#366: Hacking PayPal and TikTok (legally) // Featuring Ben Sadeghipour Nahamsec

Want to hack companies like PayPal and TikTok? What about the Department of Defense? Lots of companies that you can hack legally - and get paid doing it! This is a practical guide on how to get started hacking today. // MENU // 00:00 ▶️ Introduction 00:17 ▶️ Who is Nahamsec? 01:18 ▶️ Different Bug Bounty Platforms 01:40 ▶️ Why Nahamsec Prefers These Platforms 02:34 ▶️ Intigriti Quick Overview 02:58 ▶️ Bugcrowd Quick Overview 03:25 ▶️ Hackerone Quick Overview 04:01 ▶️ What is Bug Bounty? 04:57 ▶️ Non-Monetary Rewards: Nahamsec's Red Bull Hack 05:57 ▶️ The Lyft, Snapchat and Undisclosed Travel Company Hack 07:02 ▶️ Interface Walkthrough 08:45 ▶️ Scope 10:18 ▶️ Top Hacker Profiles on Bug Bounty Programmes 11:04 ▶️ Profile Hacktivity Feed 13:54 ▶️ Using the site wide hacktivity feed to learn from previous bug bounties 15:31 ▶️ Getting Started: hacker101 17:24 ▶️ Getting Started: hackerone 20:58 ▶️ Submitting/Writing a Report 29:23 ▶️ Report Terminology 31:06 ▶️ How to Find a Company's Websites 33:05 ▶️ Nahamsec's Approach: Certificate Transparency 36:30 ▶️ Why NahamSec Prefers Dev Sites 38:05 ▶️ How to Find a Website's SSL Certificate 41:21 ▶️ Targeting a Company' Main Website vs Targeting Subdomains 42:25 ▶️ Researching a Company's Assets 43:43 ▶️ If You're New to the Bug Bounty Thing 47:40 ▶️ Ways to Learn 49:18 ▶️ Books to Help You Get Started Hacking 53:49 ▶️ Online Resources to Help You Get Started 55:28 ▶️ Final Advice // Connect with David // Discord: https://discord.com/invite/usKSyzb Twitter: https://www.twitter.com/davidbombal Instagram: https://www.instagram.com/davidbombal LinkedIn: https://www.linkedin.com/in/davidbombal Facebook: https://www.facebook.com/davidbombal.co TikTok: http://tiktok.com/@davidbombal YouTube: https://www.youtube.com/davidbombal // Connect with Nahamsec // Twitter: https://twitter.com/nahamsec YouTube: https://www.youtube.com/c/nahamsec Github: https://github.com/nahamsec/Resources-for-Beginner-Bug-Bounty-Hunters Discord: https://discord.com/invite/ysndAm8 Instagram: https://www.instagram.com/nahamsec/ LinkedIn: https://www.linkedin.com/in/nahamsec/ Twitch: https://www.twitch.tv/nahamsec Website: https://nahamsec.com/ // Nahamsec's Udemy Course// Udemy: https://www.udemy.com/course/intro-to-bug-bounty-by-nahamsec/ // Sites // Hackerone: https://www.hackerone.com/ Bugcrowd: https://bugcrowd.com/programs Intigriti: https://www.intigriti.com/ // Book's recommended // Bug Bounty Bootcamp: https://amzn.to/3K2YDeJ Real-World Bug Hunting: https://amzn.to/3wTF9FN Android Hacker's Handbook: https://amzn.to/3uMc509 The Web Application Hacker's Handbook: https://amzn.to/3IZ2RTr Black Hat Python: https://amzn.to/3JYIZAV Black Hat Python (2nd edition): https://amzn.to/379WcIV // Creator's mentioned // Nahamsec: https://www.youtube.com/c/Nahamsec STÖK: https://www.youtube.com/c/STOKfredrik LiveOverflow: https://www.youtube.com/c/LiveOverflow Farah Hawa: https://www.youtube.com/c/FarahHawa InsiderPhD: https://www.youtube.com/c/InsiderPhD The Cyber Mentor: https://www.youtube.com/c/TheCyberMentor // MY STUFF // Monitor: https://amzn.to/3yyF74Y More stuff: https://www.amazon.com/shop/davidbombal // SPONSORS // Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com bug bounty bugbounty hackerone hacking Ben Sadeghipour NahamSec nahamsec cyber security bug bounties ethical hacking bug bounty hunting burp suite ethical hacker pentest certificate red teaming bug bounty tips bug bounty for beginners bug bounty course pentest basics bugcrowd bugbounty hack bugs hackerone bugcrowd Intigriti Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel! #buybounty #hacking #hack