Solving all Web CTF tasks from NahamCon

  Рет қаралды 12,576

Bug Bounty Reports Explained

Bug Bounty Reports Explained

Күн бұрын

📧 Subscribe to BBRE Premium: bbre.dev/premium
✉️ Sign up for the mailing list: bbre.dev/nl
💻 The code with POCs: bbre.dev/nahamconctfcode
📣 Follow me on twitter: bbre.dev/tw
In this video, I will solve all the challenges from the NahamCon CTF by ‪@NahamSec‬ .
The challenges were:
00:00 Jurassic Park (easy, 1667 solves, by artemis19)
02:43 EXtravagant (easy, 1056 solves, by NightWolf)
09:55 Personnel (easy, 684 solves, by ‪@_JohnHammond‬ )
17:26 Flaskmetal Alchemist (medium, 260 solves, by artemis19)
33:29 Hacker Ts (hard, 127 solves, by congon4tor)
39:55 Two For One (hard, 76 solves, by congon4tor)
50:33 Poller (hard, 36 solves, by congon4tor)
01:02:34 Deafcon (hard, 45 solves, by congon4tor)
🖥 Get $100 in credits for Digital Ocean: bbre.dev/do

Пікірлер: 24
@_JohnHammond
@_JohnHammond 2 жыл бұрын
Super cool to see this -- thank you so much for showcasing all these!! ♥
@BugBountyReportsExplained
@BugBountyReportsExplained 2 жыл бұрын
Thank you John for organising the awesome CTF!
@cyber-man
@cyber-man 2 жыл бұрын
I think this walkthrough is very underrated. As always, great job :)
@jpierce2l33t
@jpierce2l33t 2 жыл бұрын
Thanks so much for this Greg! I'm watching right now and learning a lot!
@BugBountyReportsExplained
@BugBountyReportsExplained 2 жыл бұрын
I'm glad it was helpful! I learned a lot myself
@jpierce2l33t
@jpierce2l33t 2 жыл бұрын
@@BugBountyReportsExplained all of your stuff is helpful my friend! Really appreciate all that you do. I've been learning a lot about penetration testing, Linux, network and application security, but I'm about to put my focus into web and bug bounty-style stuff. You've always been a great resource for that, and I thank you!
@BugBountyReportsExplained
@BugBountyReportsExplained 2 жыл бұрын
@@jpierce2l33t Thank you for that. I wish you all the best, web and bug bounty-style stuff is awesome!
@jpierce2l33t
@jpierce2l33t 2 жыл бұрын
@@BugBountyReportsExplained yes! Plus you can get paid if successful on bug bounty 🤣. Also API security is becoming a big thing
@mpaujan21
@mpaujan21 2 жыл бұрын
Great content! Very helpful for beginner 👍
@a.for.arun_
@a.for.arun_ 2 жыл бұрын
Thank you. Learned a lot
@pj2490
@pj2490 2 жыл бұрын
That is really great and helpful.
@mariesvps6072
@mariesvps6072 Жыл бұрын
Thanks for this!
@mrwancool8648
@mrwancool8648 2 жыл бұрын
i don't really like ctf's but this was very helpful
@sp3ct3r71
@sp3ct3r71 2 жыл бұрын
i kindly request you to prepare some bug bounty hunting beginnet level tutorials such as methodologies , tools etc.. your explanations are crystal clear😍❤🔥
@BugBountyReportsExplained
@BugBountyReportsExplained 2 жыл бұрын
thank you! Sign up for BBRE newsletter - I describe a lot of cool things there ;) bbre.dev/nl
@medhasni6432
@medhasni6432 2 жыл бұрын
hey brother can you help me please,i m new and i just submitted ahost header injection repport to a company that can redirect the victim to anyother website, but it ended up as n/a saying it requires mitm setup i ve watched many poc of that bug and it was accepted. any help please?
@BugBountyReportsExplained
@BugBountyReportsExplained 2 жыл бұрын
Host header injection is only exploitable if you can poison the cache with it, exploit password reset functionality, etc.
@_bergee_
@_bergee_ 2 жыл бұрын
How can you stay at the computer the whole day? My body sends me the signal after 3,4 hours I need to take a break.
@BugBountyReportsExplained
@BugBountyReportsExplained 2 жыл бұрын
Well, I usually make breaks every ~1 hour, sometimes 2 hours. But CTFs are one of these things that can suck me in to stay longer in front of the screen. Here's how it looked for these two days: bucket.mlcdn.com/a/2951/2951926/images/d79b55ad585e11e121fd1cc2d11e15890010fb49.png bucket.mlcdn.com/a/2951/2951926/images/cbb81bdc748e663f5fa8f9a3d5545cd85573d8ac.png And yes, my body felt a bit off after
@_bergee_
@_bergee_ 2 жыл бұрын
@@BugBountyReportsExplained Yeah things you enjoy can suck you for a long time. In my twenties I remember doing all day long runs with "Smashing the stack for fun and profit", trying to learn buffer overflows, format strings etc
@crusader_
@crusader_ 2 жыл бұрын
Please make the fonts on everything bigger next time. Really hard to watch on phone
@BugBountyReportsExplained
@BugBountyReportsExplained 2 жыл бұрын
I'll see what I can do but it was already about 150%
@crusader_
@crusader_ 2 жыл бұрын
@@BugBountyReportsExplained make sure to enlarge the burp font
@umitdogan9718
@umitdogan9718 Жыл бұрын
Worse
AmazingCryptoWAF - @LiveOverflow's CTF challenge walkthrough - ALLES! CTF
14:12
Bug Bounty Reports Explained
Рет қаралды 8 М.
NahamCon CTF 2023: Web Challenge Walkthroughs
26:09
CryptoCat
Рет қаралды 11 М.
Each found a feeling.#Short #Officer Rabbit #angel
00:17
兔子警官
Рет қаралды 7 МЛН
ТАМАЕВ vs ВЕНГАЛБИ. Самая Быстрая BMW M5 vs CLS 63
1:15:39
Асхаб Тамаев
Рет қаралды 3,8 МЛН
Универ. 10 лет спустя - ВСЕ СЕРИИ ПОДРЯД
9:04:59
Комедии 2023
Рет қаралды 963 М.
Is it Cake or Fake ? 🍰
00:53
A4
Рет қаралды 17 МЛН
Rust's Alien Data Types 👽 Box, Rc, Arc
11:54
Code to the Moon
Рет қаралды 134 М.
Build this JS calculator in 15 minutes! 🖩
15:20
Bro Code
Рет қаралды 375 М.
2023 WebApp Pentesting/Hacking Roadmap // How To Bug Bounty
9:58
Google CTF Finals 2019!
11:03
LiveOverflow
Рет қаралды 337 М.
$203,000 bounties for 4 bugs in Azure Health Bot - 2x RCE, path traversal, memory leak
10:16
Learn CSS BOX MODEL - With Real World Examples
17:45
Slaying The Dragon
Рет қаралды 87 М.
NahamCon CTF 2022: Web Challenge Walkthroughs
42:46
CryptoCat
Рет қаралды 8 М.
Search Across Web Elements (PicoCTF #22 'search-source')
8:25
John Hammond
Рет қаралды 14 М.
Start Hacking with the HEARTBLEED vulnerability: NahamCon CTF
14:48
Modding Plugins back into Xcode
26:56
Bryce Bostwick
Рет қаралды 3,2 М.
Iphone or nokia
0:15
rishton vines😇
Рет қаралды 1,7 МЛН
Купил этот ваш VR.
37:21
Ремонтяш
Рет қаралды 207 М.
Как работает автопилот на Lixiang L9 Max
0:34
Семен Ефимов
Рет қаралды 13 М.
APPLE совершила РЕВОЛЮЦИЮ!
0:39
ÉЖИ АКСЁНОВ
Рет қаралды 664 М.
Где раздвижные смартфоны ?
0:49
Не шарю!
Рет қаралды 925 М.
TOP-18 ФИШЕК iOS 18
17:09
Wylsacom
Рет қаралды 683 М.
Мечта Каждого Геймера
0:59
ЖЕЛЕЗНЫЙ КОРОЛЬ
Рет қаралды 1,3 МЛН