as a guy used to Burp community I would have used python to prepare word list all hashed up like that... it takes me forever but it's nice to see the way the smart kids do it.

Lol, I had the same issue with Burp licence! Good timing, thanks.

Great video, please do more of this with ZAP

I used this for a pentest last weekend. I only used two websites, and one is quite popular. I got someone's Visa card from the second one. The first one was flagged like it was built to be hacked. I also had to dig deep into their policies to figure out there's no explanation for FaceBook, Stripe, Serio and 4 other APIs doing GET and more destroying any way of making what our company needed compliant to use. They also have no nothing about security for Q1 2022. And I sent them my pentest report, and with the shocking details of being able to literally browse each users database they haven't reached back in 6 days! I usually use this to scan, but I took a deep dive into the extra add-ons while putting Ubuntu on my Microsoft Surface 😂

Thank you for the tutorial and you gave the links to the resources. 👍

It will be great if there is comparison between the speed of brute-force with Burp CE, Burp Pro, ZAP and Python script. May be with other languages too ;]

Stay consistent bro

nice video ...but where this can be useful? in only bruteforcing ?

Love this stuff ^^

Montana represent

Thanks Kody.

The first time I security scanned a website with OWASP ZAP, a bunch of data appeared in the "alert" section , The next day when I continued to scan that website, but " alert " item appeared nothing ? Is the data I scanned the first time still saved? how to get it??

Hi! I have a question, would it be possible to use pinephone pro instead of nethunter? They say it has root privileges by default, and also comes with linux terminal, but idk if its apt to do the same thing as a rooted android phone

is this guy the same guy in null byte? Something pretty similar both guys don't blink at all

I wana ask you i wish that you respond me very soon .. i opened a session in udemy with cookies and after minites i'd close a session .. but when i would reopened again with same cookies it failed.. how to login again and again?

Great video.

Fantastic 🤣👍✔️

Nice one thank you

is it possible to find the actual source of the API url? For example, if there is an API /POST/SERVE/12345, but it's getting the object from the GCS and serving, how to you see the actual URL?

Thanks

I love it

does this work with gmail ?

how to get rid of this virus cookies?

amazing :o

Does he even blink ????

Using Owasp Zap on Burpsuits labs lol

First from somalia

You have the 3-4 kHz band filtered too hard - much harder than the last Hak5 video you did. Makes it very hard to listen to. As soon as I heard it I knew, but I brought up my audio spectrum analyzer to verify it. There's almost zero energy at those frequencies. Do you know how important this band is for human speech comprehension? I'd like to believe it's a mistake, but more and more KZbin people are doing this, supposedly to try to 'add bass' to your voice. Okay, if you wanna add bass, ADD BASS. Stop nerfing 4 kHz into the ground.

Plz make video on bypassing android 12 google account

this method good but my Priority open bullet

You don't start off with a whole bunch of words on the screen your scaring the children

Please translate into Arabic.