"How to Get Started with Bug Bounty" - Resource Lists & Advice
Merry Christmas everyone! ⛄⛄⛄⛄ (Or happy holidays!)
This is my gift for you the ultimate getting started guide for bug bounties / ethical hacking / cybersecurity. In this video, I go through a ton of resources including books, courses, videos, podcasts, conferences, and give out some study guides for people who wanna get into bug bounties but they have no hacking experience, no experience in tech, some security experience but not in bug bounties. I hope you find this super useful, it's PACKED full of information, almost an hour of stuff to check out!
Got questions? I have answers come follow me on twitter @insiderphd https://twitter.com/InsiderPhD
Timestamps
0:00 - Intro and preamble
5:13 - The Ultimate Bug Bounty Learning Pipeline
12:09 - Resources
37:15 - Study Plans/Guides
49:09 - Continuing Education beginner and beyond!
Links
- OWASP
-- OWASP top 10: https://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project
-- Bug Class Information: https://www.owasp.org/index.php/Cross-site_Scripting_(XSS)
-- XSS filter bypasses: https://www.owasp.org/index.php/XSS_Filter_Evasion_Cheat_Sheet
- CTFs
-- Hacker101: https://ctf.hacker101.com/
-- Damn Vulnerable Web Application: http://www.dvwa.co.uk/
-- Juice Shop: https://www.owasp.org/index.php/OWASP_Juice_Shop_Project
- Courses
-- The Cyber Mentor - Network Pentesting: https://www.youtube.com/watch?v=WnN6dbos5u8
-- PentesterLab: https://pentesterlab.com/
-- Web Security Academy: https://portswigger.net/web-security
- Videos
-- STOK: https://www.youtube.com/channel/UCQN2DsjnYH60SFBIA6IkNwg
-- The Cyber Mentor: https://www.youtube.com/channel/UC0ArlFuFYMpEewyRBzdLHiw
- Tools
-- Portswigger Knowledgebase: https://support.portswigger.net/customer/portal/articles/1816883-getting-started-with-burp-suite
-- Recon notes: https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/Methodology%20and%20Resources
- Conferences
-- DEFCON: https://www.youtube.com/user/DEFCONConference
-- BSides (I picked Manchester): https://www.youtube.com/channel/UC1mLiimOTqZFK98VwM8Ke4w
-- BlackHat: https://www.youtube.com/user/BlackHatOfficialYT
- Podcasts
-- The Bug Bounty Podcast: https://open.spotify.com/show/3yTTlfXH1avrI3FsXZyCpv
-- Darknet Diaries: https://darknetdiaries.com/
-- Security Now: https://www.grc.com/securitynow.htm
-- Risky Business: https://risky.biz/
-- Planet Money: The Price Of A Hack: https://www.npr.org/sections/money/2019/01/04/682327333/episode-886-the-price-of-a-hack
- Books
-- Web Hacking 101 (free from HackerOne): https://www.hackerone.com/blog/Hack-Learn-Earn-with-a-Free-E-Book
-- OWASP Testing Guide: https://www.owasp.org/index.php/OWASP_Testing_Project
-- Bug Bounty Cheat sheet Books: https://github.com/EdOverflow/bugbounty-cheatsheet/blob/master/cheatsheets/books.md
- Certificates
-- Offensive Security Certified Professional: https://www.offensive-security.com/pwk-oscp/
- Write Ups & Disclosure
-- @disclosedh1: https://twitter.com/disclosedh1
-- HackerOne Hacktivity: https://hackerone.com/hacktivity
- Aggregators/Newsletters
-- Pentester Land: https://pentester.land/ Pentester Land
Видео "How to Get Started with Bug Bounty" - Resource Lists & Advice канала InsiderPhD
This is my gift for you the ultimate getting started guide for bug bounties / ethical hacking / cybersecurity. In this video, I go through a ton of resources including books, courses, videos, podcasts, conferences, and give out some study guides for people who wanna get into bug bounties but they have no hacking experience, no experience in tech, some security experience but not in bug bounties. I hope you find this super useful, it's PACKED full of information, almost an hour of stuff to check out!
Got questions? I have answers come follow me on twitter @insiderphd https://twitter.com/InsiderPhD
Timestamps
0:00 - Intro and preamble
5:13 - The Ultimate Bug Bounty Learning Pipeline
12:09 - Resources
37:15 - Study Plans/Guides
49:09 - Continuing Education beginner and beyond!
Links
- OWASP
-- OWASP top 10: https://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project
-- Bug Class Information: https://www.owasp.org/index.php/Cross-site_Scripting_(XSS)
-- XSS filter bypasses: https://www.owasp.org/index.php/XSS_Filter_Evasion_Cheat_Sheet
- CTFs
-- Hacker101: https://ctf.hacker101.com/
-- Damn Vulnerable Web Application: http://www.dvwa.co.uk/
-- Juice Shop: https://www.owasp.org/index.php/OWASP_Juice_Shop_Project
- Courses
-- The Cyber Mentor - Network Pentesting: https://www.youtube.com/watch?v=WnN6dbos5u8
-- PentesterLab: https://pentesterlab.com/
-- Web Security Academy: https://portswigger.net/web-security
- Videos
-- STOK: https://www.youtube.com/channel/UCQN2DsjnYH60SFBIA6IkNwg
-- The Cyber Mentor: https://www.youtube.com/channel/UC0ArlFuFYMpEewyRBzdLHiw
- Tools
-- Portswigger Knowledgebase: https://support.portswigger.net/customer/portal/articles/1816883-getting-started-with-burp-suite
-- Recon notes: https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/Methodology%20and%20Resources
- Conferences
-- DEFCON: https://www.youtube.com/user/DEFCONConference
-- BSides (I picked Manchester): https://www.youtube.com/channel/UC1mLiimOTqZFK98VwM8Ke4w
-- BlackHat: https://www.youtube.com/user/BlackHatOfficialYT
- Podcasts
-- The Bug Bounty Podcast: https://open.spotify.com/show/3yTTlfXH1avrI3FsXZyCpv
-- Darknet Diaries: https://darknetdiaries.com/
-- Security Now: https://www.grc.com/securitynow.htm
-- Risky Business: https://risky.biz/
-- Planet Money: The Price Of A Hack: https://www.npr.org/sections/money/2019/01/04/682327333/episode-886-the-price-of-a-hack
- Books
-- Web Hacking 101 (free from HackerOne): https://www.hackerone.com/blog/Hack-Learn-Earn-with-a-Free-E-Book
-- OWASP Testing Guide: https://www.owasp.org/index.php/OWASP_Testing_Project
-- Bug Bounty Cheat sheet Books: https://github.com/EdOverflow/bugbounty-cheatsheet/blob/master/cheatsheets/books.md
- Certificates
-- Offensive Security Certified Professional: https://www.offensive-security.com/pwk-oscp/
- Write Ups & Disclosure
-- @disclosedh1: https://twitter.com/disclosedh1
-- HackerOne Hacktivity: https://hackerone.com/hacktivity
- Aggregators/Newsletters
-- Pentester Land: https://pentester.land/ Pentester Land
Видео "How to Get Started with Bug Bounty" - Resource Lists & Advice канала InsiderPhD
Показать
Комментарии отсутствуют
Информация о видео
Другие видео канала
What Can an Attacker Actually Do With a Bug Anyway?Katie Explains: Modern Web Development (GIVEAWAY)5 Bug Bounty Time InvestmentsBroken Object Level Authorisation / BOLA / IDORs explained #shorts #api #hackingDEFCON Safemode - What I Watched at DEFCONNote-Taking for Bug Bounty Hunters - How I Use Notion and How You Can TooE-commerce Flaws and $500-1000 BountiesThe truth about API hacking...Finding Your First API Bug (NahamCon 2023)How to Stop Learning and Start Hacking!Getting Organised: Making a //TODO listMy MethodologyFinding Your First Bug: Business Logic ErrorsNew OWASP API Top 10 for HackersGetting Organised: Finding More Time in the DayLow Competition Bug Hunting (What to Learn) - ft. #AndroidHackingMonthEasy IDOR hunting with Autorize? (GIVEAWAY)Why does DNS always break the internet?Hacking when all the bugs have been found?How to Use Bug Bounty to Help Your Career!