It's interesting to watch a bug bounty hunter's thought process when performing initial sitemapping/recon and then exploring common injection points. Thanks for the video!

Yup… seeing someone taking notes before doing the “hacking” stuff I know they are knowledgeable and good things are going to happen. Subscribed!

Awesome video! It's incredibly beneficial for beginners like us. Thanks a lot!

You are gem for me..I learned a lot of burp suite using techniques from you.Thank you❤

Please don't stop doing this stuff! They're gold!

Love this stream 😊

Underrated stream

Thanks for the content!

I love you sir you are making our minds to open on a level of urs ❤❤❤

how to choose the right subdomain after reconnaissance to start testing correctly? I often receive hundreds of subdomains and do visual reconnaissance, but often I don’t understand where to start. It would be very interesting to see a video on this topic, since many hunters miss this in their creativity on KZfaq

Thank you for keeping your words :)

Superb Cool

great source Thanks

love u man

24:35 - 3 approaches 30:24 - insertion points

Ty

Make a video for a beginners like in which bug do we must focus on and your methodologies and show us the first bug you search for in a web app pls

Any ideas on how to escalate CSS injection on a site where script tags and all event handlers are blocked by WAF?

I see xss-protection:1 And amazon cloudfront How do you deal with thes ? Spesialy the second one because will block every single payload injectiin

Do you pay for proton vpn premium? I wonder if I need that instead

what are your laptop specs?

Please create KZfaq video content for learning from beginners to advanced levels.

why the hell you don't use chrome that will help in language translation on that page itself

Hi R-s0n, If you could provide the timestamp in your KZfaq video, it would be great, bcoz if often come back again and search for a particular piece. If you can would be much appreciated.

Sorry how can I join your discord server 😞

Bro come backkkkkkkkkkkkkkkkk

2nd,runner up

thanks sir

2nd

Seems being a security professional means using built-in software to find vulnerabilities. I didn't thought that way, i used to thought security professionals were so good at coding. But seems most of them are totally garbage at that(i don't mean you), so i left pursuing it and went to software engineering. I would rather to develop burp suite itself, rather than doing bug hunting using it.

1st

Thank you , I love you