Bug Bounty Hunters are WRONG about this‘ OR 1=1

Рет қаралды 4,745

20 күн бұрын

Hey everyone! This video is all about SQL Injection. Enjoy!
🚀 Learn about the easiest bug class here - • Bug Hunting is easy if...
📩 Download the SQLi Cheat Sheet here - bit.ly/sqli_cheat_sheet
👍🏻 Like, subscribe, and turn on notifications for more bug bounty insights
📬 Comment below with your best SQLi payloads
💻 Happy Hacking!
Follow me on
✖️ - / bughunterlabs
Thanks for watching,
BugHunterLabs
Chapters:
00:00 - Intro
00:40 - CVE-2024-2879
01:20 - SQLi Example
02:35 - Basic SQLi
03:09 - Error-bases SQLi
03:21 - Union-based SQLi
03:39 - Blind SQLi
03:48 - Boolean-based SQLi
04:11 - Time-based SQLi
04:29 - Out-of-band SQLi
05:15 - SQLi identification
05:56 - Wordlists
06:43 - Advanced Injection Points
07:47 - Second-order SQLi
08:22 - sqlmap
10:27 - Outro

Пікірлер: 35

@Horo-oe9yu 17 күн бұрын

Coming back to cybersec after a 3 month break, ur videos are indeed worth watching. You definitely earned a subscribtion!

@bughunterlabs 17 күн бұрын

Thanks a lot :)

@Free.Education786 18 күн бұрын

Please cover Ghauri for time based blind SQL injection using only http request with http headers and without headers using custom headers like x-forward-for or similar private headers. Technique also bypass WAF. Hope to see it soon. Thanks 🎉❤

@BLKSD 19 күн бұрын

I started to addict your videos

@arijit1472 19 күн бұрын

Great video with Catchy thumbnail. Keep it up man 👍

@Ott3rly 19 күн бұрын

Very good quality videos. I see that you put a lot of time and effort into this. Keep going!

@bughunterlabs 19 күн бұрын

Thank you! That means a lot! :)

@l00pzwastaken 19 күн бұрын

I watch both of you thanks both

@TheCyberWarriorGuy 19 күн бұрын

Please create a seperate playlist for vulns !

@m7mad540 19 күн бұрын

Yet another incredibly helpful and fantastic video! Your content consistently exceeds expectations. Keep up the excellent work!

@bughunterlabs 19 күн бұрын

Thank you :)

@abhisheksinha9719 19 күн бұрын

Please make a video on SSRF to gain metadata

@MustafaGains 19 күн бұрын

Great content

@IncomeMenu 19 күн бұрын

Bro this content is golden. However i feel like you need to work on the thumbnails

@bughunterlabs 18 күн бұрын

Thank you. How would you improve the thumbnails?

@confusionofdahighestorda668 11 күн бұрын

Nice video bro

@flexboigaming3706 19 күн бұрын

Next topic CSRF AND OPEN REDIRECT PLEASE ❤

@bughunterlabs 19 күн бұрын

Noted!

@l00pzwastaken 19 күн бұрын

Thanks I am learning SQL injection now already completed xss . Thanks for showing how it's performed. What you think about adding Broken Access Control to your video pipeline till .Also thanks for checklist

@bughunterlabs 19 күн бұрын

BAC is on the list :)

@No0ne683 19 күн бұрын

keep up bro

@firzainsanudzaky3763 19 күн бұрын

hey man, if i dont have burpsuite pro do you think its worth more to focus to sql, ssrf, xss ,or what ? i've found idor and xss bug but xss is out of scope

@bughunterlabs 19 күн бұрын

Don't buy Burp Suite Pro until your bounties cover it. There are free tools for everything you need to do out there. Have a look at ZAP and Caido as well. You can even find sql, ssrf, xss with curl and developer tools :)

@carsonjamesiv2512 19 күн бұрын

COOL!😀😃😎👍

@flexboigaming3706 19 күн бұрын

Your video content is too good ❤

@bughunterlabs 19 күн бұрын

Thank you 🙌

@anonraxor317 3 күн бұрын

cheat sheet link not working' or '1'='1--

@bughunterlabs 3 күн бұрын

Hi. It seems to work for me? Did you try: bit.ly/sqli_cheat_sheet

@anonraxor317 3 күн бұрын

@@bughunterlabs This content does not exist

@anonraxor317 3 күн бұрын

@@bughunterlabs This content does not exist

@mtthsgrr 11 күн бұрын

I'll not say this again kid: where are the half an hour/hour long videos? I need this on my table asap otherwise you're fired

@bughunterlabs 8 күн бұрын

Haha. These videos take a long time to make. I will have a look at how I can get to 1 hour.

@misero1 15 күн бұрын

Awesome videos you got here im loving the format you got keep up the awesome work. As someone studying cybersec for red team and pentestibg purposes its a great resource.