Ben Sadeghipour @NahamSec Twitter profile

Pinned Tweet

Ben Sadeghipour

4 years

After months of working on this, I’m excited to release my first bug bounty course on @udemy today! This is not a complete course just yet, but I will be regularly updating it with new content and labs!

Intro to Bug Bounty Hunting and Web Application Hacking

Insiders guide to ethical web hacking and bug bounty hunting with Ben Sadeghipour (@NahamSec)

www.udemy.com

151

405

3K

Last Seen Profiles

@arima_fv

@GeneralGate

@DelphiAthletics

@Maorou_K8M

@bokeplokalmalam

@koufzin2

@m_nsr3

@BABCPLISIG

@BaS_Statss

@uzochukwuS61462

@Sabuuchi

@LittleyVietnam

@mir_leand

@e_arjjj

@Muhamma69949495

@AuthorAVS

@xyooniexxx

@StezGirls_Dubai

@nackseojang

@kanyisoul25

@DontBeSaad20

@turbanlisever69

@cathrynlavery

@TPSHomicide

@Kiras_g914

@alicia_silmeria

@Cryptohodlr2

@roses_rreds

@koouui111

@JonathanKendr16

@cukienaknikmati

@lynettagreen94

@abosultan02

@bokeplokalmalam

@OMGclub2022

@sottoledera

Ben Sadeghipour

@NahamSec

22 days

1000 likes and I’ll start dropping write up’s again like I used to in the early days of my career.🤔

23

16

868

Ben Sadeghipour

@NahamSec

10 months

😱👀

146

62

2K

Ben Sadeghipour

@NahamSec

2 years

I have THREE 1 month @PentesterLab vouchers left to giveaway. All you have to do is interact with this tweet (RT/like or comment) to enter. Good luck!

314

529

2K

Ben Sadeghipour

@NahamSec

4 years

Thanks for 50,000 followers! I’ve partnered with @eLearnSecurity to give back to the community! Three lucky winners will win an eLS course of their choice. To enter, all you have to do is like and reply to this tweet and follow eLS!

883

147

1K

Ben Sadeghipour

@NahamSec

6 years

If you ever wondered what it looks like when hackers find a cool bug.. here's a gif to explain it. (Featuring @0xteknogeek and @0xacb )

36

351

1K

Ben Sadeghipour

@NahamSec

3 months

Excited to let y’all know that I’m engaged!🎉 💍

230

13

1K

Ben Sadeghipour

@NahamSec

5 years

I'm going to share all my payloads and wordlist... all you have to do reply to this tweet!

1K

167

1K

Ben Sadeghipour

@NahamSec

5 years

I know I'm not a million dollar hacker, but I'm almost to $500K and half way there while keeping up with a full time job. Pretty proud of myself! 🙏🏽

57

33

1K

Ben Sadeghipour

@NahamSec

5 years

#VirSecCon2020 : A virtual hacking con hosted by yours truly and @thecybermentor with talks from @Jhaddix , @zseano , @stokfredrik , @erbbysam , @ChloeMessdaghi @ethicalhacker , @B3nac , @TomNomNom , @niden and @uraniumhacker . More info will be released soon on

20

387

1K

Ben Sadeghipour

@NahamSec

3 years

I have worked at a leading bug bounty platform. Hacked companies like Airbnb, Apple, Snapchat, Department of Defense, PayPal. Currently enjoying day one of unemployment. Ask me anything?

198

63

976

Ben Sadeghipour

@NahamSec

4 years

Roses are red Violates are blue If you don’t want to learn how to Google Hacking isn’t for you 🤷🏽‍♂️

25

170

957

Ben Sadeghipour

@NahamSec

5 years

I'm excited to announce that I have started a new role at @Hacker0x01 as the head of Hacked Education to help create more content for hackers on #Hacker10 ! 🎉

94

48

925

Ben Sadeghipour

@NahamSec

4 years

I don't understand the hate and shade people throw at content creators. Can someone tell me what the fuck is the actual point in hating on people who are educating others for free?

92

53

915

Ben Sadeghipour

@NahamSec

5 years

Here are the slides from our talk at @defcon - "Owning the clout through SSRF and PDF generators". We'll probably write 3 blog posts on a few bug bounty examples soon! Also a big thank you to @daeken for being my partner in crime through this research.

Owning the clout through SSRF and PDF generators - Public v1.0

OWNING THE CLOUT THROUGH SSRF AND PDF GENERATORS Ben Sadeghipour Cody Brocious

docs.google.com

23

333

908

Ben Sadeghipour

@NahamSec

4 years

Here's 7 hours of 🔥 content from #VirSecCon2020 on hacking, web, Android, iOS, recon, bug bounty, OSCP/OSCE by @stokfredrik , @TomNomNom , @ChloeMessdaghi , @B3nac , @dawnisabel , @niden , @zseano , @d0nutptr , @ethicalhacker , @uraniumhacker , and @erbbysam . 🎥

34

298

911

Ben Sadeghipour

@NahamSec

5 years

Roses are red Violets are blue If you don't want to learn stuff on your own hacking isn't for you #bugbountypoems

28

202

893

Ben Sadeghipour

@NahamSec

4 years

RIP twitter.

25

118

891

Ben Sadeghipour

@NahamSec

2 months

😱 📷 $500,000!This has to be the largest bounty on @hacker0x01 !

34

54

896

Ben Sadeghipour

@NahamSec

1 year

Rapid7 asking me to remove an educational content from YouTube over the fact that used them as an example for publicly accessible swagger file.

62

110

855

Ben Sadeghipour

@NahamSec

4 years

Udemy course is officially under review 😬

42

29

853

Ben Sadeghipour

@NahamSec

3 years

Finally had the pleasure to meet @Farah_Hawaa 🥳

22

7

850

Ben Sadeghipour

@NahamSec

3 years

Making my Udemy course free for a few hours as a part of the @RedTeamVillage_ partnership. Enjoy.

Intro to Bug Bounty Hunting and Web Application Hacking

Insiders guide to ethical web hacking and bug bounty hunting with Ben Sadeghipour (@NahamSec)

www.udemy.com

66

197

845

Ben Sadeghipour

@NahamSec

3 years

I have a 6 month and a 3 month subscription voucher to @PentesterLab . Reply to this twee with a 🅿️ and I'll pick 2 random winners.

1K

137

841

Ben Sadeghipour

@NahamSec

10 months

My Udemy course is listed for FREE using the code 'FREEBLACKFRIDAY 'and then only $9.99 with 'BLACKFRIDAY23'. There’s a brand new update coming to the course in 2024! New labs, new videos and new challenges! 👀

29

139

821

Ben Sadeghipour

@NahamSec

2 years

Today I start my role as VP of Research and Community at Hadrian. 🥳

79

6

820

Ben Sadeghipour

@NahamSec

4 years

🚨 @Burp_Suite giveaway 🚨 2020 was a pretty rough year for a lot of people but I want to end the year on a good note. Reply with something you are grateful or proud of that happened in 2020 and I'll pick a random reply and send them a free Burp Suite license! 👇🏽

715

78

809

Ben Sadeghipour

@NahamSec

5 years

What are some endpoints that make you excited when it pops up while performing a directory brute force? Here are some of mine: /api/proxy /swagger-ui /demo /metrics

59

270

809

Ben Sadeghipour

@NahamSec

4 years

A group of us started to do this challenge for the entire month of November. Today was day 1. Feel free to join us if you’re up for the challenge. Will try and update this thread every night.

73

59

811

Ben Sadeghipour

@NahamSec

3 years

|￣￣￣￣￣￣￣￣￣￣￣| Hack the Planet!! |＿___＿＿＿＿＿＿＿＿| \ (•◡•) / \ / --- | |

23

103

777

Ben Sadeghipour

@NahamSec

4 years

Here are all the recordings from #NahamCon2020 with talks from @TomNomNom , @securinti , @samwcyo , @ChloeMessdaghi , @BitK_ , @mdisec , @defparam , @snyff , @jcran , @_johnhammond , @Jhaddix and @jeff_foley ! Enjoy!

19

213

762

Ben Sadeghipour

@NahamSec

4 years

Listen - no matter what you’re going through, I want you to know it’s temporary. Keep your head up and keep pushing through. You got this!

21

101

768

Ben Sadeghipour

@NahamSec

2 years

I have 2 PWK vouchers to giveaway! Two ways to win 1. Join my discord & react to the message posted in announcements. () 2. Like and respond to this tweet with #nahomies Big thank you to our #nahamcon2022 sponsor, @offsectraining for making this happen.

Discord - Group Chat That’s All Fun & Games

Discord is great for playing games and chilling with friends, or even building a worldwide community. Customize your own space to talk, play, and hang out.

discord.com

480

113

763

Ben Sadeghipour

@NahamSec

6 years

RCE on Steam Client via buffer overflow in Server Info by @0xACB and vinnievan. Full report here: ($18,000 bounty)

11

288

750

Ben Sadeghipour

@NahamSec

4 years

I'm beyond excited to announce this year's #NahamCon2021 with my amazing cohosts: @thecybermentor and @_johnhammond ! We'll also have talks from @vickieli7 , @stokfredrik , @zseano , @TomNomNom , @InsiderPhD , @Farah_Hawaa , @infosec_au and more! RSVP now!

26

177

731

Ben Sadeghipour

@NahamSec

3 years

Do I clean up nice? 😏

45

5

713

Ben Sadeghipour

@NahamSec

2 years

SOC analyst friends, give me your best 3 advice, things to learn, or skills to have, for someone who wants to get into your field!

112

91

720

Ben Sadeghipour

@NahamSec

4 years

Excited to announce #NahamCon with @stokfredrik , @_johnhammond and @thecybermentor on Junst 13, 2020 with talks from @samwcyo , @TomNomNom , @snyff , @Jhaddix , @intigriti , @Jhaddix , @zseano , @defparam , @ChloeMessdaghi , @jcran , and more! Website will be live later :)

16

148

706

Ben Sadeghipour

@NahamSec

1 year

🙏🏼🙏🏼🙏🏼

49

8

702

Ben Sadeghipour

@NahamSec

2 years

If you could go back to when you first started hacking on bug bounty programs, what advice would you give yourself?

84

125

702

Ben Sadeghipour

@NahamSec

2 years

I have a one year and a six month subscription to @PentesterLab for two people who reply with “ #NahamCon2022 ” under this post. Will pick winners tomorrow.

1K

102

671

Ben Sadeghipour

@NahamSec

2 months

We are bug bounty hunters ⁦ ⁦ @securinti ⁩, ⁦ @Rhynorater ⁩, ⁦ @Arl_rose ⁩, ⁦ @Jhaddix ⁩, ⁦ @stokfredrik ⁩

18

54

684

Ben Sadeghipour

@NahamSec

7 years

Lazyrecon: A script intended to automate your reconnaissance process in an organized fashion and creates an html report at the end!

18

288

664

Ben Sadeghipour

@NahamSec

3 years

This Friday is my last day at @Hacker0x01 . The last 6 years were have been incredible. I learned a lot of valuable lessons and met a ton of amazing people. To celebrate I wanted to share the 6 things I learned from my time at h1.

6 Valuable Lesson I Learned Looking for A Cybersecurity Startup — NahamSec

6 valuable lessons I learned from working at the #1 bug bounty and crowdsourced security platform.

www.nahamsec.com

57

65

669

Ben Sadeghipour

@NahamSec

8 months

We’ve got something cooking. 🧑‍🍳

28

26

664

Ben Sadeghipour

@NahamSec

6 years

Intel just paid a $100,000 bounty on @Hacker0x01 😱😱😱

28

227

656

Ben Sadeghipour

@NahamSec

2 years

Ready for defcon 😈

10

9

653

Ben Sadeghipour

@NahamSec

3 years

Udemy course is listed for FREE for the next 30 mins. Enjoy!

Intro to Bug Bounty Hunting and Web Application Hacking

Insiders guide to ethical web hacking and bug bounty hunting with Ben Sadeghipour (@NahamSec)

www.udemy.com

97

95

651

Ben Sadeghipour

@NahamSec

5 years

I get asked how I manage a full time job, content, steam, hacking on top of my personal life. I’m going to answer this once and only once: if you have time to waste on YouTube/Reddit you have time to learn how to hack. I go to bed an hour later and wake up an hour earlier

32

143

653

Ben Sadeghipour

@NahamSec

8 months

Introducing The 5 Five Week Program: A program designed to help you find your first vulnerability. At the end of the 5 weeks, I will be bringing someone onto my team to directly work with me on a pentest!

25

104

650

Ben Sadeghipour

@NahamSec

4 years

There are time when I really don't wanna stream or make content, then I randomly get messages like this and remember why I started doing all of this in the first place. Thank you! 🙏🏽

12

19

643

Ben Sadeghipour

@NahamSec

2 years

What are some books you recommend to someone wanting to break into cybersecurity/hacking to learn the basics ⁉️ Would love to make this a thread on infosec book. Here are some of my recommendations 👇

69

155

631

Ben Sadeghipour

@NahamSec

3 years

Defcon with @_johnhammond , @ethicalhacker , @notshenetworks , @seclilc , and @securibee !

11

13

635

Ben Sadeghipour

@NahamSec

4 years

Check out @Rhynorater 's blog post on CVE-2020-13379: Unauthenticated SSRF in Grafana! POC: /avatar/tesdt%3Fd=%25253f%253b%%252f169.254.169.254

11

234

619

Ben Sadeghipour

@NahamSec

28 days

I Became HackerOne's Latest Most Valuable Hacker (h1-702 vlog) 🎉

27

29

636

Ben Sadeghipour

@NahamSec

2 years

It’s November and if you’ve been following me for a while you know that I do this challenge every year. Does anyone want to join me? 😩

61

42

619

Ben Sadeghipour

@NahamSec

2 years

Besides curl and sed/awk/grep, what are some of your most frequently used linux commands that you think will help with hacking? (not including tools like nmap, metasploit, etc)

192

97

616

Ben Sadeghipour

@NahamSec

4 years

Check out my latest video on "Creating Wordlists for Pentesting & Bug Bounty Hunting". I also showed how I use @DanielMiessler 's SecLists, @TomNomNom 's Waybackurls, or Google's BigQuery to create my own wordlists! LMK what you think of the video!

9

161

619

Ben Sadeghipour

@NahamSec

4 years

I heard you guys like wordlists.. Maybe I should make a video on how to create your own wordlists? What do you think? 🤔

46

30

615

Ben Sadeghipour

@NahamSec

4 years

"Recon is boring" of course it's boring when you're not finding anything 😂

22

43

608

Ben Sadeghipour

@NahamSec

3 years

I just realized I have some more @PentesterLab vouchers, thanks to @snyff for sponsoring the LLS stream. Drop a reply under this tweet and I'll pick 3 people and give you either a 3 mo, 6 mo, or 12 month subscription.

689

102

614

Ben Sadeghipour

@NahamSec

2 years

This is how you find every domain for a company! 👉🏼🎥

11

124

622

Ben Sadeghipour

@NahamSec

2 years

I haven't done this in a while, but my bug bounty course is free for the next hour or so. Use code "JUNE2022" to get it!

Intro to Bug Bounty Hunting and Web Application Hacking

Insiders guide to ethical web hacking and bug bounty hunting with Ben Sadeghipour (@NahamSec)

www.udemy.com

49

108

592

Ben Sadeghipour

@NahamSec

9 months

I Became A Million Dollar Hacker 😱

41

47

597

Ben Sadeghipour

@NahamSec

3 years

Udemy course for free. Part 2. Enjoy!

Intro to Bug Bounty Hunting and Web Application Hacking

Insiders guide to ethical web hacking and bug bounty hunting with Ben Sadeghipour (@NahamSec)

www.udemy.com

103

132

591

Ben Sadeghipour

@NahamSec

4 years

Alright twitter, help me out! I'm trying to make a good list of places to find swagger (or swagger.json). Here are few of my favorites: /swagger-ui/swagger.json /apidocs/swagger.json /api-docs/swagger.json /swagger-ui /api-docs /apidocs /swagger /v1/swagger.json

31

175

587

Ben Sadeghipour

@NahamSec

2 years

With #NahamCon2022EU coming up I think it’s only fair to giveaway a one year subscription to @pentesterlab to someone random responding to this tweet. 👇🏽

455

114

587

Ben Sadeghipour

@NahamSec

1 year

I have a one year @PentesterLab voucher for one random person retweeting and replying to this tweet with #nahamcon2023 :)

585

541

573

Ben Sadeghipour

@NahamSec

5 years

We just paid a $20,000 bounty through @Hacker0x01 's own bug bounty program! 😱

23

63

580

Ben Sadeghipour

@NahamSec

1 year

I start streaming again on Sunday. What company should we hack? 💪🏼

45

25

569

Ben Sadeghipour

@NahamSec

2 years

This is how a hacker (nojob) was able to find a vulnerability in @port_finance and collect a bounty worth over $600,000 through @immunefi 's bug bounty platform! Thank you @HalbornSecurity for sharing their technical insight on this vulnerability!

Smart Contract Series - Episode 04: Analyzing A Smart Contract...

Purchase my Bug Bounty Course here 👉🏼 bugbounty.nahamsec.trainingA vulnerability in Port Finance could potentially allow $20M-$25M in total losses, but som...

www.youtube.com

15

120

582

Ben Sadeghipour

@NahamSec

3 years

I said goodbye to my grandmother today. Hug your loved ones and remind them how much they mean to you.

61

8

579

Ben Sadeghipour

@NahamSec

3 years

Thread on educational content: 👇👇👇 This is coming from someone who sells a course. You really don't need anyone to teach you _anything_. Especially for bug bounties. The only thing you need in order to become successful is curiosity. To ask yourself "wtf does this mean" & 1/n

13

141

564

Ben Sadeghipour

@NahamSec

2 months

Matching with @Rhynorater

16

9

572

Ben Sadeghipour

@NahamSec

4 years

Who's excited for @TomNomNom to be on Live Recon this Sunday? 🙋🏽‍♂️🙋🏽‍♂️🙋🏽‍♂️🙋🏽‍♂️

38

14

565

Ben Sadeghipour

@NahamSec

1 year

Legends (part 2) from the bug bounty meet up during @defcon with @jhaddix , @stokfredrik , and @_JohnHammond . Can’t believe we pulled it off 😏

22

552

Ben Sadeghipour

@NahamSec

2 years

I’m officially a verified beg bounty hunter

37

4

550

Ben Sadeghipour

@NahamSec

4 years

The "Resources for Beginner Bug Bounty Hunters" repository on @github was just updated with new content! If you are a new to hacking and bug bounty hunting, you should definitely check this out! 💯🚨🔥

GitHub - nahamsec/Resources-for-Beginner-Bug-Bounty-Hunters: A list of resources for those intere...

A list of resources for those interested in getting started in bug bounties - nahamsec/Resources-for-Beginner-Bug-Bounty-Hunters

github.com

17

175

547

Ben Sadeghipour

@NahamSec

5 years

Found a pretty neat SSRF on @snapchat and thanks to ideas from @daeken @bbuerhaus , we were able to escalate it a bit. Technical details will be included in our talk @defcon and @BSidesLV (if it gets approved). Enjoy!

13

152

554

Ben Sadeghipour

@NahamSec

1 year

I fucking love hacking. 😆

25

37

539

Ben Sadeghipour

@NahamSec

2 years

If you're still looking for resources to get into hacking or bug bounty, I highly recommend taking a look at this GitHub repository! It has a list of videos, labs, and talks for anything hacking related!

GitHub - nahamsec/Resources-for-Beginner-Bug-Bounty-Hunters: A list of resources for those intere...

A list of resources for those interested in getting started in bug bounties - nahamsec/Resources-for-Beginner-Bug-Bounty-Hunters

github.com

14

173

549

Ben Sadeghipour

@NahamSec

4 years

It's been an extremely rough week and anxiety has been killing me! If you're feeling the same, keep your head up, we got this! 🙏🏽

34

21

535

Ben Sadeghipour

@NahamSec

2 years

Finally had the chance to meet some of the folks behind @RealTryHackMe !

11

533

Ben Sadeghipour

@NahamSec

2 months

Name a better trio 👀 @_JohnHammond @LiveOverflow

19

9

539

Ben Sadeghipour

@NahamSec

4 years

Another successful nahamcon. Thank you all for being a part of this year’s event!

21

29

527

Ben Sadeghipour

@NahamSec

2 years

Do you guys want more in depth Smart Contract hacking content? 🤔

47

16

520

Ben Sadeghipour

@NahamSec

5 years

Going to start doing ~2 hour long sessions every week and embarrass myself a little bit. See you there?

17

76

511

Ben Sadeghipour

@NahamSec

1 year

I made $50,000 in just BXSS today, AMA 🤣

50

33

513

Ben Sadeghipour

@NahamSec

2 months

Had an absolute blast at @Hacker0x01 ’s #h1702 and I get to take this belt home thanks to @0xacb and @ajxchapman 🙏🏼

33

22

525

Ben Sadeghipour

@NahamSec

5 years

Congratulations to @thedawgyg for winning the MVH award at #h1415 !

7

22

508

Ben Sadeghipour

@NahamSec

3 years

As promised, you can now register for my bug bounty course on @Udemy for free using the code "LLS2021". Code expires in ONE hour.

Intro to Bug Bounty Hunting and Web Application Hacking

Insiders guide to ethical web hacking and bug bounty hunting with Ben Sadeghipour (@NahamSec)

www.udemy.com

47

115

515

Ben Sadeghipour

@NahamSec

2 years

Red teamers / offensive security friends. What are some of your use cases for Wireshark?

70

40

501

Ben Sadeghipour

@NahamSec

4 years

Who needs admin:admin when you can hit /register and make your own admin account ¯\_(ツ)_/¯

9

26

510

Ben Sadeghipour

@NahamSec

2 years

This f*cking guy... 😂 @Yassineaboukir

20

11

502

Ben Sadeghipour

@NahamSec

3 years

Don’t ever let anyone tell you that you can’t do it. I grew up with a large number of friends and family members laughing at my “hacking skills”. Don’t same friends are proud of me now and bring it up every time they see me. If I did it, you can too, homie.

19

69

502

Ben Sadeghipour

@NahamSec

4 years

Server-Side Request Forgery using Javascript allows to exfil data from Google Metadata - AKA How I hacked @Snapchat with @daeken and @bbuerhaus !

10

81

502

Ben Sadeghipour

@NahamSec

4 years

I promise, I'll have the rest of the videos uploaded to YouTube soon. For now enjoy @Jhaddix 's "The Bug Hunter's Methodology v4.0" from #NahamCon2020

9

115

491

Ben Sadeghipour

@NahamSec

1 year

Anyone else get an Apple TV request at @defcon ?

31

66

499

Ben Sadeghipour

@NahamSec

1 year

Jason offering his content to people on a random USB.

35

15

486

Ben Sadeghipour

@NahamSec

3 months

After months of work, I have finally updated my Bug Bounty course with a massive focus on hands-on labs through @hackinghub_io ! More info here 👉🏼 Use code UPDATE50OFF to get 50% off! I also have some free codes! RT/Reply for a chance to win!

136

166

492