I was in an interview this morning. And all we discussed was around HSTS and SSL. I must say all Cyber Security folks should be aware of your channel. If I had watched this video earlier, I would rock the interview. Great videos mate!! Keep up the good work!! You are making the world better place.

Guy must be really fun to interact with. Great explainer!

Fantastic video. As a professional software engineer, I appreciate having these concise videos on security to reference when I forget about concepts (particularly in security). Seeing as you're a software engineer as well, I would appreciate more videos on cybersecurity from a software engineering perspective e.g. How to properly secure Docker containers, tips on securing my Nginx server that's facing the public Internet, etc.

SSL stripping was a great example to start with, which explains why do we need HSTS in the first place. Awesome video, Thank you!

really good explanation. After going through the video, i was able to identify how HSTS works for the first time and how MITM attack works which i wasn't able to understand after looking at other people's video

Your videos are very addicted :) Imo 80% tech videos on YT are garbage, another 15 are good and the last 5% are outstanding. Your videos are definitely in these 5% Keep up the good work sir!

I just checked this channel content after seeing this video. This channel is super amazing 💥💥.

sir I found your channel today, I have exam tomorrow and you helped me..you are talented in explaining thank you so much! +1sub

Keep up the good work Husain. I am learning a lot from your videos. Cheers!

You keep the interest in IT alive 👍👍

Great video with clear explanation 10/10. thank you for making this!

Neat and clear! Really informative, thank you sir!

Brilliiant Hussein !. Keep up the good work. As told by @binaryblog your videos are very addictive coz they explain in detail with no doubts hence making them very catchy.

Great videos. Looking forward for some videos on "VPN" security related issues and mitigations around it.

Love your enthusiasm. Thanks

This is a really cool video. I always heard this term bounce around in office, now I know what it meansssss

I don't understand why the user-agent/browser does not always just try connect to https regardles, to see if it exists first.

Great video! quick question, regarding HTTPS interception attacks, what would be the best solution, HSTS or Certificate Pinning. -thanks

love this content. Very authentic and informative.

Let's say you create a new website and a client connects to that website for the first time does it mean for the first connection the client will make a http request first then switch to https , and after the website has been added to the hsts list will all the types of web browsers for every client across the world have that updated list or will it just affect only the client that connected to that website?

good explaining

ssl striping is not what u said realy , it's when the client send a request as https but the attacker is in the middel and downgrade it saying that the server only use http , in the case that u mentioned the user in the begining send http which is simple for the attacker no need for striping he will respond instead of the server with an http resp. but thanks for the explanation

Slim Shady's Starbucks took a hit after this video

when i type my banks official address with https, it goes first to http and shows insecure connection then redirects to https. I find that very disturbing and strange. why does that happen? is it because they registered their dns with http first? im using google dns

Thank you!

Hi Hussein, what happens if you call an HTTP site, even the site is on the HSTS list? What's the answer?

Hey, how do i get that kind of a mouse cursor with the trail like that? please reply =)

NICE

well its hard to sniff to someone now! unless you have the power to connect to the main network switch! or create your own evil twin! the attack vector is hard!

subbed

man make some schema please, is the purpose videos