The correct answer is: ClickJacking

Hi everyone! Learn how to use amass to brute force subdomain

Video Link: https://youtu.be/jvp4bueAxvs

Hi everyone! Learn how to find subdomain through brute forcing method

Video Link: https://youtu.be/JmMXab-Us2c

Which one do you think is vulnerable?

The correct answer is: The Left one is vulnerable to CSRF and the right one is secure because it is using PUT method which checks for the CORS policy.

Hi everyone! Watch this video that will surely help you to find internal subdomains of the target


Check it out: https://www.youtube.com/watch?v=KcMJzSGlFBc

Spot the vulnerability guys!

The correct Answer is: Cross Site Scripting

Now here's the second question: Can you specify the payload that you will use to execute xss?😉

It's always a better idea to monitor your target for new assets(like subdomains etc). I'll publish a new video on it tomorrow! Stay tuned and keep learning ❤️

Hi everyone! Learn how to monitor your target for new subdomains using python

Video Link: https://youtu.be/vKZuFl6HvkE

Hi guys! I've just pushed the code for the video. Check it out

https://github.com/faiyazahmad07/monitor_subdomains

Hi everyone! Learn how to find subdomains based on the target's pattern

Video Link: https://youtu.be/Y_qxJP7dbb8

How many of you use nuclei with cookies?

Hi everyone! I have created a new video that can help you to bypass some common protection mechanism in clickjacking

Check it out: https://youtu.be/9b8Lu01IbLM

Hey everyone! I have created a new bot on discord that can automate the reconnaissance process and can save a lot of time!



Just feed the domain name in the discord channel and it will do the rest for you!



We can customize this tool as per our methodology

Hi everyone! Learn how to find sensitive content in a web application.

Check it out: https://youtu.be/2Vd2x8cWQ_k

Yay! We've just hit 5K subs on YouTube. Thank you all from the bottom of our hearts for getting us one step closer to our dream. We are committed to provide affordable content for you. Stay safe and keep learning

Will AI takeover the future of Bug Bounty or Cybersecurity? That was the question asked by one of my subscribers.For me, I actually think that with the advancement in the technology, the old vulnerabilities may disappear(Not completely). However, it will also lead to more vulnerabilities. For example, ChatGPT was itself vulnerable to web cache poisoning few weeks ago. To summarize, If you are creative with the things you doing in the bug bounty, then there is always a future for you.
Remember: Bug bounty should not be your option to make money if you are a beginner rather it should be a way for you to learn cyber security.

What's your thoughts on it? Let me know in the comment section