Solving all Web CTF tasks from NahamCon

  Рет қаралды 12,628

Bug Bounty Reports Explained

Bug Bounty Reports Explained

Күн бұрын

📧 Subscribe to BBRE Premium: bbre.dev/premium
✉️ Sign up for the mailing list: bbre.dev/nl
💻 The code with POCs: bbre.dev/nahamconctfcode
📣 Follow me on twitter: bbre.dev/tw
In this video, I will solve all the challenges from the NahamCon CTF by ‪@NahamSec‬ .
The challenges were:
00:00 Jurassic Park (easy, 1667 solves, by artemis19)
02:43 EXtravagant (easy, 1056 solves, by NightWolf)
09:55 Personnel (easy, 684 solves, by ‪@_JohnHammond‬ )
17:26 Flaskmetal Alchemist (medium, 260 solves, by artemis19)
33:29 Hacker Ts (hard, 127 solves, by congon4tor)
39:55 Two For One (hard, 76 solves, by congon4tor)
50:33 Poller (hard, 36 solves, by congon4tor)
01:02:34 Deafcon (hard, 45 solves, by congon4tor)
🖥 Get $100 in credits for Digital Ocean: bbre.dev/do

Пікірлер: 24
@_JohnHammond
@_JohnHammond 2 жыл бұрын
Super cool to see this -- thank you so much for showcasing all these!! ♥
@BugBountyReportsExplained
@BugBountyReportsExplained 2 жыл бұрын
Thank you John for organising the awesome CTF!
@cyber-man
@cyber-man 2 жыл бұрын
I think this walkthrough is very underrated. As always, great job :)
@jpierce2l33t
@jpierce2l33t 2 жыл бұрын
Thanks so much for this Greg! I'm watching right now and learning a lot!
@BugBountyReportsExplained
@BugBountyReportsExplained 2 жыл бұрын
I'm glad it was helpful! I learned a lot myself
@jpierce2l33t
@jpierce2l33t 2 жыл бұрын
@@BugBountyReportsExplained all of your stuff is helpful my friend! Really appreciate all that you do. I've been learning a lot about penetration testing, Linux, network and application security, but I'm about to put my focus into web and bug bounty-style stuff. You've always been a great resource for that, and I thank you!
@BugBountyReportsExplained
@BugBountyReportsExplained 2 жыл бұрын
@@jpierce2l33t Thank you for that. I wish you all the best, web and bug bounty-style stuff is awesome!
@jpierce2l33t
@jpierce2l33t 2 жыл бұрын
@@BugBountyReportsExplained yes! Plus you can get paid if successful on bug bounty 🤣. Also API security is becoming a big thing
@mpaujan21
@mpaujan21 2 жыл бұрын
Great content! Very helpful for beginner 👍
@a.for.arun_
@a.for.arun_ 2 жыл бұрын
Thank you. Learned a lot
@mariesvps6072
@mariesvps6072 Жыл бұрын
Thanks for this!
@pj2490
@pj2490 2 жыл бұрын
That is really great and helpful.
@mrwancool8648
@mrwancool8648 2 жыл бұрын
i don't really like ctf's but this was very helpful
@sp3ct3r71
@sp3ct3r71 2 жыл бұрын
i kindly request you to prepare some bug bounty hunting beginnet level tutorials such as methodologies , tools etc.. your explanations are crystal clear😍❤🔥
@BugBountyReportsExplained
@BugBountyReportsExplained 2 жыл бұрын
thank you! Sign up for BBRE newsletter - I describe a lot of cool things there ;) bbre.dev/nl
@medhasni6432
@medhasni6432 2 жыл бұрын
hey brother can you help me please,i m new and i just submitted ahost header injection repport to a company that can redirect the victim to anyother website, but it ended up as n/a saying it requires mitm setup i ve watched many poc of that bug and it was accepted. any help please?
@BugBountyReportsExplained
@BugBountyReportsExplained 2 жыл бұрын
Host header injection is only exploitable if you can poison the cache with it, exploit password reset functionality, etc.
@_bergee_
@_bergee_ 2 жыл бұрын
How can you stay at the computer the whole day? My body sends me the signal after 3,4 hours I need to take a break.
@BugBountyReportsExplained
@BugBountyReportsExplained 2 жыл бұрын
Well, I usually make breaks every ~1 hour, sometimes 2 hours. But CTFs are one of these things that can suck me in to stay longer in front of the screen. Here's how it looked for these two days: bucket.mlcdn.com/a/2951/2951926/images/d79b55ad585e11e121fd1cc2d11e15890010fb49.png bucket.mlcdn.com/a/2951/2951926/images/cbb81bdc748e663f5fa8f9a3d5545cd85573d8ac.png And yes, my body felt a bit off after
@_bergee_
@_bergee_ 2 жыл бұрын
@@BugBountyReportsExplained Yeah things you enjoy can suck you for a long time. In my twenties I remember doing all day long runs with "Smashing the stack for fun and profit", trying to learn buffer overflows, format strings etc
@crusader_
@crusader_ 2 жыл бұрын
Please make the fonts on everything bigger next time. Really hard to watch on phone
@BugBountyReportsExplained
@BugBountyReportsExplained 2 жыл бұрын
I'll see what I can do but it was already about 150%
@crusader_
@crusader_ 2 жыл бұрын
@@BugBountyReportsExplained make sure to enlarge the burp font
@umitdogan9718
@umitdogan9718 Жыл бұрын
Worse
Login Form | HTML CSS
1:00
Learning Axis
Рет қаралды 476 М.
Always be more smart #shorts
00:32
Jin and Hattie
Рет қаралды 29 МЛН
small vs big hoop #tiktok
00:12
Анастасия Тарасова
Рет қаралды 16 МЛН
Получилось у Вики?😂 #хабибка
00:14
ХАБИБ
Рет қаралды 5 МЛН
Универ. 10 лет спустя - ВСЕ СЕРИИ ПОДРЯД
9:04:59
Комедии 2023
Рет қаралды 2,6 МЛН
AmazingCryptoWAF - @LiveOverflow's CTF challenge walkthrough - ALLES! CTF
14:12
Bug Bounty Reports Explained
Рет қаралды 8 М.
2015 HITCON CTF FINAL Sidelight.
3:37
PR HITCON
Рет қаралды 13 М.
Do CTFs prepare you to be hacker?
1:31
noobs // a NetworkChuck Podcast
Рет қаралды 28 М.
$203,000 bounties for 4 bugs in Azure Health Bot - 2x RCE, path traversal, memory leak
10:16
Nix flakes explained
7:22
Vimjoyer
Рет қаралды 64 М.
Learn CSS Animations In 20 Minutes - For Beginners
21:22
Slaying The Dragon
Рет қаралды 965 М.
Iphone or nokia
0:15
rishton vines😇
Рет қаралды 1,8 МЛН
WWDC 2024 Recap: Is Apple Intelligence Legit?
18:23
Marques Brownlee
Рет қаралды 6 МЛН
How To Unlock Your iphone With Your Voice
0:34
요루퐁 yorupong
Рет қаралды 26 МЛН
Мечта Каждого Геймера
0:59
ЖЕЛЕЗНЫЙ КОРОЛЬ
Рет қаралды 1,7 МЛН
ПОКУПКА ТЕЛЕФОНА С АВИТО?🤭
1:00
Корнеич
Рет қаралды 3,1 МЛН
APPLE совершила РЕВОЛЮЦИЮ!
0:39
ÉЖИ АКСЁНОВ
Рет қаралды 3,6 МЛН