Would you like to inspect the original subtitles? These are the user uploaded subtitles that are being translated:
1
00:00:01,599 --> 00:00:06,560
hi my name is david
2
00:00:03,678 --> 00:00:07,199
welcome to my course keep hacking and
3
00:00:06,559 --> 00:00:10,960
making
4
00:00:07,200 --> 00:00:14,240
money at hacker one hacker one
5
00:00:10,960 --> 00:00:15,519
is your big opportunity whether you are
6
00:00:14,240 --> 00:00:18,480
a backhunter
7
00:00:15,519 --> 00:00:20,079
tickle hacker or penetration tester this
8
00:00:18,480 --> 00:00:22,399
is a place for you
9
00:00:20,079 --> 00:00:23,919
because you can go there and you can
10
00:00:22,399 --> 00:00:27,118
hang legally
11
00:00:23,920 --> 00:00:30,560
and at the same time you can make money
12
00:00:27,118 --> 00:00:34,079
which is just beautiful you can get
13
00:00:30,559 --> 00:00:36,640
different rewards for your hacking
14
00:00:34,079 --> 00:00:37,280
for example you can get one hundred
15
00:00:36,640 --> 00:00:39,840
dollars
16
00:00:37,280 --> 00:00:40,480
one thousand dollars or even ten
17
00:00:39,840 --> 00:00:44,160
thousand
18
00:00:40,479 --> 00:00:47,119
dollars per bug is just awesome
19
00:00:44,159 --> 00:00:47,679
what you need is an internet connection
20
00:00:47,119 --> 00:00:51,119
and
21
00:00:47,679 --> 00:00:54,799
knowledge you can hack many different
22
00:00:51,119 --> 00:00:58,000
companies that are clients of hacker one
23
00:00:54,799 --> 00:01:01,280
for example twitter yahoo uber
24
00:00:58,000 --> 00:01:04,478
coinbase and a lot more can you see that
25
00:01:01,280 --> 00:01:05,280
the biggest companies in the world are
26
00:01:04,478 --> 00:01:07,920
clients of
27
00:01:05,280 --> 00:01:10,239
hakuwan and now you can go there and you
28
00:01:07,920 --> 00:01:12,640
can hack them legally and make money
29
00:01:10,239 --> 00:01:13,839
it's like like a dream but it really
30
00:01:12,640 --> 00:01:16,239
works
31
00:01:13,840 --> 00:01:19,359
i will tell you even more even the
32
00:01:16,239 --> 00:01:22,560
united states department of defense
33
00:01:19,359 --> 00:01:25,519
is a client of hakuran so now
34
00:01:22,560 --> 00:01:26,240
even the government organizations are
35
00:01:25,519 --> 00:01:28,319
out there
36
00:01:26,239 --> 00:01:29,679
for you and you can hack them and you
37
00:01:28,319 --> 00:01:32,399
can do it legally
38
00:01:29,680 --> 00:01:33,600
it's just beautiful i am really excited
39
00:01:32,400 --> 00:01:35,680
about it
40
00:01:33,599 --> 00:01:37,839
now the question is what you can hack at
41
00:01:35,680 --> 00:01:38,799
hackerone well you can hack all the
42
00:01:37,840 --> 00:01:41,200
things
43
00:01:38,799 --> 00:01:42,640
you can hack web apps you can hack
44
00:01:41,200 --> 00:01:44,840
mobile apps
45
00:01:42,640 --> 00:01:46,640
desktop apps even network
46
00:01:44,840 --> 00:01:49,600
infrastructures
47
00:01:46,640 --> 00:01:50,960
it's amazing it depends on the program
48
00:01:49,599 --> 00:01:54,559
of course
49
00:01:50,959 --> 00:01:57,438
but you see a lot of different options
50
00:01:54,560 --> 00:01:58,320
in this course i will focus on the web
51
00:01:57,438 --> 00:02:01,039
apps because
52
00:01:58,319 --> 00:02:01,758
this is the most popular target at
53
00:02:01,040 --> 00:02:05,520
hackerone
54
00:02:01,759 --> 00:02:08,080
right virtually every single company
55
00:02:05,519 --> 00:02:09,038
has web application and web service that
56
00:02:08,080 --> 00:02:10,800
is in scope
57
00:02:09,038 --> 00:02:12,559
of their program so that you can go
58
00:02:10,800 --> 00:02:15,040
there you can hack
59
00:02:12,560 --> 00:02:16,318
and make money at the same time right
60
00:02:15,039 --> 00:02:18,639
that's what i'm gonna
61
00:02:16,318 --> 00:02:20,318
focus on web apps because they are the
62
00:02:18,639 --> 00:02:22,719
most popular target
63
00:02:20,318 --> 00:02:24,560
at hackerone but don't worry if you
64
00:02:22,719 --> 00:02:27,280
specialize in mobile apps
65
00:02:24,560 --> 00:02:28,719
desktop apps or for example network
66
00:02:27,280 --> 00:02:30,400
infrastructure hacking
67
00:02:28,719 --> 00:02:32,318
you can still find a lot of
68
00:02:30,400 --> 00:02:35,039
opportunities out there
69
00:02:32,318 --> 00:02:35,518
now the question is well you can say
70
00:02:35,039 --> 00:02:37,840
david
71
00:02:35,519 --> 00:02:39,120
it sounds really cool but how shall i
72
00:02:37,840 --> 00:02:41,840
start
73
00:02:39,120 --> 00:02:44,159
i already prepared a course start
74
00:02:41,840 --> 00:02:45,360
hacking and making money today at
75
00:02:44,159 --> 00:02:48,479
hackerone
76
00:02:45,360 --> 00:02:50,080
this is one of my previous courses and
77
00:02:48,479 --> 00:02:52,959
in this course
78
00:02:50,080 --> 00:02:53,440
i gave an introduction into the hacker
79
00:02:52,959 --> 00:02:56,800
one
80
00:02:53,439 --> 00:03:00,079
and i presented the list of five
81
00:02:56,800 --> 00:03:01,760
bugs that i recommend you to start with
82
00:03:00,080 --> 00:03:03,519
i just wanted to give you a kind of a
83
00:03:01,759 --> 00:03:06,560
starter the bugs that
84
00:03:03,519 --> 00:03:08,560
really work i am one of the top hackers
85
00:03:06,560 --> 00:03:11,840
at hackerone and i'm really fortunate
86
00:03:08,560 --> 00:03:14,479
to be on this list and i just wanted
87
00:03:11,840 --> 00:03:15,360
to share with you what works what kind
88
00:03:14,479 --> 00:03:18,399
of bugs
89
00:03:15,360 --> 00:03:19,200
i submitted for years as a starter and
90
00:03:18,400 --> 00:03:22,239
how i got
91
00:03:19,199 --> 00:03:22,719
different rewards now we have to realize
92
00:03:22,239 --> 00:03:25,439
that
93
00:03:22,719 --> 00:03:25,919
well we've got a lot more than five
94
00:03:25,439 --> 00:03:29,199
bucks
95
00:03:25,919 --> 00:03:32,158
right for a start that's why
96
00:03:29,199 --> 00:03:34,560
we need something extra we need more
97
00:03:32,158 --> 00:03:36,560
bugs because we want to double
98
00:03:34,560 --> 00:03:38,000
our rewards we want to double our
99
00:03:36,560 --> 00:03:42,080
payments right
100
00:03:38,000 --> 00:03:45,120
so now it's time for a follow-up course
101
00:03:42,080 --> 00:03:46,239
and this is exactly what this course is
102
00:03:45,120 --> 00:03:48,239
all about
103
00:03:46,239 --> 00:03:50,000
i'm going to give you more knowledge i'm
104
00:03:48,239 --> 00:03:53,039
going to give you more bugs
105
00:03:50,000 --> 00:03:53,598
because i want you to progress i want
106
00:03:53,039 --> 00:03:57,120
you to
107
00:03:53,598 --> 00:03:57,759
hack and make money so what i'm going to
108
00:03:57,120 --> 00:04:01,360
present
109
00:03:57,759 --> 00:04:04,399
is the next five bugs yeah
110
00:04:01,360 --> 00:04:07,840
more bugs for you so that you can be
111
00:04:04,400 --> 00:04:09,680
more and more successful and this course
112
00:04:07,840 --> 00:04:12,400
is gonna be technical
113
00:04:09,680 --> 00:04:13,438
and so i will dive into demos i love
114
00:04:12,400 --> 00:04:15,840
demos
115
00:04:13,438 --> 00:04:17,439
because in the demos you can see how
116
00:04:15,840 --> 00:04:19,439
things really work
117
00:04:17,439 --> 00:04:21,918
because i want you to reproduce all
118
00:04:19,439 --> 00:04:25,040
these bugs in your own pen testing
119
00:04:21,918 --> 00:04:27,198
in your own hacking right if you don't
120
00:04:25,040 --> 00:04:30,240
see this kind of hands-on stuff
121
00:04:27,199 --> 00:04:32,000
you cannot reproduce the steps so i will
122
00:04:30,240 --> 00:04:34,160
dive into the demos
123
00:04:32,000 --> 00:04:35,839
of course there will be some kind of
124
00:04:34,160 --> 00:04:36,479
overview at the beginning but then we
125
00:04:35,839 --> 00:04:39,279
will
126
00:04:36,478 --> 00:04:40,079
jump directly to the demos because i
127
00:04:39,279 --> 00:04:41,679
want you
128
00:04:40,079 --> 00:04:44,639
at the very end of this course to be
129
00:04:41,680 --> 00:04:47,840
able to find more and more bugs
130
00:04:44,639 --> 00:04:51,040
in your own hacking so let me now jump
131
00:04:47,839 --> 00:04:54,399
to the next five bugs
132
00:04:51,040 --> 00:04:55,680
the first one is related to login
133
00:04:54,399 --> 00:04:58,079
functionality
134
00:04:55,680 --> 00:04:59,759
i'm gonna show you how you can
135
00:04:58,079 --> 00:05:02,639
impersonate a user
136
00:04:59,759 --> 00:05:03,840
when there is a kind of problem in login
137
00:05:02,639 --> 00:05:06,000
functionality
138
00:05:03,839 --> 00:05:08,000
it's gonna be related to broken session
139
00:05:06,000 --> 00:05:08,560
management and i see this kind of
140
00:05:08,000 --> 00:05:10,560
problem
141
00:05:08,560 --> 00:05:11,680
quite often that's why i'm gonna present
142
00:05:10,560 --> 00:05:13,439
it to you because
143
00:05:11,680 --> 00:05:14,959
quite often you can get paid for this
144
00:05:13,439 --> 00:05:18,000
kind of problem
145
00:05:14,959 --> 00:05:21,279
next i'm gonna dive to something
146
00:05:18,000 --> 00:05:22,800
very different i'm gonna dive into the
147
00:05:21,279 --> 00:05:25,918
metadata
148
00:05:22,800 --> 00:05:28,478
black hunters very rarely look
149
00:05:25,918 --> 00:05:30,079
into the metadata but this is an
150
00:05:28,478 --> 00:05:32,478
opportunity for you
151
00:05:30,079 --> 00:05:33,279
you can find a lot of sensitive
152
00:05:32,478 --> 00:05:35,439
information
153
00:05:33,279 --> 00:05:36,719
in metadata metadata is something that
154
00:05:35,439 --> 00:05:38,879
you don't see
155
00:05:36,720 --> 00:05:40,479
but it is out there and it can contain
156
00:05:38,879 --> 00:05:42,159
some sensitive information right
157
00:05:40,478 --> 00:05:43,918
this is how it works i'm gonna show you
158
00:05:42,160 --> 00:05:44,880
step by step how you can extract this
159
00:05:43,918 --> 00:05:47,038
metadata
160
00:05:44,879 --> 00:05:49,360
and learn if there is any kind of
161
00:05:47,038 --> 00:05:52,879
information disclosure
162
00:05:49,360 --> 00:05:54,160
after that i will discuss this closure
163
00:05:52,879 --> 00:05:57,439
of credentials
164
00:05:54,160 --> 00:05:59,840
and i'm gonna show you how you can find
165
00:05:57,439 --> 00:06:00,959
the disclosure of credentials in a web
166
00:05:59,839 --> 00:06:03,519
application
167
00:06:00,959 --> 00:06:04,478
so you will be playing with https
168
00:06:03,519 --> 00:06:06,478
enforcement
169
00:06:04,478 --> 00:06:08,560
and you will see how it works if there
170
00:06:06,478 --> 00:06:09,839
is any kind of problem in the web app or
171
00:06:08,560 --> 00:06:12,879
not
172
00:06:09,839 --> 00:06:16,079
after that i will discuss
173
00:06:12,879 --> 00:06:18,240
insecure password change password change
174
00:06:16,079 --> 00:06:19,439
obviously is very sensitive
175
00:06:18,240 --> 00:06:21,918
functionality
176
00:06:19,439 --> 00:06:23,360
and we want everything to be implemented
177
00:06:21,918 --> 00:06:25,918
securely out there
178
00:06:23,360 --> 00:06:26,720
but in reality there are different
179
00:06:25,918 --> 00:06:29,120
problems
180
00:06:26,720 --> 00:06:30,160
and i'm gonna show you one interesting
181
00:06:29,120 --> 00:06:33,199
problem that i
182
00:06:30,160 --> 00:06:35,759
find quite often in different web apps
183
00:06:33,199 --> 00:06:37,280
so it will be the bug number four in
184
00:06:35,759 --> 00:06:40,560
this course
185
00:06:37,279 --> 00:06:41,038
and finally i will discuss a dictionary
186
00:06:40,560 --> 00:06:43,120
attack
187
00:06:41,038 --> 00:06:45,680
so i'll tell you what it is actually and
188
00:06:43,120 --> 00:06:48,639
how to find whether this attack
189
00:06:45,680 --> 00:06:49,360
is possible so that you will be really
190
00:06:48,639 --> 00:06:52,478
able to
191
00:06:49,360 --> 00:06:55,680
check this out on your own so
192
00:06:52,478 --> 00:06:58,879
basically this is it the next
193
00:06:55,680 --> 00:07:01,360
five bugs that really work for me
194
00:06:58,879 --> 00:07:02,639
that i have been submitting for years to
195
00:07:01,360 --> 00:07:05,598
different companies
196
00:07:02,639 --> 00:07:06,160
and i got paid for this box and i want
197
00:07:05,598 --> 00:07:08,639
you
198
00:07:06,160 --> 00:07:09,439
to be more and more successful as a
199
00:07:08,639 --> 00:07:11,840
hacker
200
00:07:09,439 --> 00:07:12,959
hacker one is a really great opportunity
201
00:07:11,839 --> 00:07:15,439
right now
202
00:07:12,959 --> 00:07:16,000
for us backhunters ethical hackers
203
00:07:15,439 --> 00:07:18,639
penetration
204
00:07:16,000 --> 00:07:20,720
testers so i hope you will make the most
205
00:07:18,639 --> 00:07:23,280
of this course you will enjoy the course
206
00:07:20,720 --> 00:07:23,919
and at the very end you will make more
207
00:07:23,279 --> 00:07:26,959
money
208
00:07:23,918 --> 00:07:30,240
so this is it for an introduction
209
00:07:26,959 --> 00:07:32,719
so now let's jump to the next video
210
00:07:30,240 --> 00:07:33,918
and the next video actually is gonna be
211
00:07:32,720 --> 00:07:38,240
the first bug
212
00:07:33,918 --> 00:07:38,240
from this list
14069
Can't find what you're looking for?
Get subtitles in any language from opensubtitles.com, and translate them here.