How To Search For CSRF!
Рет қаралды 36,177
Күн бұрын
@igbinosuneric 2 жыл бұрын
they say you learn by doing. did not understand CSRF still I did this tutorial, plus I don't have burp bro so I modify the HTML template to look like yours. keep it up, guys
@intigriti 2 жыл бұрын
We are glad to hear that you are learning from our videos 😇 Good luck on your journey!
@bertrandfossung1216 3 жыл бұрын
I love intigriti. We'll start hunting on that platform soon. Thank you for all you do to make us better Security reserchers. Great video. My best bug class. CSRF 🔥🔥🔥🔥
@intigriti 3 жыл бұрын
Niiiice, we are looking forward to welcoming you on our platform 🥳.
@dennismunyaka6537 3 жыл бұрын
intigiriti not a bad platform. only problem for me is the language barrier haha
@fahadfaisal2383 3 жыл бұрын
Nice man . Keep it going
@intigriti 3 жыл бұрын
Thanks, will do!
@KarolPosiewała 9 ай бұрын
You are great! Keep good work. I hope you now you are helping lots of ppl to turn around their lives :)
@intigriti 9 ай бұрын
🙏🥰
@Sana123236 7 ай бұрын
do you know which software is this?
@MCTorse Жыл бұрын
Hey! The video is very useful, thank you! I have a question, how do we know which request headers to remove?
@intigriti Жыл бұрын
Generally speaking you will have to learn what the different request headers are used for. You can always send the request to Burp's repeater and start by removing individual headers to see what happens, playing around with them.
@dustinjoosen5901 6 ай бұрын
Thanks. I had a lot of issues with this lab
@intigriti 6 ай бұрын
Glad it helped!
@HerbertEduardoFernandezTamayo 2 жыл бұрын
great walkthrough, thanks a lot. Question: if the webapp use JWT instead of session's cookies, this means the application is totally immune to CSRF attack?
@intigriti 2 жыл бұрын
Pretty much yes. If your application uses an authorization header which is not automatically set by the browser (such as cookies and basic auth), there is chance for CSRF.
@Sana123236 7 ай бұрын
@0.33 Which application is this? newbie here
@intigriti 7 ай бұрын
Hey! You wanting to know which portswigger lab it is? If so, it's portswigger.net/web-security/csrf/lab-no-defenses but if you are wondering what tool is shown there, it's burp suite (also by portswigger) 🙂
@Sana123236 7 ай бұрын
@@intigriti Thank you so much for your quick response!
@AnthonyMcqueen1987 2 жыл бұрын
Pure gold
@intigriti 2 жыл бұрын
⭐️
@paulojr1384 2 жыл бұрын
many tnx
@intigriti 2 жыл бұрын
You are very welcome ❤️
@mehrankurd 19 күн бұрын
great
@lethalleet 3 жыл бұрын
First again
@intigriti 3 жыл бұрын
🏎
@落珰 Жыл бұрын
Thank you. intigriti
@intigriti Жыл бұрын
Of course 💪
Fabiosa Best Lifehacks
Рет қаралды 35 МЛН
Bug Bounty Reports Explained
Рет қаралды 8 М.
The TechCave
Рет қаралды 20 М.
Rana Khalil
Рет қаралды 11 М.