The burp extension, code to change the signature and the lab which was used are all linked in the description!

Once again, the best beginner friendly content out there. Keep it up.

Farah your are an role model and example of millions of Indian women.👍👍👍

As a pentester, I tell you you girl rock. Well done, keep up the good work!

Just don't stop these kind of Videos about Cyber security, as a Beginner myself I rely on KZbin for gathering 98% of knowledge, so thanks for giving us a video like this! Keep it going! 👍👍🔥

Just wanted to drop some appreciation your way! Your content has been an absolute lifesaver for beginners diving into the world of cybersecurity. I would love to see more videos on web vulnerabilities and diving deeper into those crucial interview questions which are not very common, but frequently asked in the interview. Keep up the fantastic work!" :)

Just randomly crashed into this channel yesterday and now I am a subscriber........you are doing a great job Farah.......looking forward to explore this field.

Awesome! Lots of videos showed how to do it but they did not explain the vulnerability like you. Thank you!

Welcome Back 🙌 Stay positive!!

M currently doing a project in my office.. they using JWT.. this was actually helpful for testing JWTs.. thank u 🙂

Hy please don't stop making videos. You are doing great job. I want indian women also be a part of this community 🙂

You've given a precise and beginner friendly tutorial.. thank you so much Farah ! 🤗

10/10 Awesome quality of video Very informative Nic editing 👍

What an amazing video! Great music and sound effects, superb graphics and editing, fresh technical content in a bite sized package, and such a pleasant voice. You're setting the bar really high, and I hope you continue you to do so! Good job!

Good stuff, one of the better JWT hacker vids. Another interesting angle to explore is JWTs as an injection/RCE vector, completely outside the context of bypassing authentication. Good times.

The best video 👌 out there.Looking forward for more attacks and contents from you..

Thanks to you I could complete a challenge that had been bothering me. Cheers!

content is super high quality - thank you, Farah!

very good vid this helped me complete a hack the box, very good explanation to.

That's really really helpful and easy to understand! Thank you!

Nice video with Great Explanation... looking forward to watch more videos....🥳

One humble request, please try and make a full playlist covering bug bounty hunting concepts with attacks, it can be a series of videos maybe 1-2 videos per week.You pitch your content really well. God bless you!

Thank you thank you thank you mam , please keep on teaching

Explanation is top notch.

Please make video on Beginner guide to cybersecurity/ethical hacking and all stuff like scope, carrier, programming languages, Basics,Certification, what to Learn and where?,Resources, etc...

Your way more interesting than most teachers probably because you so young I would expect you to know much so that's good

wow, you are doing awesome. please keep on posting such walkthrough.

I love you and your teaching ❤️👍🙏

Thank you Farah for this useful videos but please also suggest us what is recommended way to use.

Thanks Farah. Just a suggestion that a zoomed coding screen would really be helpful.

Huge respect Farah , thank you .

Useful video please make full playlist on how to use burpsuit.i think You explain it better than others

Thank you so much for clear explanation.. 😊👍

Yeah That's what a content creator

You're the best. I'm beginner in cybersecurity and I was wondering if anyone could help me where to start. Your videos gave me some direction. carry on👍👍👍

Great tutorial I must say. Could you Please make a guideline type or learning path type video to Start in Cybersecurity field. What are the topics and which resources should follow as a beginner? Thanks

Again Thank for this awesome video...👍 Pls don't stop making such a awesome video..

It's great Really OP I love the way you teach

hello you helped me with ctf tournament thank u very much love ya

great work , you deserve the best

Your video is really good for beginner but can you go a little slow and a bit more description? Then it would be perfect.

please create a video on how to set up burp suite with android and intercept loved this video :)

Great content. I've noticed that you blink a lot on this vid. As a suggestion it'd be nice to bring a vid about the tools you use/like/recommend like the one on this vid.

Very basic attacks but nicely explained 👍

Really Great Information Farah Didi | Thank You So Much | 💝🙏💌

I absolutely love ur videos !! Greets from Brazil

Amazing...but it’s too fast..I got few doubts ...how can I contact?

Is the header really important ? I mean why would they show the attacker the alg they are using. Maybe make the signature unpredictable like this? hs256(bs64url(fakeheader)+secretkey+bs64url(body)+bs64url(secretkey),secretkey); am i doing it better or it is bad practice?

I love your content, but can you make a video on nftoken

Hey farah, Great of you. Would you make a video on your journey till today for the very begginers who wants to Kickstart their career.

Great and simple..!

Thanks for dedicating content for beginners !! You are my hero, I want to be just like you when I grow up :)

Thanks for video it is really nice and simple to learn. Keep it up...

Explained very well. Hats off

Gr8 job, keep it up

Please continue to post new things you are learning. I could see interesting stuff in your channel. please keep on post new things

Great job! Really learning a lot out here. Keep up the good work! Happy hacking!

Simple Explanation, Good video

Hello Farah you make video (Subdomain Takeover Attack) i'm waiting for your next video

thank you so much farah

Thanks Farah!! Learnt something new

Nice video. Respect!!

Said scenarios are not realistic in production. Who implements jwt and doesnt verify signature ?

keep up the good work really love the video

Good one, finally I understood the concept 👍

i really enjoyed your stuff , stay positive

Thanks for this . And really it's helping me alot as a beginner .

No such file or directory: 'public.pem' error generate from your script. How can I solve this error?

you explained very precisely

Hey, I have a question. What do you do when you find a site using HS256 algo, do you suggest them to go for RS256 or just let it be?

All right but can you tell me how to change the token manually plz becoZ we don't have option which you used in your burp suite.Thank u

Hello Farah, Great video I would love to watch more this kind of content and a video how you started in this field a journey video would be great

how to find the hs256 key ?

Please make a tutorial on Burp Suite

Keep growing di

Love from far, from ethical learner

Keep it up Farah!

Great video thank you 💝🇲🇦 following you from Morocco ✌ keep it up

I love you content, we learn a lot from people like you. Hope to be a great bug hunter someday ^^

Well this is very helpful ❤️ thank you and waiting for your next video

i am not able to modify tokken through JSON Web Tokens extension :/

You are legend! Hopefully one day i can be good and work together with you

Great content but Why u don't upload videos regularly

Make more videos farah

Muchas gracias, gran video, me ayudo mucho.

This video is really beginner friendly...❤ Already feels like i become a hacker..haha Bt Can you please add subtitle in your videos??? That will be really helpfu.. And thanks a lot..

Ty +1 subscriber! Hi from Argentina.

Hey farah, I hope you're doing well. I just wanted to ask one small thing which is confusing me, JWT are used for "authorisation" which means after we're logged in it is used to check if we're the same user which logged in vis "authentication". So my question is you used jwt authentication in your thumbnail but jwts are used for authorisation, I just want you to clear this confusion because I think I'm missing something

Thanks Farah...

thanks ma'am this helped a lot 👍 plzz make such video's and ignore false comments we badly want your help and videos 🙏

how i can export publickeey with .pem format in webpage? pls answear

Good tutorial

Very well explained. ✌

Hey farah. New subscriber to your channel. I just started cybersecurity and ceh. Where should I start from. Any suggestions please

Hey, are you doing all this in windows or in Linux? It seems like you r using windows

Hi Farah, I'm a beginner to Burp Suite. How did you get the JSON Web Token Tab in your intercept.?

Great.... it was sooooo helpful :)

Hi Farah, That was an amazing video ! Just out of curiosity is there a way we can know how session ID's are generated by bruteforcing or any other means, any help around this would be helpful ! Thanks much :D

Very good tutorial,

Nice and beginner friendly