Want to hack companies like PayPal and TikTok? What about the Department of Defense? Lots of companies that you can hack legally - and get paid doing it! This is a practical guide on how to get started hacking today.

// MENU //

00:00 ▶️ Introduction

00:17 ▶️ Who is Nahamsec?

01:18 ▶️ Different Bug Bounty Platforms

01:40 ▶️ Why Nahamsec Prefers These Platforms

02:34 ▶️ Intigriti Quick Overview

02:58 ▶️ Bugcrowd Quick Overview

03:25 ▶️ Hackerone Quick Overview

04:01 ▶️ What is Bug Bounty?

04:57 ▶️ Non-Monetary Rewards: Nahamsec's Red Bull Hack

05:57 ▶️ The Lyft, Snapchat and Undisclosed Travel Company Hack

07:02 ▶️ Interface Walkthrough

08:45 ▶️ Scope

10:18 ▶️ Top Hacker Profiles on Bug Bounty Programmes

11:04 ▶️ Profile Hacktivity Feed

13:54 ▶️ Using the site wide hacktivity feed to learn from previous bug bounties

15:31 ▶️ Getting Started: hacker101

17:24 ▶️ Getting Started: hackerone

20:58 ▶️ Submitting/Writing a Report

29:23 ▶️ Report Terminology

31:06 ▶️ How to Find a Company's Websites

33:05 ▶️ Nahamsec's Approach: Certificate Transparency

36:30 ▶️ Why NahamSec Prefers Dev Sites

38:05 ▶️ How to Find a Website's SSL Certificate

41:21 ▶️ Targeting a Company' Main Website vs Targeting Subdomains

42:25 ▶️ Researching a Company's Assets

43:43 ▶️ If You're New to the Bug Bounty Thing

47:40 ▶️ Ways to Learn

49:18 ▶️ Books to Help You Get Started Hacking

53:49 ▶️ Online Resources to Help You Get Started

55:28 ▶️ Final Advice

// Connect with David //

Discord: https://discord.com/invite/usKSyzb

Twitter: https://www.twitter.com/davidbombal

Instagram: https://www.instagram.com/davidbombal

LinkedIn: https://www.linkedin.com/in/davidbombal

Facebook: https://www.facebook.com/davidbombal.co

TikTok: http://tiktok.com/@davidbombal

YouTube: https://www.youtube.com/davidbombal

// Connect with Nahamsec //

Twitter: https://twitter.com/nahamsec

YouTube: https://www.youtube.com/c/nahamsec

Github: https://github.com/nahamsec/Resources-for-Beginner-Bug-Bounty-Hunters

Discord: https://discord.com/invite/ysndAm8

Instagram: https://www.instagram.com/nahamsec/

LinkedIn: https://www.linkedin.com/in/nahamsec/

Twitch: https://www.twitch.tv/nahamsec

Website: https://nahamsec.com/

// Nahamsec's Udemy Course//

Udemy: https://www.udemy.com/course/intro-to-bug-bounty-by-nahamsec/

// Sites //

Hackerone: https://www.hackerone.com/

Bugcrowd: https://bugcrowd.com/programs

Intigriti: https://www.intigriti.com/

// Book's recommended //

Bug Bounty Bootcamp: https://amzn.to/3K2YDeJ

Real-World Bug Hunting: https://amzn.to/3wTF9FN

Android Hacker's Handbook: https://amzn.to/3uMc509

The Web Application Hacker's Handbook: https://amzn.to/3IZ2RTr

Black Hat Python: https://amzn.to/3JYIZAV

Black Hat Python (2nd edition): https://amzn.to/379WcIV

// Creator's mentioned //

Nahamsec: https://www.youtube.com/c/Nahamsec

STÖK: https://www.youtube.com/c/STOKfredrik

LiveOverflow: https://www.youtube.com/c/LiveOverflow

Farah Hawa: https://www.youtube.com/c/FarahHawa

InsiderPhD: https://www.youtube.com/c/InsiderPhD

The Cyber Mentor: https://www.youtube.com/c/TheCyberMentor

// MY STUFF //

Monitor: https://amzn.to/3yyF74Y

More stuff: https://www.amazon.com/shop/davidbombal

// SPONSORS //

Interested in sponsoring my videos? Reach out to my team here: [email protected]

bug bounty

bugbounty

hackerone

hacking

Ben Sadeghipour

NahamSec

nahamsec

cyber

security

bug bounties

ethical hacking

bug bounty hunting

burp suite

ethical hacker

pentest certificate

red teaming

bug bounty tips

bug bounty for beginners

bug bounty course

pentest basics

bugcrowd

bugbounty

hack

bugs

hackerone

bugcrowd

Intigriti

Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel!

#buybounty #hacking #hack