By Intigriti
October 5, 2020
At Intigriti, we have a tremendous amount of respect for content creators and educators devoting their time and energy into bringing the bug bounty community to the next level. In times where superficial algorithms delete or demonetise educational content for hackers, we believe it is our duty to help support the mentors, teachers and creators that are the foundation of our rapid community growth and success.
We’ve compiled a shortlist of 20 bug bounty channels for you to subscribe to and how to support them, ranked by subscriber count. With hundreds of amazing creators out there, we’re well aware that this list is incomplete, so if you didn’t spot your favourite hackfluencer, let us know so we can add them to our next compilation!
Update: a lot of readers have also suggested IppSec & PwnFunction! Make sure to check them out!
520K subscribers – support on Patreon
LiveOverflow may describe himself as a wannabe hacker, but his videos prove otherwise! The Germany-based CTF player is known to upload deep-dive 10 minute explainer videos on various niche topics, pleasantly visualised with easy to grasp sketchbook animations. LiveOverflow covers a range of different topics, from more educational tutorials to covering real stories, questions and thoughts related to hacking!
Sample video: “Hacking My Instagram Account”Subscribe
495K subscribers – support on Patreon
HackerSploit has 370+ videos on hacking. This includes many series on ethical hacking and penetration testing, linux essentials, challenge walkthroughs and Cybertalk, an InfoSec show co-presented with Cristi Vlad. Although he touches on different topics, his specialty is Linux. His videos provide excellent introductions to topics like Docker for Pentester’s, zsh, Nmap, etc.
Sample video: “Switching To ZSH”Subscribe
495K subscribers – support on Patreon
The Cyber Mentor is an ex accountant, now hacker and entrepreneur who is best known for his fantastic courses on penetration testing. He covers topics like network pentesting, Linux basics for hackers, and more recently Web application security. He also shares his entrepreneurial journey as an independent penetration tester with full transparency, and even has a series on teaching his wife hacking. Both fun and educational!
Sample video: “Beginner Web Application Hacking (Full Course)”Subscribe
112K subscribers – support on Patreon
John Hammond is a true legend when it comes to capture the flag contests. Like his name name-twin from Jurassic Park, John is a passionate creator and a humble community member. You may know him from the popular CTF challenges he created for NahamCon and HacktivityCon. What really sets John apart that he’s not only so good at creating challenges, but also explaining how they work and how you can solve them, educating others and helping them to reach the next level.
59,5K subscribers – support on Patreon
With his distinctive looks and vaporware aesthetic vibes, STÖK has taken the bug bounty world by storm. He is a vegan trained chef, IT consultant turned sustainable fashion store owner, bug bounty hunter and keynote speaker. His videos include a weekly educational show called Bounty Thursdays, talks on how to approach bug hunting, motivational speeches, fun coverage of the bug bounty life, tutorials and more. Positivity guaranteed after watching him!
Sample video: “HOW TO GET STARTED IN BUG BOUNTY (9x PRO TIPS)”Subscribe
28,1K subscribers – support on Patreon
Ceos3c has dozens of video tutorials on Linux, open source tools, hacking and challenge walkthroughs. He recently made a switch to learn bug bounty and is documenting his journey in a series titled “The Ethical Hacking Diaries”.
Sample video: “WSL 2 for BUG BOUNTIES!”Subscribe
26K subscribers
NahamSec is one of the most influential bug hunters and has an incredibly positive impact on the bug bounty community. He is known for interviewing some of the best bug bounty hunters, live hacking streams, tutorials and vlogs. You’ll also find on his channel talks from conferences he co-organised. Not only did they involve hackers presenting cutting-edge techniques (with a focus on Web hacking), they also helped raise thousands of dollars for charity!
Sample video: “Exploiting a Server Side Request Forgery (SSRF) in WeasyPrint to hack Lyft & HackerOne’s $50M CTF”Subscribe
18,8K subscribers – support on Patreon
Cristi Vlad is a civil engineer by training that taught himself Python and bug hunting. His Youtube channel is all about Web application and network testing, interviews with hackers, live streams with Q&A’s, tutorials, challenge walkthroughs, plus other topics of his interest that are unrelated to hacking.
Sample video: “Best Pentesting Tools, Getting an Infosec Job, Hard HTB Boxes – Cybertalk with HackerSploit”Subscribe
17,4K subscribers – support on Patreon
InsiderPhd is a UK-based PhD student and part-time bug bounty hunter. She regularly releases educational videos on different aspects of bug bounty. Some are vulnerability tutorials with demos, others tackle the planning side of bug bounties (e.g. taking effective notes, how to choose programs, goal setting, motivation…). This unique approach is particularly interesting to beginners seeking to learn the technical side of bug hunting without overwhelm, and how to find their first bugs.
Sample video: “How to Take EFFECTIVE Bug Bounty Notes”Subscribe
12,8K subscribers
Farah Hawa is a bug hunter and application security engineer who has a talent for explaining the most complex Web vulnerabilities in an easy to understand manner. In her unique style, she goes straight to the point and tells you only what you need to know to understand and start testing for security issues in OAuth, JWT or SAML. Her channel also has a few interviews with bug hunters that are worth checking out.
Sample video: “Web Cache Deception For Beginners!”Subscribe
11,8K subscribers – support on Buy me a coffee
Pratik Dabhi is a bug hunter who is on a mission to share his knowledge. He does so through videos on diverse topics such as Web application security testing, Android hacking, or reverse engineering. Many of them are in Hindi but the latest interviews with other bug hunters are in English and are very informative.
Sample video: “Cybertalk ep13 – @hakluke Talks About Creating Content, Bug Hunting, Pentest, Automation & Resources”Subscribe
4,33K subscribers – support on Patreon
Hacksplained is a senior security engineer who’s focus is on penetration testing. He started this channel as a means to continue learning and following security trends by teaching. On it, you’ll find educational videos, tutorials and mostly short walkthroughs of Web vulnerability using OWASP Juice Shop.
Sample video: “How to understand user privileges faster (using Firefox Multi-Account Containers)”Subscribe
4,31K subscribers
Zseano is a UK-based bug hunter who has a knack for finding interesting bugs on core Web apps without relying on recon, which everyone else seems to miss. He organised a bunch of live mentoring sessions that can be found on this Youtube channel. He goes through his methodology, tips on how to start bug hunting, bug writeups, walkthroughs of challenges he created and more.
Sample video: “Unique Mindset – Hacking with zseano”Subscribe
3,84K subscribers
This Youtube channel by Grzegorz Niedziela focuses on explanations of interesting bug bounty reports. This is an excellent way to learn about advanced vulnerabilities and bug chains especially for visual learners.
Sample video: “$XX,000 eight XSS with 4 bypasses on Airbnb”Subscribe
3,78K subscribers
Reconless is a security-focused Youtube channel by bug hunters/security researchers Filedescriptor, Ron Chan, and EdOverflow. Their focus in this channel is on Web application security with short high-quality videos on advanced vulnerability walkthroughs and testing methodologies.
Sample video: “Improve Your Hacking Skills Using Devtools | Bug Bounty Tips”Subscribe
3,66K subscribers – support on Patreon
The XSS Rat’s day job is in QA/QC, but his passion is security and bug bounties. He regularly publishes short videos on a variety of topics relevant to bug hunters. This includes interviews, tutorials, Q&As, tips, and his answers to questions all bug hunters ask themselves when starting out.
Sample video: “Bug bounty tips i would give my younger self”Subscribe
2,76K subscribers
Hakluke is an ex musician, developer and penetration tester who is now into bug bounties. He describes himself as “a cyber security professional who is obsessed with self-growth”. This channel is a great way to share his healthy obsession and contagiously positive attitude! Videos uploaded until now are about motivation, the hacker mindset, how to best approach bug bounties, plus a couple of interviews with hackers/entrepreneurs.
Sample video: “10 Tips For Crushing Bug Bounties in the First 12 Months”Subscribe
1,47k subscribers
Codingo is known as the creator and maintainer of multiple tools for Web security testing such as Interlace, Crithit or VHostScan. His Youtube channel is brand new with two videos as of now, each one being a deep dive into a bug bounty tool. Judging from their quality and Codingo’s past work on other platforms, this is very promising and definitely worth a follow.
Sample video: “How to Master FFUF for Bug Bounties and Pen Testing”Subscribe
961 subscribers
RogueSMG is a part-time bug hunter who is sharing his journey as he is learning Web Application Security. In each video, he dives into a specific question related to bug hunting. This includes reconnaissances, methodology, what to do after recon, which tools to use at each step, pitfalls to avoid, etc. If you want to learn about these topics and like memes, you’ll probably enjoy this channel!
Sample video: “5 Reasons you suck at Bug Bounties”Subscribe
853 subscribers
Resethacker is a community of hackers from India. Their Youtube channel is relatively new. It features “The @resethacker Show”, a series of interviews with hackers and bug bounty hunters and “RESTCON”, the first edition of a virtual conference on different topics including IoT hacking, recon, becoming a penetration tester, DevOps, attack automation, etc.
Sample video: “Approach to Find Vulnerability or Target by RESETHACKER”Subscribe