Practical Bug Bounty

Taking the PJWT (the relevant cert for this course) tomorrow! Massively excited to put what I’ve learned to the test!

Erubius

TCM is recommended to anyone with little to no knowledge about cybersecurity in general. I’m preparing for OSCP and didn’t know where to start but tcm made is super easy.

samha

This free video covers a lot more topics than a course. I really appreciate what you guys are doing. I really like watching your videos. Love from India Sir.

jasperthetom

Thanks, guys. I bought the Pnpt and a 3 month membership mainly for this course, during the sale. Thought I'd be able to complete it too with PNPT. Kinda overestimated myself and am still working through PEH. 10th March my monthly subscription ends, and I don't think I can afford it anymore. Was really sad that this one will remain incomplete. At least now I know that even if my subscription ends, I can still cover some part of the curriculum because of this upload.😢

siddharthraychaudhuri

Currently doing the PNPT. Enjoying it. More so than the PEN-200

martinlastname

I"ve got a subscription to TCM Academy but I just wanted to show some love here. You guys are awesome. Thanks for all you do for the community

burd.

Best course for a bug bounty I have seen for now

زيادساميخلف

Thank you, Heath, for providing us with this amazing information, we all need to learn the Practical aspects of Bug Bounty especially for some of us that would like to earn some extra cash.

husseindhooma

Thank you, Heath, for providing us with this amazing information!

dhruvildesai

Can't believe this premium content available for free

bikramshiwakoti

Awesome, I'm doing this on the TCM website right now. :)

MFoster

Hey.... Dear,
Can I run this BugBounty-v1.1 LAB on my Windows OS...???

TravelWithMufaa

Awesome video guys, thanks. Ill be coming over to your website to take some training soon.

Resh

Question - what makes an "automated tool"? Wouldn't brute forcing count as an automated tool? Great video by the way, thanks.

PandaXpress

im really weak in web apps compared to network, this is incredibly helpful. Thank you. Is the TCM course for practical bug bounty more in depth than this youtube video?

szicario

If anyone else ran into an error when setting up the lab stating "'172.20.0.4' is not allowed to connect to this MySQL server in /var/www/html/db.php". I was able to resolve this by removing the volumes for the mysql container, bb-db, in the compose file

andrewthurstenson

Using curl on APIs in room 5 returns generic error, regardless if I copy the command from the room or try with credentials from tutorial (those creds are not visible to me).
{"status":"error", "message":"Required fields missing"}
Tried resetting the lab and db with init.php still nothing. Time stamp: 4:12:28

Edit: For anyone that has this problem, json username and password fields were missing double quotes

mihajlofrancic

I have a doubt. IF the scope says that automation tools are not allowed, is this related only for vuln scanners or to all other tools, like directory/asset discovery. Tools like ffuf, gobuster, etc.

soanzin

Thanks always for the free content. Can we get the Detection engineering for beginners course content please? Thank you!

ibtesamRicky

@16:40 I thought the dog snoring in the background was mine.

meh.