Burp Macros - Enhance your Web App Pen Testing

  Рет қаралды 6,770

Jason Ford {JSON:SEC}

Jason Ford {JSON:SEC}

Күн бұрын

Using Burp Suite Macros is a powerful way to enhance your Web Application Penetration Testing and Bug Bounty Hunting capability. From Automatically regenerating CSRF tokens to 2nd Order attacks, the Macro Editor will save you a lot of time and really enhance what Burp Suite is capable of.
Links:
_________________________________________
Twitter: / json_sec
Buy me a coffee: PayPal.Me/jsonsec
===== About JSON : Sec =====
JSON Sec is a Cyber Security KZbin channel, bringing you a range of videos from technical tutorials, security tips and documentaries . The goal is to help everybody through all technical levels to improve the security of their digital life.
Please consider subscribing if you enjoyed this video!

Пікірлер: 15
@janekmachnicki2593
@janekmachnicki2593 21 күн бұрын
Great tutorial
@andretorresbr
@andretorresbr 2 жыл бұрын
Great. Cheers from Brazil.
@rtvikkatarya3634
@rtvikkatarya3634 2 жыл бұрын
hey man great video
@kumararun6593
@kumararun6593 Жыл бұрын
Thanks mate
@whetfaartz6685
@whetfaartz6685 11 ай бұрын
very radical thank u!
@fedemolto
@fedemolto Жыл бұрын
Thx
@itsm3dud39
@itsm3dud39 2 жыл бұрын
thens
@yux1an
@yux1an 7 ай бұрын
I'm having problems with the csrf token being updated, it updates the token only to the original csrf selected on the macro and does not generate anything new. Any ideas why would this happen?
@Dilipkumar-by2wu
@Dilipkumar-by2wu 6 ай бұрын
I'm having the same issue but in my case it's session_code do you got solution to this?
@dulemagija8584
@dulemagija8584 9 ай бұрын
I don't get it, based on what he generates new csrf tokens every time?
@JSONSEC
@JSONSEC 9 ай бұрын
Exactly, it will automatically update the csrf so you don't have to
@x87-64
@x87-64 10 ай бұрын
How does Burp know where to put custom parameter in our requests?
@JSONSEC
@JSONSEC 10 ай бұрын
Good question, that's with the curly $ signs
@x87-64
@x87-64 10 ай бұрын
@@JSONSEC I meant when set the macro to capture the user_token using that regex thing, how does it automatically put it as the GET parameter user_token. How does it do that?
@alanadelson4647
@alanadelson4647 3 ай бұрын
@@x87-64when You have this answer share this with me cause I have this dude Too
Bypassing Brute-Force Protection with Burpsuite
15:26
Bypassing Brute-Force Protection with Burpsuite
Hak5
Рет қаралды 92 М.
Find hidden input using Param Miner BurpSuite Extension
13:20
Find hidden input using Param Miner BurpSuite Extension
thehackerish
Рет қаралды 30 М.
КАК ДУМАЕТЕ КТО ВЫЙГРАЕТ😂
00:29
КАК ДУМАЕТЕ КТО ВЫЙГРАЕТ😂
МЯТНАЯ ФАНТА
Рет қаралды 10 МЛН
Can A Seed Grow In Your Nose? 🤔
00:33
Can A Seed Grow In Your Nose? 🤔
Zack D. Films
Рет қаралды 21 МЛН
Why Is He Unhappy…?
00:26
Why Is He Unhappy…?
Alan Chikin Chow
Рет қаралды 56 МЛН
ПРОВЕРИЛ АРБУЗЫ #shorts
00:34
ПРОВЕРИЛ АРБУЗЫ #shorts
Паша Осадчий
Рет қаралды 7 МЛН
Burp Suite: Intruder - TryHackMe Junior Penetration Tester 4.3
47:23
Burp Suite: Intruder - TryHackMe Junior Penetration Tester 4.3
Brock Rosen
Рет қаралды 7 М.
Burpsuite Basics (FREE Community Edition)
28:01
Burpsuite Basics (FREE Community Edition)
John Hammond
Рет қаралды 489 М.
PortSwigginar: Burp Scanner for pentesters - March 2023
42:06
PortSwigginar: Burp Scanner for pentesters - March 2023
PortSwigger
Рет қаралды 13 М.
Don't test for IDOR's manually, Autorize is so much faster!
6:26
Don't test for IDOR's manually, Autorize is so much faster!
The XSS rat
Рет қаралды 22 М.
Transport Layer Security (TLS) - Computerphile
15:33
Transport Layer Security (TLS) - Computerphile
Computerphile
Рет қаралды 474 М.
Automating Multi-Step Workflows with the Burp Extension Stepper
21:28
Automating Multi-Step Workflows with the Burp Extension Stepper
Ryan Armstrong
Рет қаралды 443
Maintaining an authenticated session using Burp Suite
5:12
Maintaining an authenticated session using Burp Suite
PortSwigger
Рет қаралды 7 М.
Scanning at lightning-fast speeds! Turbo Intruder - Hacker Tools
10:06
Scanning at lightning-fast speeds! Turbo Intruder - Hacker Tools
Intigriti
Рет қаралды 12 М.
The Creepiest OSINT Tool to Date
8:54
The Creepiest OSINT Tool to Date
The Cyber Mentor
Рет қаралды 618 М.
Exam Prep Guide Certified Red Team Operator (CRTO)
6:47
Exam Prep Guide Certified Red Team Operator (CRTO)
Jason Ford {JSON:SEC}
Рет қаралды 7 М.
Samsung laughing on iPhone #techbyakram
0:12
Samsung laughing on iPhone #techbyakram
Tech by Akram
Рет қаралды 6 МЛН
😍 Таких шикарных и гибких телевизоров, тем более за такую копеечную цену вы больше нигде не найдете.
0:12
😍 Таких шикарных и гибких телевизоров, тем более за такую копеечную цену вы больше нигде не найдете.
Любимый WB
Рет қаралды 3 МЛН
iPhone 15 Pro Max vs IPhone Xs Max troll face speed test
0:33
iPhone 15 Pro Max vs IPhone Xs Max troll face speed test
WINSELL
Рет қаралды 6 МЛН
8 Товаров с Алиэкспресс, о которых ты мог и не знать!
49:47
8 Товаров с Алиэкспресс, о которых ты мог и не знать!
РасПаковка ДваПаковка
Рет қаралды 171 М.
iPhone socket cleaning #Fixit
0:30
iPhone socket cleaning #Fixit
Tamar DB (mt)
Рет қаралды 18 МЛН
Dieser Trick hat tatsächlich FUNKTIONIERT| Laden Sie Ihr Handy mit einer Zeichnung auf #kurz
0:21
Dieser Trick hat tatsächlich FUNKTIONIERT| Laden Sie Ihr Handy mit einer Zeichnung auf #kurz
One More German
Рет қаралды 1,6 МЛН
Как бесплатно замутить iphone 15 pro max
0:59
Как бесплатно замутить iphone 15 pro max
ЖЕЛЕЗНЫЙ КОРОЛЬ
Рет қаралды 8 МЛН