Yayy! We've just hit over 29K subscribers❤️

Many of you ask this question "Why you don't upload videos on live websites? ". Well, this is the reason.. I remember when I had two strikes on the channel and it was about to be deleted but somehow i was able to remove those strikes..
However, all the demonstrations shown in the videos are the exact way/method that you need to follow in real apps..

Once again, thank you all for supporting me throughout our journey to grow & be better together👊

Hi everyone! I hope you all are doing well. I really apologies for not being active in this group. These past few days were really tough for me to handle but now i am back with more power & energy! That being aside, New video will be getting uploaded today at 6pm IST. I hope you all will love it. Keep hacking & Keep learning❤️

Hi everyone! New video is out

Check it out here: https://www.youtube.com/watch?v=0uxV-jRGMeA

Hi everyone! I hope you all are doing well. I wanted to thank you all from the very bottom of my heart since today we’ve finally reached over 30,000 subscribers!! I can’t imagine how big this number is!!
When I started the channel, I was very under-confident, very nervous whether it will work or not. But still I started because of only one reason, I wanted to give my contribution to the same cyber security community from where I have learnt so much. And it is all because of you all that today I can proudly say that my decision was right! Thank you all so so so much again!!!

These days, I am finding it little hard to create videos because of office related work. But still, I will be committed to upload videos and help you all to learn & grow together. I pray that each of us will be able to up skill their hacking game and support each other!

Something special will be announced soon to celebrate this milestone!

Till then, Keep Learning, Keep Hacking & Thank you so much once again!❤️

- Faiyaz Ahmad

I've recently found some really cool no sql injection vulnerabilities and here's a small tip that you can use to find them too!



If there's a request that looks something like this:

http://test.com/api/user?id=12345



Try this:

http://test.com/api/user?id[$ne]=12345



There's a high possibility that you will get more data in the response if the back-end is using no sql database

Meme of the day

New video coming soon 🔜

HI everyone, New video has been finally uploaded! Check out how you can find sensitive backup files on a web application like a pro!

Video Link: https://youtu.be/7v5QLOVn0pg

The best feeling? When your videos actually help people to learn & grow❤️

Edit: This is the comment of the video I released today!

Hi everyone! New video will be releasing tomorrow!! Stay tuned❤️

Hi everyone! The new video is out

Check it here: https://youtu.be/I7dZfjpCxzg?si=XPHsl8NFzl6ys58N

Everyone loves to share their wins online—but today, I want to share something different.
Not success stories, but the struggles and failures that shaped my journey.

I wasn’t a “smart kid” growing up. Until class 7, I barely understood what was going on in class. Once, I scored just 54%.
In class 10, I got 83%, and by 12th, 78%. It felt like progress, but it still wasn’t “good enough” by many people's standards.

One of my coaching teachers straight-up told me I’d never be successful.
A few people I was once really close to said the same thing. That I’m just dreaming too big.
I got 21 percentile in JEE—yes, 21. It was tough to accept, but I had to move on.
So I joined a private college for B.Tech in Cyber Security. It wasn’t IIT, and honestly, it wasn’t even well known. I was part of the first batch there.
And then came the comments:
“You’re wasting your parents’ money.”
“He’s not going to make it anywhere.”

But here’s the thing—I didn’t stop.

I found something that made me want to get up every day: Cyber Security.
It gave me a sense of purpose when nothing else did.

From there, things slowly changed:

I got into the Hall of Fame of companies like Google, NASA, Sony—not overnight, but step by step.

I started earning through internships and bug bounties in college—when many told me I shouldn’t expect much.

I created videos and shared what I learned on YouTube—and now we’re a family of 30,000+ subscribers.

I’ve spoken at security events, built three courses on Udemy, and received awards in college—all while still figuring life out.

And today, I have a job that pays me what people expect only from top IIT grads.

But none of this would’ve happened if I had listened to the voices that told me to quit.

So if you’re struggling right now—if you’re feeling lost, unsure, or behind—please know you’re not alone.
Everyone moves at their own pace. Success doesn't always come from being the “top student” or cracking some big exam. Sometimes, it comes from just not giving up.

Your journey is yours. Own it. Start where you are. Use what you have. Do what you can.

And no matter how slow it feels, keep moving. Your story is still being written.

Working on a new video! This is by far the most common vulnerability I've found in real applications and it's super easy to find..I am sure this will help you all in your penetration testing journey!!

Hi everyone, New video is out!
Check it out here: https://www.youtube.com/watch?v=lGYCqWKaon0

Really happy to see that my videos are helping people in finding real vulnerabilities ❤️

I have 3 published courses on Udemy focused on bug bounty and cybersecurity — and I’ve never claimed that just buying one of these courses will make you thousands of dollars!!




In fact, I’ve always added a clear note in the course denoscriptions:

"These courses are designed to help you upskill and build a strong foundation — not to make you rich overnight."

If any course is claiming to turn you into a professional bug bounty hunter instantly or promises quick money, it's most likely a scam.

My intention has always been to provide practical, beginner-friendly guidance based on real experience.
These courses are for those who are genuinely
curious and ready to learn through consistent effort, trial and error, and hands-on practice.
What makes me truly grateful is the response from the community — all three courses have 4+ star ratings and many positive reviews from learners who found real value in them.

Feel free to check them out: https://www.udemy.com/user/faiyaz-ahmad-33/

Bug Bounty Tip:

Found a subdomain of your target that looks like this api-prod.target.com?

Then try to use ffuf to discover additional subdomains with this same pattern using the command:

ffuf -u http://api-FUZZ.target.com/ -w wordlist.txt -mc all

This generally helps me to discover really interesting api apps that are usually hidden from the public

Hi everyone! As promised, we will be conducting a free live webinar on server side request forgery on 29th June 2025 to celebrate 30k subscribers!!

This webinar will cover everything about ssrf from basics to advanced with practical demonstration & some PoCs as well

If you are interested then feel free to submit this form: https://forms.gle/2axTEKZpjTKcrVDa7

Once again, Thank you all for supporting the channel. Keep learning & Keep hacking!

- Faiyaz Ahmad