#NahamCon2024
Рет қаралды 6,585
Күн бұрын
@ZarakKhanNiazi 8 ай бұрын
BBRE guy is the only person who cares about eyesight of content consumers, he used large fonts which we can read easily
@BugBountyReportsExplained 2 ай бұрын
You're welcome ;)
@KarahannAe 7 ай бұрын
18:24 if anyone else was also confused when he says POST-AUTH REDIRECT he is talking about after the Oauth dance is over, he doesnt mean POST based oauth flow.
@BugBountyReportsExplained 2 ай бұрын
I see how this can be confusing. Since then, I have changed how I say this part to after-auth redirect to be clearer.
@Zizo8182 23 күн бұрын
thanks both of you for sharing - great video
@so3litude_ 8 ай бұрын
Even though the state parameter is present in the request you should always check for CSRF I've found many targets vulnerable to this . Most of the people leave as soon as they see State parameter in the request. This happens because of misconfig in OUath flow where it doesen't validate the state parameter server side . It only checks if it is present or not.
@BugBountyReportsExplained 8 ай бұрын
very true! The presence doesn't mean it's checked
@heller64 8 ай бұрын
most site now uses strict url validation on redirect_uri not even extra dot can be added btw thx greg
@bughunter9766 8 ай бұрын
Thanks Ben and Enjoooooooy 😊
@ZarakKhanNiazi 8 ай бұрын
I love and enjoy hearing him say enjoy
@bughunter9766 8 ай бұрын
@@ZarakKhanNiazi All of us like it 😁✌️✌️✌️
@InfoSecIntel 7 ай бұрын
Hey brother can you add these to the playlist
@MarkFoudy 8 ай бұрын
Thanks Ben!
@MianHizb 7 ай бұрын
this was nice
@hamzabohra5083 8 ай бұрын
Second
Matt Brown
Рет қаралды 1,4 МЛН