We need a video on XXE! Excellent explanation ma'am!
@cardzzz65854 жыл бұрын
Hey Katie! Thanks for this video! This is not a very popular topic so I really appreciate it!!!!
@InsiderPhD4 жыл бұрын
You're welcome! I think a lot of people get intimidated by seeing JSON/XML and don't really know what to do, so I wanted to make this so people can really get into API hacking with me! Especially with future videos covering APIs!
@cardzzz65854 жыл бұрын
InsiderPhD totally!! I know with me, API’s are really intimidating and it’s definitely a weak point in my websec knowledge! So these videos are a great help
@nathangriffiths88094 жыл бұрын
Very informative video Katie, you answered a lot of the questions rattling around in my head. I hope you don't mind me saying, you are getting a real pro at these videos now. Congrats!
@InsiderPhD4 жыл бұрын
😊😊😊😊😊😊 thank you I’m really trying to improve everything I can
@danielmaina48174 жыл бұрын
JSON... just what I needed
@1980cantrell11 ай бұрын
Love your videos .... please do NOT stop..... ❤🎉🎉🎉🎉🎉🎉🎉🎉
@Abhi-kp1fs4 жыл бұрын
Thanks a lot, this was really helpful!
@MrPaddy354 жыл бұрын
you are definitely right, if there is lods of json , i mostly thing its system things and just ignore it
@hackersguild84454 жыл бұрын
Thanks for sharing. That's really some cool information in the video.:)
@rianislam81554 жыл бұрын
those are really helpful for the newcomers...thanks for this
@DeLFeTube2 жыл бұрын
Another great video! Yes - please create an XXE video :)
@BlokeBritish3 жыл бұрын
Crocodile Brackets !! haha subscribed
@helalsadat20773 ай бұрын
By Learning From You , You Will See One Day i Will Tag You in a Tweet , thank you very much i am learning alot about API hacking From your videos and Corey J Ball's Book , Lot Of Love and Respect , God Bless You
@ViralComparison2 жыл бұрын
Thanks😄
@sankarghosh1723 жыл бұрын
11:22 It is a graphql response with Json data ....
@holybugx4 жыл бұрын
Nice Video , Thanks
@davidt014 жыл бұрын
Voting for XXE video.
@InsiderPhD4 жыл бұрын
Your vote has been noted!
@davidt014 жыл бұрын
@@InsiderPhD Hey, I have a question. So what if I can change the content type to application/xml, and it accepts it, but when I try a blind xxe to get a url, the request originates from my ip address. I got it to send a request, but instead of server side, it's from my ip address. Does that mean it's not vulnerable? I've tried other payloads but they don't work.
@mi2has4 жыл бұрын
Yes make video on XXE
@davidg94694 жыл бұрын
Hi! I'd like your opinion on the platform INE Training, I don't know if it's worth it. Have you used it? Have you known anybody who has? They're quite expensive. Cheers mate!
@InsiderPhD4 жыл бұрын
I’m not familiar with it! The only platform I do have experience with is Pentesterlab and I do recommend that one with a *. I’ll ask around and see!
@davidg94694 жыл бұрын
@@InsiderPhD on the 20th of this month, they'll be having s seminar about their new Cyber Security course, I'll stay tuned. Thanks for your help.
@0xx0394 жыл бұрын
is JSON really intimidating ? I love to see JSON responses
@InsiderPhD4 жыл бұрын
I did a poll and some of the discussions resolved around feeling intimidated by APIs and JSON, I wanted to get a video out there just in case esp as I’m doing a ton of videos on API hacking!
@shrirangkahale4 жыл бұрын
Note: GDPR applies to all programs that have European Users..
@imaadfaki55854 жыл бұрын
Is that JSON from your university API from pervious videos?
@InsiderPhD4 жыл бұрын
Yup! I worked hard on that damn thing so I’m going to expand it! It has a few new vulns for a blind XSS now :D!
@InsiderPhD4 жыл бұрын
Send me a @ on twitter for your prize :)
@imaadfaki55854 жыл бұрын
@@InsiderPhD it's @yaboi_kryp2o
@zoroatokpas87614 жыл бұрын
There is always one question on my mind iwhat is the difference between API endpoint and directory same ? : dumb qustn i guess, I cannot think of differences :(
@InsiderPhD4 жыл бұрын
No stupid questions here! An endpoint is like a URL that does something so KZbin.com/watch?v=whatever resolves into a video but KZbin.com/watch doesn’t do anything so that’s not an endpoint A directory actually stores stuff, so think the files for the videos KZbin, but you usually need a direct link unless you can see into the folder. Hope that helps!
@zoroatokpas87614 жыл бұрын
@@InsiderPhD Haha thank you !! this cleared me !! your video motivates me to learn more and more :!!
@ca79864 жыл бұрын
❤️
@Star-mi5ix4 жыл бұрын
Do you need to go to college to do bug bounty
@InsiderPhD4 жыл бұрын
No, but I think university is useful for other reasons, to meet people, be exposed to lots of different careers and to broaden your horizons!
@Star-mi5ix4 жыл бұрын
InsiderPhD thank you I’m doing a course & I was worried if I need to go to school too & I wasted my time
@faique29954 жыл бұрын
😍😍😍
@himalrawal75113 жыл бұрын
How to see json data in real world application
@InsiderPhD3 жыл бұрын
You see it a lot in mobile apps, but keep an eye out for app that automatically refresh like yahoo mail or apps with a lot of client activity, APIs are great places to find JSON
@SyedImran-qf1eh Жыл бұрын
Hello Mam, I have seen your videos but I don't have laptop how can I find through mobile phone. Can you please help me.