@@shubhamkumar-wn2gj Wait you shouldn't have answered that.
@TrixieTheGreat3 жыл бұрын
I usually have a password of 3 words in different languages divided by special symbols and the words themselves have "tactical" typos in them.
@ismail.dalhatu3 жыл бұрын
My Password: 123LoiLiangYangHack456ICanHackNow 😂😂😂😂😂😂
@videocorner24983 жыл бұрын
Make video on How hacker hack firebase data
@elder26233 жыл бұрын
Ive learned more about burpsuite in this video than I would ever learn in a 20 min tutorial. Keep it up!
@zboy.053 жыл бұрын
Fr i just learned more than most videos ive watched on hacking
@mouadabid12723 жыл бұрын
dude RTFM
@creativegamershopnil18793 жыл бұрын
Burp suite and 20 minutes good student
@VladmirPutin2323 жыл бұрын
@@creativegamershopnil1879 😂😂😂🤣
@ethanbousfield76 Жыл бұрын
did 5 weeks of labs on burp suite as part of my degree but the lecturer massively over complicated everything, I've learned more from this guy and HTB than I have at uni
@algertislamaj5925 Жыл бұрын
Finally someone who gets straight at the point u deserve a subscriber
@edmonddantes2182 жыл бұрын
you are the best teacher loi , really so easy so simple and charismatic i see people look at your videos as movies . keep it up i went to school 10 yrs and never learned as much as 40 minutes watching you !
@LoiLiangYang2 жыл бұрын
Thank you! 😃
@anupriyadayaratne3 жыл бұрын
Clean and Clear tutorials I ever seen . Thanks lot ..!!!
@rcgnetworks3 жыл бұрын
හැක් කරන්නතෙ හදන්නේ.යසයි බේසික පුටෝ යසයි 🙂👻
@BarelyGoodTV3 жыл бұрын
I've been thinking lately that one could possibly train an AI to learn password patterns to make brute force attempts viable which is a scary thought
@keepyoursins3 жыл бұрын
Yeah, if you setup a profile from a person with stuff like family members, pets and so on, the AI can then use all of those points in passwords attempts if that makes sense
@BarelyGoodTV3 жыл бұрын
@@keepyoursins yea training it for a specific target would be especially deadly
@keepyoursins3 жыл бұрын
@@BarelyGoodTV wanna team up? 👀 Jk
@BarelyGoodTV3 жыл бұрын
@@keepyoursins lmao
@Ranburu3 жыл бұрын
@@martiict350 Nah, he talking about automatic way to do this
@mohammedissam36513 жыл бұрын
I don’t learn form you to hack users rather I learn from you to be a great cyber security and dive into hackers mind. Thank you , god bless you.
@MrMiRou2 жыл бұрын
dude why are you the best ?!! the lessons become easyyyyy if you explain it !!! I really enjoyed these 4:29mins and I learned something from you thnx man
@portia-assamensis2 жыл бұрын
You are the GOAT. The amount of useful knowledge you just crammed into a 5 minute video is beautiful
@sleekbr76663 жыл бұрын
This is a basic eye opener. For advanced attacks you have to rotate proxies, have a huge password list, get a good GPU, make api configs to bypass ssl pinning etc. Good though
@likitadevi3 жыл бұрын
Imagine being caught by a cyber police who saw that intro.
@creativegamershopnil18793 жыл бұрын
No one can catch me
@likitadevi3 жыл бұрын
@@creativegamershopnil1879 What do you use? 🌚
@kanakreshi84673 жыл бұрын
@@likitadevi he uses cmd bruh
@likitadevi3 жыл бұрын
@@kanakreshi8467 We can't get caught with cmd? 😳
@lastorgaming9439 Жыл бұрын
@@kanakreshi8467 KALI
@Gupatik3 жыл бұрын
now I get names and stuffs thank you, I'm literally starting my career here with you. Thank you.
@captainroy-it3wo7 ай бұрын
Bro love your vibes and enthusiasm. Just subscribed for sure💯
@m.r.d45503 жыл бұрын
Would be nice if you made a tutorial literally starting from 0. How to install burpsuite, setup, can it be used on windows etc.
@dimerdim84033 жыл бұрын
Awesome video man! Love how you been improving your videos format to a funnier way. keep it up..
@warrenmiranda49433 жыл бұрын
Setting your password to 1234 is like training self defence for so many years and end up dying because of car accident.
@kabandajamir98443 жыл бұрын
The world's best teacher may God reward you great
@Drusher103 жыл бұрын
his videos are always on point and always w8ing like a crazy for the next one!! keep going man1!
@EC4U2C_StudiozАй бұрын
I think it's about time to switch from passwords with or without MFA to passwordless passkeys, using instead the biometric method to get into phones, tablets, and computers in the first place to access the accounts in question. While using password managers that include MFA on the password manager itself can help, a passkey is preferred as they are the hardest for hackers to hack. It may be to the point that even a password at least 30 characters might no longer be secure enough.
@HarshRajSinghaniaАй бұрын
Brooo you gotta chill man 😅
@imyoubutbetter99512 жыл бұрын
how do you set the foxy proxy to do that coz when i added it to chrome i only see log in my ip address and options
@mahdiabedian63822 жыл бұрын
the best person for hacking
@takingpictures45363 жыл бұрын
thanks for the tut :) But instead of brute force, you actually used a dictionary attack ;)
@-AnyWho3 жыл бұрын
brute force would have taken longer than video ...
@mihaisolomon28933 жыл бұрын
a dictionary attack is still brute force
@takingpictures45363 жыл бұрын
@@mihaisolomon2893 I do not consider dictionary attacks to be brute force attacks. In order to create a dictionary you purposfully craft strings which are likely to be used by humans. The same logic does not apply to brute force, which is the 'dumbest' form of attacking logins.
@daleryanaldover65453 жыл бұрын
True, a dictionary would prove to be useless for unaccounted passwords. It would only work if say make a dictionary from pawned passwords and hope the user haven't change their password. Brute force is different, it will also take longer time since it will account for all possible combinations available for the password. So the step should be > go try register and account and purposely fail password validation in order to get an insight of possible password combinations, like how long is the min max strings, are special characters required, numbers? > then formulate the actual password generator pattern. Also most web apps now have request limiting that further slows down how much request you can send at a particular moment. Definitely will eat days or weeks, you might wanna go to vacation and still find the brute force command not finished by the time you get back.
@deathstar30062 жыл бұрын
What if their password isn't in the list of common passwords
@hansjurgens2263 Жыл бұрын
The title of the video literally sais "Bruteforce"... do you know what bruteforcing is?
@zgredfryd3 жыл бұрын
I like Your videos a lot man! Funny beginning :D Straight to the point as always!
@Jupiterxice3 жыл бұрын
You simplified this tutorial with burpsuite i never could get to. Thank you for add tool
@akhalaqmonis51783 жыл бұрын
This channel is really very informative and underrated. hope to see million subscribers soon.
@zugzwang21613 жыл бұрын
I can’t use any of these tools on my own network to practice or test it. Except wireshark so far. I’ll just stick to learning python 3 for now.
@seanfaherty3 жыл бұрын
If you run windows you can try using virtual machines. A virtual machine for Kali or parrot and a virtual machine to attack. I was able to find metaspoitable3 in a VM compatible file… it was a bit easier Once you pick VMware or Vbox it will just be a matter of googleing every question and error code you’ll get. Good luck
@Heavenig3 жыл бұрын
He's videos are sweet. I need student like me to compete with
@pkpointurdu37933 жыл бұрын
You have given very good information in terms of security. Thank u
@rubix1873 жыл бұрын
Coders, programmers and hackers will inherit the earth
@whoisPremier3 жыл бұрын
literally.
@ggLP423 жыл бұрын
@@whoisPremier and gamers
@ggLP423 жыл бұрын
@@whoisPremier and gamers
@ggLP423 жыл бұрын
@@whoisPremier and gamers
@curtisdesler21003 жыл бұрын
Very funny dude
@Sanjay_Venkatesan3 жыл бұрын
Thanks a lot for your tutorial but most of real world web application has the Rate limit in there login .
@newbe379 Жыл бұрын
i used this program and was hack the bank of america and take 1 trillion of dollars in my account simple like only use this software thanks for share
@ManishKumar-ue5il3 жыл бұрын
Everything is okay but what tools you are using... Please make a video on it🙏🙏
@loginet1 Жыл бұрын
How realistic is this? To find a username for a website and then use common simple passwords to hack the session? And if it is how can you defend against brute force? Logging IPs and blocking the attack if tried more than 3 times (get the error message) or blocking the whole range of IPS, allowing only some IPs. It will be good enough?
@camelotenglishtuition6394 Жыл бұрын
All well and good but most sites implement brute force protection, so this just doesn't work. An alternative would be to just change the response using burp to 302, and direct it to the location you want /admin etc by looking at the source code.
@jahnyewalker75 Жыл бұрын
Can you elaborate?
@camelotenglishtuition6394 Жыл бұрын
@@jahnyewalker75 to be honest brute force isn't viable these days. This is especially true of ssh logins. Learning these techniques is antiquated and nonsensical tbh. If you want to bypass logins there are plenty of other ways. Studying the source is going to get you far further in accessing data. Plus if you just want to see user A's data, it's much easier to sign up, authenticate as a user and then try a bola attack to see user A's data. Password spraying can also help in getting access so you don't need to sign up. You can also try token forgery ( if you're messing with an api), cookie injection, malicious links.. I mean the list is endless but this video is far from a realistic real world example.
@janekmachnicki25932 жыл бұрын
I brought your Udemy cours .So profesional so cool so stealthy lol.Thanks
@user-wm8yz2 жыл бұрын
you're a great men ... thank u
@osadchuks2 ай бұрын
How do you handle cases with Burp Suite when there is a login attempt limit?
@VENOMOUS572 жыл бұрын
love the way you start your video don't say you know hacker Loi 😁
@IsaPotaxii11 ай бұрын
What happened if there is a 2-step verification?
@dabrad78283 жыл бұрын
Man your the best ! Bought your course yesterday on udemy pretty excited to start !!!
@vivekmishra56923 жыл бұрын
I am from Nepal I love your teaching sir I also want to be like you and contribute for my country because of you I got a chance to learn many many important things you are awesome sirrrr lots of love and support from Nepal
@riteshkunwar-xp9fi2 ай бұрын
It didn’t work for me I am also Nepali btw
@sarmedwahab72882 жыл бұрын
Sorry to say, but I think Infosec people have to step up from telling these old attacks to bypasses. These attacks are stopped by rate limits, so only having knowledge of them is not enough.
@yogitaraut41072 жыл бұрын
Hey man you should do a coplab with Networkchuck!!!
@filmies70213 жыл бұрын
Sir , show us Admin panel bypass .
@zakof102 жыл бұрын
hi mr loi can you pls show us how to use brute force with hydra ? like any wepsite .
@RandomScientist Жыл бұрын
Can't believe a person can teach burp suite in 5 mts MashaAllah.
@m_u_s_i_c.f_a_n Жыл бұрын
Pleaseee what do you use for that ??
@SteveSultanian Жыл бұрын
Loi, I'm new to this but am determined to learn as much as I can from your tutorials.. I have an issue where someone has hijacked a facebook account and is causing all kinds of problems.. I know youve shared how to go after passwords, just not for FB accounts. Can you please assist me on this with either a response or tutorial specifically for this situation.. It's getting bad, as this person is requesting money from my friends and family, playing as if its me doing this.. Thank you in advance..
@QadriHarris3 жыл бұрын
Very clear understanding tutorial
@MALAYAPH243 жыл бұрын
Thanks a lot for your wonderful tutorials
@marcingowacz763810 ай бұрын
This is called dictionary attack. Not brute force
@d3cryptor7453 жыл бұрын
You Are My Inspiration, Thanks For All The Things Hacker Loi ❤️ The Way You Are Talking Is Just Love
@justmohamed79293 жыл бұрын
name of books neer him pls
@johnmalugu4873 жыл бұрын
Hi, i wanna chart with you about cyber security can i get your contact or email?
@ReaalBadman2 жыл бұрын
in going to use this for "educational purposes" only ;)
@Sami-xh1zc2 жыл бұрын
Man you are awesome ! Thank you
@jorgefigueroa35363 жыл бұрын
Loi Liang Yang man, have a question hope an answer :) This way works even if the application has a max login attempts ? cause i think no, but maybe i am wrong. Not thinking to do it obviously ;) hahaha. thanks for teaching us, u rock. Regards.
@Spelborea4 ай бұрын
More tutorials for WAN pentesting would be more educational but I guess we are all ethicals right?
@ghtrends36063 жыл бұрын
And please what kind of browser do you use
@kundan.rajput2 жыл бұрын
sir which will be the best book to learn hacking
@elxyser3 жыл бұрын
can u help me pls? wich abilities do i've to learn for basic CTFs? i need you advice
@mlcdpriest50613 жыл бұрын
Please which browser are you Using
@arknan96243 жыл бұрын
Bien tes vidéos mais ce genre de hack ne peut être fais que si tu as accès au pc distant puisqu'il faut utiliser burpsuit.. Donc ça ne sert pas à grand chose
@ndumisondumisoo24122 жыл бұрын
I can be happy if u can start from bypassing 403 before ....
@ougksout5446 Жыл бұрын
Can be used to router page also;
@pythonwork47092 жыл бұрын
Hacker loi should suggest some reference materials sometimes. Thank you
@shibbyshaggy3 жыл бұрын
How to do that on a webpage that locks you out after 4 failed attempts? Also how didi it brute force and where was setup for that?
@saeidmansorinia8453 жыл бұрын
your best of the best man
@mariamakter81093 жыл бұрын
Do i need deep knowledge about vlan for hacking ?
@harshitpal49962 жыл бұрын
Do this work for social media platforms too..
@watchwatc Жыл бұрын
take those skill to bypass captcha its very hard to do that it requires trained ai to solve those easy captchas
@dineshtechtuts96763 жыл бұрын
whats is the extension used and name to add in firefox ???
@hahahahaha5253 жыл бұрын
How can I have the foxyproxy? Any video?
@aditibhatiya22042 ай бұрын
My question is that if id password not in common password list so what can i do ?
@darkcheq3 жыл бұрын
But this is not a real world hacking. I mean most of real sites have failed login attemps protection. How do you bypass that ?
@365hype3 жыл бұрын
Exactly. This guys full of shit. None of his videos are real world hacking examples. Nothing on KZbin is a real world hacking example. Xss, sql vuln, nmap etc.. all browsers protect against this type of stuff. The only real world hacking today is social engineering like phishing. Everything else is just for show.
@relatabletom3 жыл бұрын
@@365hype Do you assume that shit like that would be allowed on KZbin
@uzbek_gam1ng2 ай бұрын
is it works for all websites? PLEASE REPLY ME
@sogodtambay_33502 жыл бұрын
I need to know all the tool using .. imma download them
@JUSHI1221 Жыл бұрын
i don't get the part of the terminal. what terminal did he lunched it?
@Goldslate73 Жыл бұрын
This works on any website?
@Abhinav-Bhat3 жыл бұрын
Your Student From India
@vit6723 Жыл бұрын
nice mic and voice
@fate56242 жыл бұрын
you didnt explain why foxy proxy is needed or even if
@venaculaporter98252 жыл бұрын
What terminal do you use
@boogaplays1237 ай бұрын
I don't see burp suite on foxyproxy
@drakegad71473 жыл бұрын
can u make a video about the stereotypes received as a cyber-security professional
@kennybakerhvacr57516 ай бұрын
Thank you Loi
@wowanimalspro3066 Жыл бұрын
Awesome bro ❤❤❤
@jort87303 жыл бұрын
Nice tutorial, but isn’t this kinda slow when you have a big list of passwords?
@swarnabhargavi56802 жыл бұрын
Hey I've done the same thing just as uh did but got no Peculiar result differentiating between the other payloads. I also got some Blank spaces in the Payload Column. Response : 405: Data send in wrong format. Unexpected token u in JSON at position 0. Reason ? Also do a video of Logging in with a Login page having CAPTCHA.
@michealphiri93832 жыл бұрын
Is it possible to do this without kali linux?
@martinshenry84312 жыл бұрын
What if hackerloi is using a complex password... Are we gonna follow the same procedure?
@marksGSJnr3 жыл бұрын
Burp suite.. is your site running on a local sever..?
@zboy.053 жыл бұрын
Imma have to use this whenever i forget my password lol and dont have it saved anywhere
@xxploit73823 жыл бұрын
you should have 1 million subs
@officialzeenx46203 жыл бұрын
Hi sensei I study from you thanks
@hdcapitaljsc6 ай бұрын
it only show password for you but you don't know username , right
@memorysmelody4589 Жыл бұрын
I have added the extension of foxyproxy but the burpsuite option isn't showing. Any solution !!??
@avijeetupadhyaya38853 жыл бұрын
if we use in real website login page withiut owner knowing what is the result ?are we ethical hacker or not
@verbon473 жыл бұрын
use your brain for 1 second
@avijeetupadhyaya38853 жыл бұрын
@@verbon47 what do u mean??
@kennethdavefernandez114818 күн бұрын
@@avijeetupadhyaya3885 Ethical
@sirgesound3 жыл бұрын
As you requested, my password is "12345678½"...👀🙄🤨🤔😅🙃 Great segment...as always. 👍🏽
@xrop1162 күн бұрын
I am facing an error when I open the brusuite internal browser and I turn intercept mode on and try to open my router web page takes forever and still not load when I turn the mode off it worked then after loading the login page I turn the mode on again and put wrong user and password I just won't try to login like the page is stuck but when I turn intercept mode off I work completely fine. Can any one have the same issue please help me
@djamaltoe37742 жыл бұрын
I can’t reproduce What you do mister I pass many time on my computer to try to reproduce and get Good results with your tutoriels but nothing