 Talks: ipterm: Linux, Docker, Python, SDN and more! Part 1
David Bombal
Related AI Lessons
⚡
⚡
⚡
⚡
The Secure One Is Silent: Kerberos Stays Quiet, NTLM Tells
Medium · Cybersecurity
Reclaiming the Narrative: How “Hire a Hacker Pro” Built an Immutable Blueprint for Enterprise…
Medium · Cybersecurity
️ Shift-Left Security: La Seguridad no es una Meta, es el Camino️
Medium · Cybersecurity
Cloud Misconfiguration at Scale: Why It’s America’s Most Underrated Cybersecurity Threat — a…
Medium · DevOps
Chapters (30)
Introduction
0:17
Who is Nahamsec?
1:18
Different Bug Bounty Platforms
1:40
Why Nahamsec Prefers These Platforms
2:34
Intigriti Quick Overview
2:58
Bugcrowd Quick Overview
3:25
Hackerone Quick Overview
4:01
What is Bug Bounty?
4:57
Non-Monetary Rewards: Nahamsec's Red Bull Hack
5:57
The Lyft, Snapchat and Undisclosed Travel Company Hack
7:02
Interface Walkthrough
8:45
Scope
10:18
Top Hacker Profiles on Bug Bounty Programmes
11:04
Profile Hacktivity Feed
13:54
Using the site wide hacktivity feed to learn from previous bug bounties
15:31
Getting Started: hacker101
17:24
Getting Started: hackerone
20:58
Submitting/Writing a Report
29:23
Report Terminology
31:06
How to Find a Company's Websites
33:05
Nahamsec's Approach: Certificate Transparency
36:30
Why NahamSec Prefers Dev Sites
38:05
How to Find a Website's SSL Certificate
41:21
Targeting a Company' Main Website vs Targeting Subdomains
42:25
Researching a Company's Assets
43:43
If You're New to the Bug Bounty Thing
47:40
Ways to Learn
49:18
Books to Help You Get Started Hacking
53:49
Online Resources to Help You Get Started
55:28
Final Advice
🎓
Tutor Explanation
DeepCamp AI