I gained over 1000 reputation points on HackerOne between April to June 2023!
I reviewed my past reports and would like to share 3 bug bounty tips with you!
I hope they are useful to you, have a great bug bounty journey, keep hunting!
Hack The Box REDEEMER Walkthrough | Learning Redis for Beginners (Step-by-Step)
In this video, we walk through the Hack The Box Starting Point machine REDEEMER. This beginner-friendly walkthrough focuses on Redis – what it is, how it works, and why exposed Redis services are risky when misconfigured.
Instead of rushing through commands, we explain the concepts behind Redis, service enumeration, and how sensitive data can be stored and accessed directly from memory.
This is part of my ongoing Hack The Box Starting Point – Step-by-Step Walkthrough for Beginners series, where the goal is to help newcomers build strong fundamentals in ethical hacking.
What you will learn in this video
- What Redis is and where it’s commonly used
- Why exposed Redis instances are dangerous (authentication & config pitfalls)
- How to identify Redis with Nmap (port 6379)
- How to connect with
redis-cliand inspect databases/keys - When to use
KEYS *(CTF) and whySCANis preferred in production - How to retrieve the flag and complete the tasks
Recommended setup
- Kali Linux Virtual Machine
- NAT networking mode
- OpenVPN client
- VMware Fusion / VirtualBox (any VM works)
Resources
Happy hacking, and enjoy the journey 🚀
Hack The Box DANCING Walkthrough | Learning SMB for Beginners (Step-by-Step)
Stuck on HTB Dancing? This guide is your key to exploiting SMB and getting root, step-by-step.
In this video, we will work on the Hack The Box Starting Point Tier 0 machine: DANCING together. This beginner-friendly walkthrough focuses on understanding SMB (Server Message Block).
We will take our time to explain what SMB is, why it is commonly found in Windows environments, and how misconfigured SMB shares can lead to sensitive data exposure.
Haven’t set up your VPN yet? Watch my Hack The Box Starting Point – Essential Setup Guide for Beginners!
Sign Up for Hack The Box (my referral link)
What you will learn in this video
- What SMB (Server Message Block) is and how it works
- Common SMB ports (139 & 445) and why they matter
- How to use Nmap for targeted service enumeration such as SMB services
- How to enumerate SMB shares using smbclient
- Understanding anonymous / misconfigured shares
- Downloading files from SMB shares and capturing the flag
Recommended setup
- Kali Linux Virtual Machine
- NAT networking mode
- OpenVPN client
- VMware Fusion / VirtualBox (any VM works)
Resources
Hack The Box FAWN Walkthrough | Ethical Hacking for Beginners (Step-by-Step)
In this video, we are tackling Fawn, a Tier-0 machine from Hack The Box’s Starting Point series. This is a perfect machine for beginners to sharpen their fundamentals and understand how file transfer protocols work.
Instead of just running commands, I explain exactly what is happening under the hood so you can apply this knowledge to future machines.
What you will learn in this video
- What is File Transfer Protocol (FTP)
- Why FTP is considered insecure and what are the secure alternatives
- How to scan for FTP services using nmap
- What is anonymous FTP login
- How to download files from an FTP server
- What is the man command and how to use it to find answers without leaving your terminal
- Gaining root access and capturing the flag
Perfect for beginners who want to understand why things work, not just follow steps.
- Hack The Box FTP walkthrough
- HTB Starting Point Tier 0
- FTP anonymous login tutorial
- Beginner ethical hacking guide
- Kali Linux FTP enumeration
Hack The Box MEOW Walkthrough | Ethical Hacking for Beginners (Step-by-Step)
For beginners in cybersecurity, the “Starting Point” machines on Hack The Box are an invaluable resource. However, many tutorials simply tell you what to type to get the flag.
In my latest YouTube video, I take a different approach with the Meow machine (Tier-0).
I believe that to become a proficient penetration tester or bug bounty hunter, you need to understand the fundamentals.
- What is the purpose of specific Nmap flags like -sV or -Pn?
- How is a port scan like checking the doors of a house?
- Why is Telnet considered insecure compared to SSH?
I break down these concepts step-by-step, ensuring that you are not just memorising commands, but actually learning the logic behind each step.
Whether you are a student, a career switcher, or just curious about ethical hacking, this walkthrough will give you the solid foundation you need.
This is part of an ongoing beginner-friendly series where I will be covering all of the Hack The Box Starting Point machines, step by step.
🎥 Watch the Meow walkthrough here:
If you are transitioning into cybersecurity, bug bounty, or pentesting – this series is built for you.
Happy learning and keep hacking ethically 🔐
Hack The Box Starting Point – Essential Setup Guide for Beginners
Just released a beginner-friendly tutorial for anyone getting started on Hack The Box (HTB) – one of the best hands-on learning platforms for ethical hacking and cybersecurity.
In this video, I cover the following topics:
- What is Hack The Box Starting Point
- How to download the OpenVPN (.ovpn) configuration file
- What OpenVPN is and why Hack The Box uses it
- Why using a Virtual Machine (NAT mode) is safer than Docker or host
- How to connect to the Hack The Box VPN using OpenVPN
- How to spawn a machine and verify VPN connectivity with ping
If you are new to ethical hacking (or want to get started), this guide will get you up and running in minutes, check it out if it interests you: