This is my coolest bug bounty report (SSRF ➡ Phishing)

Рет қаралды 8,309

Күн бұрын

Пікірлер: 24

@BugBountyReportsExplained 2 жыл бұрын

Hi! In a few days, the price of BBRE Premium goes up but if you subscribe, you will lock in the current price forever! Go to bbre.dev/premium

@francisdonald4298 2 жыл бұрын

Hey bro can learn web development make someone a better hacker

@francisdonald4298 2 жыл бұрын

???

@BugBountyReportsExplained 2 жыл бұрын

yes

@axelvirtus2514 2 жыл бұрын

@@francisdonald4298 ye its more easy for developers to find bugs,have a friend working dev in java,he found great bugs in programs thats use java.

@francisdonald4298 2 жыл бұрын

@@axelvirtus2514 i appreciate thanks bro

@J0R1AN 2 жыл бұрын

I think the reason cool and creative bugs often don't have a big impact, is that you found a way to do something weird on the site, but you're searching for a way to barely exploit it. That requires some really creative thinking to find a cool bug. When you just find a CVE with some big impact on a site, you're not thinking very creatively and just want to report it as soon as possible

@dhyeychoksi5178 2 жыл бұрын

Cool find!

@terabaap1719 2 жыл бұрын

love your content brother❤

@polonia66 2 жыл бұрын

Well done! Thanks for video

@sazukegu 2 жыл бұрын

Cool find! You feel any difference in "difficulty" when comparing public an private programs? Also, im still waiting for the next 100 hour video!

@BugBountyReportsExplained 2 жыл бұрын

Well, counterintuitively, the bugs I am finding on this program are more complex and harder to exploit that bugs that I was finding on public ones. I am also waiting for the next 100 hour video from Elastic but I am starting to think that before I get the disclosure there, I will finish the 50 hours on this private program and since I won't have to wait for disclosures here, I may publish this bounty vlog earlier.

@aryzen2781 Жыл бұрын

how did you learn web app security.

@terabaap1719 2 жыл бұрын

❤❤❤

@farah13384 2 жыл бұрын

Hello, I need you and your help with my revenge plan, and I can explain to you why I want revenge and with the right evidence, can you help me?

@BugBountyReportsExplained 2 жыл бұрын

@raihanhossain3423 2 жыл бұрын

How can we bypass the BBRE PREMIUM ? he he he

@BugBountyReportsExplained 2 жыл бұрын

Actually, one guy did, accidentally, and he has the free subscription now

@raihanhossain3423 2 жыл бұрын

wow, that's great. I should try then 😀

@utensilapparatus8692 2 жыл бұрын

3:30 : ! 7:47 : !*!

@CristiVladZ 2 жыл бұрын

I think you're wasting away your genius thinking with these bug bounties. You can probably score much more in traditional pentesting with your skills, and way less friction.

@BugBountyReportsExplained 2 жыл бұрын

I will consider this option but after a few years.

@SUMMedia 2 жыл бұрын

@Cristi Vlad I'm just curious to know more about that. What does the traditional pentesting mean? Is it like freelance pentesting service more like bug bounty hunting? Or, Is it joining a company as a pentester?