isn't csrf exposed publicly for every hacker to access it in the response header?

Do you have a telegram channel?

Hi buddy, Can I have your contact details please regarding the pen testing only please.

Hi bro, Can I have your contact details please, I have something to check with you regarding pen testing please @CyberSecurityTV

Tnx❤❤

Brothee help me out once that i found a jquery bug 2.2.4 the bitbucket and atlassians is vulnerable to 3rd party cors cve 2020-11022 their is a input page of writing a email address and a login page can you tell me the procedure should i use in here the comment box or LinkedIn page please its urgent

What the aplication you used bro?

Nice video

Good one bro

How can we boot it into mobile phones ?

Hello sir can we have pdf material related to Api(Soap,Rest,postman) it will be helpful plz

Please make more video like this sir. Thanks.

STUPID REDIRECTING SCAM BOT

Pajeet

Scam and false information.

I have downloaded tool but I don't see different templates by default, I don't see dropdown option for template choosing as well ... I have only Knowledge Base template. Could you please help on this. I know about tool usage and threat modeling concepts and methodolgies used, I have worked on paid tool "ThreatModeler" but now for a different banking client I need to work on free tool. Where I need to refer to learn how to build complex or large diagrams using MTMT. Please help here.

so what exactly can you achieve by performing length extension attack? why do people use hashes as signatures?

Thanks alot :)

Can you post here onion sites from 4:17

Helpful video. Can you please help me clarify few queries 1.When I hit attack to start the active scan, multiple browser windows open simultaneously. Is there any way to control this 2. Should I change settings while scanning any https URL

Thank you for this informative video brother, exactly what I wanted right to the point, again thanks.

This messed my USB stick up beyond repair. Don't follow this tutorial.

Hello , i tried zap on demo testfire and im sure the search box in the web site there are many vulnerabilites like XSS , html inj but zap didnt reported them in the alerts so did u have same thing or have a video of full scan of the testfire web and have this alert for search box (which dosnt need login even)

You're asking for a like before even teaching anything? lol

Please make a detail video on HIPAA controls rules

Can you give me the url of torch

If attacker sends his authorization code to the victim and victim gets the access token, then victim has access to the attacker's data right? please correct me if I misunderstood.

quick question, if the attacker has sent his authorization code to the victim, then victim has access to attackers data right? please correct me if I am wrong

Bro tell me from basics you diesctly open postman how to download it also tel everthing

Thanks for this. Easy to understands & got all the points related to Oauth. :)

do you know what you are doing lol?

dont know why more people arent talking about torbox and elude good job man im subbing

God bless you for this explanation. i have been trying to learn how to bypass waf. With this class, i can write my own payloads. Thank so much

Nice.. Awaiting for other Zap videos

Hello sir, is there any option to enable scan in the burp suit sir after intercepting the request

this means session token vulnerability is not there right?

Is the data in the " alert " section in OWASP ZAP not showing up?

Amazong !!

Awesome video, 😊

This is not defacement..this only happened at your end..real defacement is when you type url of the website and you see hacked page

What if script tag is filtered?

Can wie maximize the tor browser window or is it still a security issue?

Great video. Will more videos be coming to this series?

Video starts at 0:42

Thank you so much

Can you please tell which api playground did you use for eg rick and morty api likewise

Good session. I have one doubt , If I receive CSP alert for the URL which is not directly accessible for user[hidden URl] , then in that case how we can cross-check the vulnerability?

Thanks man this was very helpful ❤

This ZAP is a total piece of shit software from the UX perspective. I don't have 3 days to run a simple scan with authentication. What a joke ;/

Suggest us more on API security interview question and answer?