Spot the vulnerability guys!

The correct Answer is: Cross Site Scripting

Now here's the second question: Can you specify the payload that you will use to execute xss?😉

It's always a better idea to monitor your target for new assets(like subdomains etc). I'll publish a new video on it tomorrow! Stay tuned and keep learning ❤️

Hi everyone! Learn how to monitor your target for new subdomains using python

Video Link: https://youtu.be/vKZuFl6HvkE

Hi guys! I've just pushed the code for the video. Check it out

https://github.com/faiyazahmad07/monitor_subdomains

Hi everyone! Learn how to find subdomains based on the target's pattern

Video Link: https://youtu.be/Y_qxJP7dbb8

How many of you use nuclei with cookies?

Hi everyone! I have created a new video that can help you to bypass some common protection mechanism in clickjacking

Check it out: https://youtu.be/9b8Lu01IbLM

Hey everyone! I have created a new bot on discord that can automate the reconnaissance process and can save a lot of time!



Just feed the domain name in the discord channel and it will do the rest for you!



We can customize this tool as per our methodology

Hi everyone! Learn how to find sensitive content in a web application.

Check it out: https://youtu.be/2Vd2x8cWQ_k

Yay! We've just hit 5K subs on YouTube. Thank you all from the bottom of our hearts for getting us one step closer to our dream. We are committed to provide affordable content for you. Stay safe and keep learning

Will AI takeover the future of Bug Bounty or Cybersecurity? That was the question asked by one of my subscribers.For me, I actually think that with the advancement in the technology, the old vulnerabilities may disappear(Not completely). However, it will also lead to more vulnerabilities. For example, ChatGPT was itself vulnerable to web cache poisoning few weeks ago. To summarize, If you are creative with the things you doing in the bug bounty, then there is always a future for you.
Remember: Bug bounty should not be your option to make money if you are a beginner rather it should be a way for you to learn cyber security.

What's your thoughts on it? Let me know in the comment section

Hello everyone! I have created a new video that can help you to automate your bug bounty process through discord bot.



Check it out: https://youtu.be/IlFjsOI9W0w

Hi everyone! Learn how to enumerate root domains of an organization with amass.

Article Link: https://bepractical.tech/how-do-we-enumerate-root-domains-using-amass/

Hi everyone! I have created a new video that demonstrates how easy it is to hack a windows machine with metasploit

Check it out: https://youtu.be/QyseHxzYDi4

Thanks for sharing @San Toor

mohammedsudancityRecon.txt.pdf

Hi everyone! Check out this new video that demonstrates how to escalate self xss to account takeover!

Video Link: https://youtu.be/bvm0M9CZUGk

We are absolutely delighted to extend a warm welcome to each and every one of you to the Cyber Event 2023, presented by BePractical. Our goal is to offer a unique opportunity to gain firsthand experience in detecting pesky bugs in actual real-world scenarios.

Join us to gain real-world bug-finding experience and a shot at winning a paid internship and awesome prizes. Don't miss this chance to show off your skills and get cool stuffs

Check out this video for more:

https://www.youtube.com/watch?v=MNy5UFGb80E