2023 WebApp Pentesting/Hacking Roadmap // How To Bug Bounty
Purchase my Bug Bounty Course here 👉🏼 bugbounty.nahamsec.training
Does Cybersecurity Require Programming?
• Does Cybersecurity Req...
Buy Me Coffee:
www.buymeacoffee.com/nahamsec
Live Every Sunday on Twitch:
/ nahamsec
Free $100 DigitalOcean Credit:
m.do.co/c/3236319b9d0b
Follow me on social media:
/ nahamsec
/ nahamsec
twitch.com/nahamsec
hackerone.com/nahamsec
/ nahamsec1
Github:
github.com/nahamsec
Nahamsec's Discord:
discordapp.com/invite/ucCz7uh
Timestamps:
00:00 - Intro
00:45 - How the website works
01:56 - Curl / Linux basics
03:10 - Scripting
04:34 - Basics of Web application Hacking, Don't depend on Automation
07:49 - Learn JavaScript
#webhacking #redteam #bugbounty #offensivesecurity #hackerone #hackers #hacking #infosec #hackingtutorial #owasp #educational
00:00 = Intro 00:45 = How the website works 01:56 = Curl / Linux basics 03:10 = Scripting 04:34 = Basics of Web application Hacking, Don't depend on Automation 07:49 = Learn JavaScript For me personally this was not a roadmap, it was more like tips and tricks to upgrade my existing roadmap 😂😂, anyways, thank you very much Naham sir, following you further to learn a lot of stuff 🙏🙏💖💖 Love from India 🇮🇳 🇮🇳 🇮🇳
Bro can you tell about where to practice web hacking
@@oviyanthelearner7656 port swigger academy
Added to the video. You the best!
@@oviyanthelearner7656 there are a lot them out there, explore them online, like tryhackme, hackthebox, especially portswigger and lot more !
@@NahamSec thank you sir 🙏🙏❤️❤️
Fuck. I just realized something while watching this. I’ve been into this for 2.5 years. Maybe 3. And I’m still finding myself watching these roadmap - how to become a bug bounty Hunter - videos. Damn. What can I do. Seriously.
Disconnect for a while. Do something else. Then come back with a fresh mind
Hi Ben, I am your huge fan i love your work immensely and your vlogs about live hacking events are as good as your other KZhead content . My question is that I’m currently in Canada and my studies will be over in next month like in Aug 2023 but I am lost in my path I don’t know what to do I am unable to find an internship or job so I needed your guidance and i also want to mention that I have successfully done your udemy course and i am currently preparing for PNPT by TCM security so If i could connect with you and talk about job search and other things then it would be really awesome.
I've just started learning curl. Still trying to wrap my head around it. Baby steps 😊
You got this! curl is going to be very helpful especially when looking at APIs!
how's the learning my man?
Great video as always mentor !
You are legend sir , Always Appreciated.
Great as always🎉
Thank you so much 😀
came here from the live stream. and dropped a sub
How important do you think learning Python to an intermediate level is for a bug hunter? Awesome video!
Hey man, thanks for your content. Since you mentioned SSRF being network related, I come from a networking and netsec background with 10+ years experience. What hacking track do you recommend me to go where I can take of use my knowledge in networking?
like a Boss; Great Content Nahamsec ...
Thank you for this video, very good info
Thanks! For the ADVICE!
Thanks for the guidance!!
Thanks for video ! Keep making more.
Thank you, I will
Knowledgeable Content
Just found your channel. You seem like a kool dude. Buying your BB Course for my barely 12 year old who lives on hack the box and is always on port swigger site. Hes actually trying to get me into it, but i think i like more actual network pentesting then web apps. That looks way too difficult for me.
Hey Eric. Thanks for the comment and thanks for supporting the course! That’s awesome that your son! If I can help him in anyway please let me know. Happy to even chat with the both of you on a zoom call if it helps motivate you guys to get into hacking. Feel free to email me! My emails on the about page of the channel. Go after whatever you’re passionate about. Whether it’s network, web, social engineering regardless of the difficulty. IMO that’ll drive you overcome the hurdles more than anything else. Best of luck!
Thanks for video .liked it
Please 🙏 keep it up more and more videos....
Hey hey, nice video, thanks!
Actually I needed it. Thank you so much for making this video... ♥✌
Welcome!!
thanks, greetings from turkey
Thanks man ;-)
And ctf to start with after learning these basics
Came here from your live
Hi, I came from your stream
So how in depth should you know about how websites work? Also do you have any prefered resources for learning these skills?
Any sources to learn this stuff from? Curl, JS for hacking, basics etc...
For the first step Learning how the websites and internet works, what book should I choose to learn that how internet and websites works or do you have any resources plz tell me
thank you so much 😎
Very knowledgeable video ❤
Thanks a lot 😊
@@NahamSec your welcome sir❤
Love from Ethiopia❤
Thanks keep making more videos for beginners :)
More to come!
as beginner it's really hard to me the part of recon ( DNS , ASN,DNS Records, Revers Ip,,,,,) This stuff about Network i only do basic recon gather subdomains & some google dorks :( is that ok for beginner im in 6 month in bug bounty ??
Do i need to study the a plus content or something like that to get into bug hunting
good content.
I suggest you use more visualization in your video, such as the terms, definitions.
Its a nice watch .... Which watch it is ? :)
After this what are books you recommend to read
Great Video. I am looking for a good video on curl.
Maybe I'll do it in my next project :)
easy: man curl
came from the livestream
awli bood❤❤
Can u please make a video on hoelw to effectively map the web app and discover hidden functionalities
Maybe :-)
How to find bugs from view-source? I want a video of this 😊
You mean finding bugs in JavaScript ? that's a great topic a video @NahamSec
need resource to know more about DNS Configuration | DNS Records
ur the best dude
Thanks for the video. I purchase your course on udemy and I'm loving it. I have one request to ask, could you connect me to someone I can pair with and we can learn together? Thanks again
Come join the discord!
Again I am first viewer 🥳
nah i won this time 😆
you both win!
what are the different fields in ethical hacking
best content
Came here from LIVE
Thanks
How much demand of Ethical Hackers is ?
from the stream
Please give the link to the video you said at the beginning.
In the description but here you go Does Cybersecurity Require Programming? kzhead.info/sun/irWamaekg5ashoE/bejne.html
@@NahamSec Thank you very much 💗
finelly :D
❤️
i reported the vulnerabilities but they are all invalid
Came here from the future
For scripting we should learn Python or Go?Which better? and how learn Scripting?
With Udemy…
Witch course? @@a.g.4843
🐝
Why is everyone focusing on web bug bounty? Why not mobile and other platforms?
money and because it's the first line of defense
tnx but better if it was tear by tear and more step
احبك في الله 😅
hhhhhhh
Hello sir 👋 can you please make a Facebook cloning script for me ❤
I want to know API hacking tips and tricks from you. 🙏🙏🙏🙏🙏
Soon!
@@NahamSec waiting dude
@@Adarsh.-.check out apisec University
Need the API hacking too 🎉
@@tecksec TCM security just released an API course
Hi i am from india. I want a great high paying career. On which skills i need to focus and get remote job while i stay in india. I am from non IT back ground. Thank you.
Can you please make a video on writing PoC of Bugs
1st 🥵
Will penetration tester jobs be replaced by artificial intelligence?
Machine learning tools are already being used in security operation centers.
Api hacking roadmap guru ji
Finally 😂😂
still bug bounty is not a robust career!!! spending time on vuln machines and web apps is more important to know more about bugs. Bug hunting should be a part time and a just for fun game. No offense , but it is a matter of duplicates and reality.
Where are the basics of networking ? 🙂
Definitely not a roadmap lol but thanks for the tips.
Thanks! What should I do different next time so it's an actual roadmap? Should I specify where to learn them and what courses/sites to use?
Lmfao this guy wants latitude and longitude 🗺️🗾📍😂😂😂
@@NahamSec I recommend making a roadmap for a period of time like 6 months with detailed plan, goals and milestones. Maybe even make a playlist discussion each step of the roadmap.
Buddy wants spoon feeding.....
@@king09426 I want things to be called as they are without click baiting! Go simp somewhere else!
Bir de Müslüman olsan süper olurdu naham dayı
ایرانی هستی
For scripting we should learn Python or Go?Which better? and how learn Scripting? Thank You for your helps@NahamSec
thx for video
nahamsec . I am working as security in UAE. but I am from India. I fed up with my job because it is very boring. now I started learning about cybersecurity. can I change my job to bug bounty. I want a job that i can work from home. security job is not very interesting . cybersecurity seems to me very interesting
Regexes
i think review owasp better thing for start learn hunting