you are like a revolution to me you are teaching everything on point just keep uploading
@TomNomNomDotCom5 жыл бұрын
A great intro, thank you! :)
@theleopards41985 жыл бұрын
Keep adding content like that It really helps a lot waiting for next video
@MilMike3 жыл бұрын
This was very useful, even if not really clear in the beginning how you got these requests in burp, but figured it out (burp has a preconfigured built in browser which I used) I am a web developer and trying to secure my webapps.
@littlenikki11055 жыл бұрын
I'm glad someone else is starting to making videos for this keep it up!
@mickymcfarts57926 ай бұрын
Most useful video I've found so far. Thank you. Could we watch you find a bug this way from start to finish?
@judithmalshini54283 жыл бұрын
Thanks a lot for this video. you are such a lifesaver. Can you make a video where we can start on a company's website that is on a bug bounty platform. So that we can get an idea of how to start on.
@sa1tama04 жыл бұрын
Nice One!! Thanks for helping us. I appreciate your work. Although I do have a request, please upgrade the video quality.
@InsiderPhD4 жыл бұрын
Don’t worry I am re-recording this video very very soon! And will have an updated quality
@sa1tama04 жыл бұрын
@@InsiderPhD Okay, I will be waiting for that. Once again Thank you.
@moonselanac357 Жыл бұрын
best tutorial ever
@jorrge5 жыл бұрын
Awesome content! May I suggest HD for the next video? OBS helps with that easily.
@InsiderPhD5 жыл бұрын
Kron98 Yes for sure, I was actually using OBS but I think it over optimised and gave me a low quality video, I tried to re-record but didn’t like the take as much, oh well next video will be HD for sure :)
@jorrge5 жыл бұрын
It is free and super easy. Let me know if I can help!
@harshdranjan19804 жыл бұрын
going to say the same but anyway Thank you!!
@Djazeiry3 жыл бұрын
guys i've added a website to the scope but on the sitemap section nothing shows up ?
@ilinafrica5 жыл бұрын
Wow! Astonishing Start, more than a help to the universe it a blessing... But i need a favor...
@ilinafrica5 жыл бұрын
Please reply me.
@lk82724 жыл бұрын
Thanks heaps for your time...
@brooscap74522 жыл бұрын
How did you find out that sql is being used there?
@michaelcastillo40693 жыл бұрын
Thank you!
@judithmalshini54283 жыл бұрын
If we change something in the request does it affects the website?
@MrSatyavinay4 жыл бұрын
Nice one..But it would be great if it 1080p, as it is very hard to read.
@brodiecodie68125 жыл бұрын
Thank you, Great walk thru Blessings Thanks again
@learningpatience23713 жыл бұрын
i would like to thank you , for helping. I am new.
@akshaydeodare61494 жыл бұрын
How to set up burp if the target only allows access only via certain ip address (setting up proxy ip and port privided by target website)
@InsiderPhD4 жыл бұрын
Here you go: portswigger.net/support/burp-suite-upstream-proxy-servers it’s called an upstream proxy, the link shows you how to set it up, but burp can forward requests through another proxy, so requests go you -> burp -> proxy
@subhashchandradevkota80302 жыл бұрын
why there is no spider in burp suite 2021 ??
@EarninPk2 жыл бұрын
I need your help in bug bounty hunting
@ingridsophie37385 жыл бұрын
Thank you so much for the video❣
@stanjones98165 жыл бұрын
thanks a tonn for these videos.... May God bless you mam
@TheCyberWarriorGuy Жыл бұрын
Amazing :)
@xelkomy5 жыл бұрын
great work
@AjayKumar-xl4jc4 жыл бұрын
Good quality content
@notramin4 жыл бұрын
Do you have any suggestions for beginners like me from where to start to really find your first bug, as of I can see there are no bugs to find for beginners, it's really difficult for a beginner to find it. Because most of the platform are giving private programs to the experienced ones. So for a beginner from non tech background what would be your suggestion to learn and where he/she should start.
@InsiderPhD4 жыл бұрын
Don't assume that every bug has already been found, the more experienced bug hunters automate a lot and that leaves plenty of bugs that require more work, such as IDORs or Business Logic. I found my first bug at a live hacking event where I was competing with some of the best bug hunters in the world, not to mention the target's public program. To learn I think there's only one way, hack things, start bug hunting as soon as you're comfortable (using Burp or know a few bug classes), hell start when you're not comfortable. You will learn so much en route to finding your first bug than you ever will from months of video watching or article reading. Obviously, there's a lot to learn, but you don't need to learn everything and there's no critical knowledge mass you need to reach to start. Immerse yourself into the community, join communities, get to know people, watch videos, follow people on twitter etc.
@notramin4 жыл бұрын
@@InsiderPhD thank you.. 😊 One more question... which bounty program is best for beginners, which is the most easiest bug in 2020 ? I meant which bug do I need to concentrate thoroughly !!!
@InsiderPhD4 жыл бұрын
@@notramin APIs are really great, OWASP has just produced the OWASP API top 10 owasp.org/www-project-api-security/ so learning those bugs and looking at mobile apps w/ APIs I think is a great start for beginners
@6s64 жыл бұрын
Awesome video. Subscribed for more content like this :)
@mr.bruhnana85083 жыл бұрын
wait, so you can start poking around any website or do i need to search for something else? im confused since no one tells you what u can and what u cant sniff. Shits like starting drugs but you confuse them with flour.
@TanerNilluhktaf4 жыл бұрын
You started adding sites into scope. But you didn't show how to setup proxy for the browser first. My browsing is not reflected in site map.
@InsiderPhD4 жыл бұрын
I skipped that bit because there are a lot of other tutorials on that part, but thanks for the comment I will make one too :)
@TanerNilluhktaf4 жыл бұрын
@@InsiderPhDBut that was only half of the problem. Certificate! However I found tutorial on burp website how to install certificate.
@shreyabanerjee16844 жыл бұрын
Hey can you tell me why we use 127.0.0.1 as a proxy I mean what is the role of localhost here ?will all my traffic shifted in my own network?
@pawanprjl4 жыл бұрын
your proxy server i.e. burp suite is running on localhost on port 8080 by default ... so unless you direct all your traffic through your proxy server, it won't be able to capture those traffics .... hence our browser is set to direct all those traffic through localhost where our burp server is running ... hope this helps :D
@shreyabanerjee16844 жыл бұрын
@@pawanprjl hey man thank you..burp suite is quite intimidating for noobs So we can directly say that the burpsuite is running on our local host and and if I did some bruteforce attack on some website then it will not going to execute the actual attack on the main server but on the localhost only?
@pawanprjl4 жыл бұрын
@@shreyabanerjee1684 no the attack will be executed on actual server of website, its just that burp suite is the path through which you are sending packets, and you can view those packets through burp and modify it .... its like you are sending a parcel to a friend through a parcel company, but parcel company can view and modify what you send to your friend and what your friend sends you back.
@shreyabanerjee16844 жыл бұрын
@@pawanprjl hey so this means I can only test those website which gives the permission to do testing ..other than that it will be illegal! So can you tell me any method so that I can test any website and it will not be illegal afterall! Are you a cybersecurity enthusiast?
@pawanprjl4 жыл бұрын
@@shreyabanerjee1684 you can get involved in bug bounty programs where you will find a lot of sites who are welcoming hackers to check on their security ... or before performing any testing, you can ask permission for testing with owner of the site, and if you are granted with permission, you can carry on with that.
@jakianam95542 жыл бұрын
How to upgrade burp Disc upgrade doesn't work
@GriloBravo4 жыл бұрын
amazing!
@Jasiwardas4 жыл бұрын
11:56 I cannot read what she marks there to add the $ What does she want to do?
@InsiderPhD4 жыл бұрын
I am clicking "Add §" to set intruder to place our payload in that place. So every item from our list will be in that position when intruder runs. So if our list is: "yellow, green, blue" and we have "colour=§my col§", it sends 3 requests "colour=yellow", "colour=green", "colour=blue"
@secureassure54363 жыл бұрын
Melodic voice 😻❤️ What's ur good name?
@InsiderPhD3 жыл бұрын
Katie?
@secureassure54363 жыл бұрын
@@InsiderPhD I am having huge crush on U 😻 such a sweet tone u have..🐻
@secureassure54363 жыл бұрын
@@InsiderPhD long live Katie the teddy bear girl 🐻
@thesubhadeepdebnath3 жыл бұрын
Intruder Repeater Proxy Target
@efiita7554 Жыл бұрын
i love you 🥰
@steev9105 жыл бұрын
thnk you a lot
@Shmack_5 жыл бұрын
480p?
@Tux0xFF4 жыл бұрын
camera was low on battery, so a potato had to be used and was nearby.