1
00:00:00,960 --> 00:00:06,870
In the previous video, I told you that I will show you some of the websites which help you to earn

2
00:00:06,870 --> 00:00:09,510
some money by hacking into websites.

3
00:00:10,440 --> 00:00:17,160
Now, keep in mind, this is not a bad one because my is a general cyber security course.

4
00:00:17,160 --> 00:00:23,670
But I am sharing this knowledge with you in order to make you aware about the fact that you can earn

5
00:00:23,850 --> 00:00:31,640
some money if you explore SQL injection attacks and exercice attacks to some advanced level.

6
00:00:31,890 --> 00:00:32,190
Right.

7
00:00:32,640 --> 00:00:38,340
So here is the first website, which is yes, we had dot com, which itself says be a reward, not a

8
00:00:38,340 --> 00:00:38,900
ransom.

9
00:00:39,060 --> 00:00:47,070
So the owner of the websites themselves offer their websites to security researchers or to testers in

10
00:00:47,070 --> 00:00:50,820
order to find some bugs, some weaknesses in their website.

11
00:00:50,820 --> 00:00:51,150
Right.

12
00:00:51,870 --> 00:00:56,820
So that they will increase the security of their website and prevent from external attacks.

13
00:00:58,590 --> 00:01:00,930
The next website is open book Boundy.

14
00:01:01,050 --> 00:01:05,040
OK, here, as the name suggests, it is open for all.

15
00:01:05,070 --> 00:01:12,360
OK, so any of the security researcher will hack into any of the websites they provide you and in return

16
00:01:12,360 --> 00:01:13,660
you will get a reward, right?

17
00:01:16,370 --> 00:01:22,490
See, I told you that you can use a skill addiction attack and exercise attacks in order to earn some

18
00:01:22,820 --> 00:01:31,130
bounty, but if you use dose and dose attacks, then the owner of the website will block you and will

19
00:01:31,130 --> 00:01:39,680
never pay you a bounty because they know that the in those attacks will work in most of the cases.

20
00:01:39,690 --> 00:01:39,900
Right.

21
00:01:40,010 --> 00:01:42,010
In approximately all of the cases.

22
00:01:42,350 --> 00:01:46,100
That's the reason they are not interested in goes into those attacks.

23
00:01:47,450 --> 00:01:52,470
OK, now the next website is Heckel one dot com.

24
00:01:53,120 --> 00:02:01,310
This website is a little bit different from open book, but maybe this website will give you some challenges

25
00:02:01,310 --> 00:02:08,150
like capture the flag challenges and then you earn some points by passing them.

26
00:02:08,540 --> 00:02:16,100
Then you will be invited for private problems where the owner of the website will allow you to hack

27
00:02:16,100 --> 00:02:20,040
into websites to only a limited number of protesters.

28
00:02:20,300 --> 00:02:23,450
OK, so these websites are not open to all.

29
00:02:24,350 --> 00:02:28,900
So your competition gets reduced, but the challenge will be hard.

30
00:02:29,750 --> 00:02:34,020
OK, so the next website is Boxgrove dot com.

31
00:02:34,750 --> 00:02:42,170
OK, again, it is also a bug bounty platform so you can create account with them and can earn some

32
00:02:42,740 --> 00:02:43,820
real reward.

33
00:02:44,280 --> 00:02:48,030
OK, only if you get a weakness in their website.

34
00:02:48,380 --> 00:02:54,920
Now you have to prepare a basic report like name of the vulnerability, the attack you have used, like

35
00:02:54,920 --> 00:02:56,390
you have used Exeter's attacks.

36
00:02:57,500 --> 00:03:03,590
Then you have to provide the urine and the input parameter field because whenever you send a report,

37
00:03:03,590 --> 00:03:06,010
they will first verify it, OK?

38
00:03:06,050 --> 00:03:11,180
They will dry themselves that whether the thing you are mentioning is correct or not.

39
00:03:11,300 --> 00:03:19,250
OK, so if possible, you can create a video whenever you are trying to attack on their website as a

40
00:03:19,250 --> 00:03:19,670
proof.

41
00:03:20,240 --> 00:03:26,810
OK, so all you can also take screenshots, OK, and then explain them step by step procedure right

42
00:03:28,880 --> 00:03:29,180
now.

43
00:03:29,420 --> 00:03:32,490
Here is one more website, which is Hectorol dot com.

44
00:03:33,050 --> 00:03:40,340
OK, so you can try one of these if you want, but it is better to first get a deep knowledge about

45
00:03:40,340 --> 00:03:45,380
scale and exercise by practicing yourself and by using and measuring your creativity.

46
00:03:46,400 --> 00:03:52,970
Now, if you notice in my previous videos, I'm using a single script, OK?

47
00:03:53,000 --> 00:03:56,180
I'm using a very common script, which is a script alert.

48
00:03:56,180 --> 00:03:56,900
One, two, three.

49
00:03:57,230 --> 00:03:57,520
Right.

50
00:03:58,130 --> 00:04:00,500
But that's not the only script.

51
00:04:00,500 --> 00:04:02,600
We how many more scripts?

52
00:04:02,820 --> 00:04:04,900
OK, so the one is not working.

53
00:04:04,910 --> 00:04:06,080
Then we will try the other one.

54
00:04:06,080 --> 00:04:07,490
OK, then we will try the third one.

55
00:04:07,640 --> 00:04:07,970
Right.

56
00:04:08,450 --> 00:04:13,310
So let me open this link and let's open this one as well.

57
00:04:13,540 --> 00:04:18,410
OK, so it says top five most important exercises, scripts.

58
00:04:18,440 --> 00:04:18,780
OK.

59
00:04:18,800 --> 00:04:23,450
So here you will find a list of scripts.

60
00:04:24,420 --> 00:04:31,200
OK, so you have to try a single script at a time.

61
00:04:31,880 --> 00:04:32,340
OK.

62
00:04:32,990 --> 00:04:36,890
And I think it is very time consuming process.

63
00:04:37,090 --> 00:04:39,400
OK, it's not possible.

64
00:04:39,800 --> 00:04:42,140
I know it's possible, but it is an ongoing process.

65
00:04:42,140 --> 00:04:47,490
So that's not possible for an expert to try every single script manually.

66
00:04:48,370 --> 00:04:56,960
OK, so in the next video, I will show you how you can automate the process, OK, and save your time

67
00:04:56,960 --> 00:04:57,800
and energy.

68
00:04:58,880 --> 00:05:05,060
Now, if you want to learn deeper about this, then you can visit this website or w dot org.

69
00:05:05,360 --> 00:05:11,020
It is always a great website for increasing knowledge.

70
00:05:11,510 --> 00:05:13,340
OK, you can read it if you want.

71
00:05:15,090 --> 00:05:15,470
Right.