Пікірлер
@TheEbalmon Сағат бұрын
Scripting is too much for me...😓 Thanks!!
@EdreesO7th-w5i 3 сағат бұрын
Hi rana hope you're doing well. how were you able to refresh the tab and see the results you've gotten from repeater, actually i couldn't replicate that, btw I am using firefox and foxyproxy in my side
@ali-wz6nz 21 сағат бұрын
00:05 - CSRF vulnerability allows email change without defenses. 01:43 - Demonstrating CSRF vulnerability through email change function. 03:26 - Analyzing CSRF vulnerability conditions through email change functionality. 04:51 - Understanding CSRF vulnerability with predictable request parameters. 06:08 - CSRF forms can be exploited for unauthorized actions. 07:24 - Demonstrating a CSRF exploit using an exploit server. 09:01 - Demonstrating a CSRF exploit to change a user's email address. 10:29 - Demonstrating a CSRF exploit through user interaction.
@mehrankurd Күн бұрын
fantastic
@anashreer 3 күн бұрын
expire otp ? hhhhhhhh
@tayyab.sheikh 3 күн бұрын
Such a detailed explanation!
@amazingfacts8910 4 күн бұрын
Clear my all doubts,Thnx😊
@predestined97 6 күн бұрын
Thank you.
@frownless 6 күн бұрын
Hi Rana do you have any discount codes now for your academy? Interested in purchasing
@quanduonginh8602 6 күн бұрын
thank you so much , video is very usefull
@RakibHassanAkash 7 күн бұрын
I seems that your voice is need to more clear and slow. Finally it's very helpful.
@A.G.555. 10 күн бұрын
thanks this video is very helpful
@ahamedsobuj7915 10 күн бұрын
Useless video
@TheEbalmon 12 күн бұрын
Muchas gracias!!
@eforever27 13 күн бұрын
nice :D
@TheEbalmon 13 күн бұрын
Muchas gracias maja!
@PouriaJafari-e1v 14 күн бұрын
thanks
@ggelosstavrou9117 15 күн бұрын
I get invalid CSRF token
@JohnAuHermes 16 күн бұрын
hey please keep going with the videos, they are quite good, great job and thank you!.
@hellohi5814 16 күн бұрын
You already changed the email at “2:30” and it was updated, so what’s the point I didn’t get it ?
@intruder70 17 күн бұрын
But how can i get table name in real world in this case, i mean blind SQL?
@GabrielCoelho-u5k 17 күн бұрын
Thank you very much!!!!
@magican208 18 күн бұрын
❤❤❤ from Pakistan😊
@cyberluk3 19 күн бұрын
Hey Rana - really good tutorial. May I ask why are you taking notes on VScode?
@ShahinAhmed-tl7tw 20 күн бұрын
Hello How do I create an exploit server to receive emails in real life? Could you please explain me that?
@kiwioil0c697 20 күн бұрын
i love her guys
@ueivamarquessouza4913 20 күн бұрын
I love your explaination! Thanks!
@codermomo1792 20 күн бұрын
It is better to use binary search
@codermomo1792 20 күн бұрын
19:52 U can also use substring to determine the length of the password. By increasing the first number and testing if the substring equals nothing (empty). 'AND..Substring (....20,1) = [nothing) IF IT equals nothing it means we exceeded the length
@mohamedeletrepy4740 21 күн бұрын
free palestine
@gullitlevia787 25 күн бұрын
Hi Rana, this is the best video on CSRF. I've watched about four videos, but they lack substances and contents. Yours presented with detailed explanations about the GET and POST methods used in CSRF, included diagrams and traffic flow directions. @Timeline 35:17, can you please clarify is session token = cookie session?
@MostafaMokhtar-sw4sb 27 күн бұрын
Very useful Thanks alot :)
@ggelosstavrou9117 27 күн бұрын
All of These images requests at 3:01 do not appear in my burp . Do you know why ? I don’t modify anything it’s just the default burp setting in Kali Linux
@tanmaybhayani 29 күн бұрын
Best video on this topic. This is gold. Thanks so much for this.
@x12ab Ай бұрын
terrible voice
@priesthoodemmanuel3243 Ай бұрын
i learn from videos how do i get video classes
@曹曹嘉旭 Ай бұрын
In this experiment, why can't I see the log after I input the poc according to your method and click Send to the victim api key in
@dynamicstech8334 Ай бұрын
Awesome,
@XXH-vd7os Ай бұрын
i just love your videos .. ❤❤