Finding Your First Bug: Goal Setting / Remote Code Execution (RCE)

Показать описание

Hi everyone, welcome to this video in the "Finding Your First Bug" in this series I'm going to go over some good first bugs: explain what they are, how to find them, show some examples of real bugs in the wild that paid out and finally do a practical example with Burp on a real target.

In this video I trick you all with a bait and switch, this video claims to be about RCEs but actually covers goal setting, motivation, and learning. A lot of people thought I was serious when I uploaded an image on Twitter about this video, so I decided to make it. Instead of talking about RCEs I wanted to talk instead about having realistic goals. In this video, I discuss SMART goals, GROW action plans, imposter syndrome, and illusionary superiority, before finally ending with introspection, improvement, the skills a bug bounty hunter needs.

I hope you find this useful and helpful to your career growth

Рекомендации по теме

Комментарии

Absolutely love Katie's tutorials since they also cover soft skills for progressive improvement.

stackoverflow

When I decided to watch the video I didn't even knew what RCE was. I was in the mood for a technical video even though RCE was not on my bug list to study. I was disappointed for a split second but the video made me decide to reset my goals and got me knowledge for other points as well. great video! Don't be sad about the clickbait, sometimes what a person wants it's not what they need at a given time.

nunotomas

It was no real clickbait in my opinion, i was like "lets start with a RCE" too, i changed my mind at thats pretty important, thank u!

Timm

I can't explain how much I relate to this video, before exactly a year my goal was to find an RCE, I started as a complete beginner in the sec field, and here I am today full of frustration, tho I really learend a lot this year about RCEs and low level stuff, but it sucks not to meet your goals.

Thank you for making me re think about my goals, this really helps in keep a good mental health.

Keep it up, cheers.

nullnull

What a great video! I am watching the "finding your first bug" series and almost skipped this one. I don't know why but I thought RCEs somehow didn't fit at this stage. But man am I glad that I did not skip it. I took so much from this video. Great job! I love your way of teaching. Thank you and please keep up the great work!

svenc

Not gonna lie. Came for RCE. Left with so much more.

conintava

Great video actually wanted to do a big rce until I finally researched but I still want to just will take more time like you are saying

Great video and also very good lessons on Bug Crowd University :)

MentalMarathon_

You are the best person in the bug hunting community keep up the good work :))

televizyoncum

Excellent video ! made me laugh although i had a feeling this is where it was going - only way to gain technical bugs is through hard work / study

PTD

Never under estimate ppls abilities, some one can find an RCE more quicker then some one doing it for years

TaiKibris

Great subject matter. You are doing a fantastic service for the community. Thank you and good luck for 2020

johndecosta

thanks so much for the useful content!

modmah

sis can you plz tell me what are wayback urls and why they are important

goooooo

Lol I was so suppicious abt this video, I knew it

lilpp

Awesome work ❤❤
Btw did you found any rce on BB program??

oxovi

the very first time I am happy to be...hoodwinked :)

ggmaxx

A good video for beginners before new year. Good advice!

manojnirmal

My first bug was RCE it's not impossible it's just super rare to happen

ahmedezzat

I found a SSTI vuln using ERB template and succeeded spawning shell using tplmap --os-shell. However, I have no idea how I can use system() function or other command injection to get shell with out using tplmap. I tried having reverse shell using nc but failed. Any suggestions?

seunghwanyoon

i had a goal of getting my first bug and i found 3 (1 XSS, 1 IDOR, 1 logic) bugs now i have a goal before moving to next bug type i wanna get my first bounty for that i have been looking at a target for 4 days and found nothing, should i move to other program or stay in this ?

xx

Finding Your First Bug: Goal Setting / Remote Code Execution (RCE)

Finding Your First Bug

How I Found My First Bug (now you can too)

Finding Your First Bug: Goal Setting / Remote Code Execution (RCE)

Finding Your First Bug: Goal Setting and Motivation

Finding Your First Bug By U̸͓͋ṅ̸̞c̵̗̐l̴̹͗ȅ̴͉ ̷̳͌R̸̩͒a̸̺̕t̴̖͒ @InsiderPhD ​...

How to Find Your First Bug

Finding Your First Bug: Manual IDOR Hunting

Finding Your First Bug: Getting Started on a Target (Part 1)

Digital Marketing For Beginners - How to start earning online with zero experience

How I made 200$ in 2 Minutes on Hackerone - Zomato Bug Bounty Program - POC

Finding Your First Bug: Finding Bugs Using APIs

Finding your First Bug and Getting a Bounty - Personal Story by @InsiderPhD

If I Started Bug Bounty Hunting in 2024, I'd Do this

Finding Your First Bug: Impact and Report Writing

Finding Your First Bug: Business Logic Errors

$200 Bounty for REFLECTED XSS Vulnerability | BUG BOUNTY

How To Learn Bug Bounty Hunting - a Full Guide (2024)

$0 👉🏼 $1,000/Month With Bug Bounties

Finding Your First Bug: Cross Site Scripting (XSS)

Live Hacking Tutorial: How to Think Like a Bug Bounty Hunter

Finding Your First Bug: Reading JSON and XML for Information Disclosure

Your first Steps in Bug Bounty Hunting - The Fast Way

$360 bug bounty | account takeover through reset password | hackerone bug bounty poc | most easy one

How much money I made in my 1st year of bug bounty? Bounty vlog #4

Finding Your First Bug By U̸͓͋ṅ̸̞c̵̗̐l̴̹͗ȅ̴͉ ̷̳͌R̸̩͒a̸̺̕t̴̖͒ @InsiderPhD ...