Server-Side Request Forgery (SSRF) | Complete Guide

  Рет қаралды 72,860

Rana Khalil

Rana Khalil

Күн бұрын

Пікірлер: 65
@davidlakomski3919
@davidlakomski3919 2 жыл бұрын
Just picking a random video from your channel to tell you that you're doing a marvelous teaching job! You managed to explain very complex topics in a very gentle and simple way, I hope I could one day reach a tenth of your teaching quality. Congratulations and thank you so much for your work
@RanaKhalil101
@RanaKhalil101 2 жыл бұрын
Thank you! I appreciate the kind words ❤
@RanaKhalil101
@RanaKhalil101 3 жыл бұрын
Don't want to wait for the weekly release schedule to gain access to all the videos and want to be added to a discord server where you can ask questions? Make sure to sign up to my course: bit.ly/30LWAtE ✨✨
@francisdonald4298
@francisdonald4298 2 жыл бұрын
Learning pentest is there need for programming???
@chrisfx9097
@chrisfx9097 2 жыл бұрын
@@francisdonald4298 Not necessarily but it will help you understand better and learn faster. If you're pentesting a web application and you want to perform an SQL injection attack, you'll need to 'at least', understand the syntax of PHP and how SQL is used to query a database.... If you're doing an XSS attack, you'll need to understand JAVASCRIPT.
@MAX-nv6yj
@MAX-nv6yj Жыл бұрын
أحبك في الله يا أختي والله سهلتي علي المعلومات بصورة جميلة وواضحة بارك الله فيك وجزاك الله كل خير على هذا الشرح الرائع والمتميز
@emrah2525
@emrah2525 Жыл бұрын
Thank you Rana ! I really appreciate your effort. These videos are really wonderful
@rongliao9255
@rongliao9255 11 ай бұрын
Look forward to more great tutorials! One of the best and comprehensive talks on this subject!
@anjulgrover2114
@anjulgrover2114 Жыл бұрын
Great teacher and very well taught .... Explained very well.
@tullacss
@tullacss 11 ай бұрын
I have watched a couple of videos, but I struggled to grasp the meaning of SSRF. However, after watching your video, I gained a much clearer understanding. Jazakallah khairan, sister Rana 🤲
@PhilocyberWithRichie
@PhilocyberWithRichie 2 жыл бұрын
Great video and explanation Rana! thanks for sharing this high quality content!!!
@zuberkariye2299
@zuberkariye2299 3 жыл бұрын
Amazing vid, shukran sis!
@ghinwabadawi983
@ghinwabadawi983 9 ай бұрын
cant stop watching your videos and learning! you make learning these complex subjects so easy! i just subscribed to your course to do more hands-on 😊😊
@RanaKhalil101
@RanaKhalil101 9 ай бұрын
Thanks Ghinwa!
@manbeats6702
@manbeats6702 3 жыл бұрын
Need Videos For Every Portswigger Labs Ur Videos are easily understandable
@spsumon1298
@spsumon1298 2 жыл бұрын
Your videos are much awaited.Please upload videos continuously❤❤❤❤❤❤❤❤❤
@masicre9574
@masicre9574 2 жыл бұрын
Mam please upload more videos on client side and server side attacks....Your videos are much awaited...Please upload videos on XSS soon...waiting for that
@NoobJang
@NoobJang Жыл бұрын
thx for the video, it really clarified my knowledge on SSRF. Thankyou so much for making this video, you are a great teacher. Consider making a patreon like the guy down below said.
@zTech300
@zTech300 3 жыл бұрын
Was waiting for this.
@alaaalmekdad9062
@alaaalmekdad9062 Жыл бұрын
great rana but i hope u can do this in arabic version for arab white hat hackers . im so glad to see u in youtube and i will support u cuz u deserve that , big thanks and i wait a lot from u ! ty
@nibeditadhani6149
@nibeditadhani6149 2 жыл бұрын
kindly share a video on XXE attack
@josephgitahi2090
@josephgitahi2090 Жыл бұрын
This is awesome just saw you on David Bombal and I can see why such a great tech name recommends you. Great work👍
@JuanBotes
@JuanBotes 3 жыл бұрын
thanks for the content
@macleo7825
@macleo7825 3 жыл бұрын
Thanks for the video
@quyenthokimquang8682
@quyenthokimquang8682 2 жыл бұрын
Hi madam, thank you for your great content, I have a question that at 07:47, you talked about clicking on add items or delete items is an external request that will be blocked by the firewall. I just wonder why that is the case? Thank you again because your videos are giving me a lot of useful knowledge.
@alexandreromao7978
@alexandreromao7978 Жыл бұрын
Hello Quyen. In the "real word", real work environments often block external ip addresses from accessing internal systems and its functionalities. Imagine a monitoring system functionality inside a network that requires no authentication, for disaster recovery purposes. As it represents a risk, it can only be accessed internally by administrators. As so, if you make a request to the service, you will get blocked (e.g. firewall). WIth SSRF, you are tricking the actual application to make that request to his own server, through the loopback network interface, and as so, it is not you requesting, but the vulnerable application hosted in the server. As it is allowed to access internally, you have access. The same with "Add Items".
@JohnSmith-wz7he
@JohnSmith-wz7he 2 жыл бұрын
Totally Awesome! Thank you !
@steiner254
@steiner254 2 жыл бұрын
Awesome
@moustafaahmed5609
@moustafaahmed5609 2 жыл бұрын
can you change auto-generated subtitle in English instead Indonesian, please?
@Sec1515
@Sec1515 2 жыл бұрын
This is superb, thank you so much!!
@yassers1893
@yassers1893 3 жыл бұрын
Thank you, it is awesome… can you advice us about oscp certification?
@SceneRewind
@SceneRewind 2 жыл бұрын
What network diagram do you know to draw?
@dub161
@dub161 10 ай бұрын
Thanks for making this. Can you please change auto generated subtitles from Indonesian to English?
@poiuymnbvc8339
@poiuymnbvc8339 Жыл бұрын
mam, can you make course for xxs ?
@youssefwaheed4165
@youssefwaheed4165 9 ай бұрын
There are a slides on her githup
@muninitishkumaryaddala7814
@muninitishkumaryaddala7814 2 жыл бұрын
Hi Ma'am. I follow your videos. The content is great in all your videos. In this video particularly, I felt that DNS rebinding could have been explained in a more clearer way as this is my first time encountering it. Just a feedback from my side. I hope this helps you in making your content better someway.
@SomLegends
@SomLegends 3 жыл бұрын
Rana SSRF lab 4-8 is hidden we can not wach it
@suresh_shankar
@suresh_shankar Жыл бұрын
good explanation
@ex0day
@ex0day 8 ай бұрын
great job!!! you Rock!!
@sawtintkyaw887
@sawtintkyaw887 3 жыл бұрын
Thank you so much.
@SagrikaSoni
@SagrikaSoni 2 ай бұрын
Thank u so much ❤
@howandwhythingswork
@howandwhythingswork 3 жыл бұрын
Thank you
@brunosm0
@brunosm0 3 жыл бұрын
thank you, gracias Rana
@SecurityTalent
@SecurityTalent 3 жыл бұрын
Thanks sister....
@uaebikers
@uaebikers 2 жыл бұрын
Theory is a torture😅 Time for practical
@hackingetico1
@hackingetico1 Жыл бұрын
Todo esto es casi igual al sistema bug bounty
@Dy13yDx
@Dy13yDx Жыл бұрын
precious one
@ahmedramadan9550
@ahmedramadan9550 10 ай бұрын
thank youuuu
@Saw-o3h
@Saw-o3h 2 жыл бұрын
One of the most precise and well-organized videos I have ever seen. Unfortunately, I'm from Iran otherwise I would definitely get your course. is there any way I can get it?
@BathiReddy-o8t
@BathiReddy-o8t 5 ай бұрын
Explanation speed is very fast, it would be better if you reduce the speed.
@texashighered9539
@texashighered9539 11 ай бұрын
U r the best.
@سامرسعيد-ي1ب
@سامرسعيد-ي1ب 3 ай бұрын
Thanks from iraq
@Shintowel
@Shintowel 2 жыл бұрын
Makasih rana
@bhanupratapsinghtomar551
@bhanupratapsinghtomar551 3 жыл бұрын
🤩😍
@rohitchhimpa901
@rohitchhimpa901 2 жыл бұрын
make audio clear
@LeiYiren
@LeiYiren 19 күн бұрын
Nice juice
@-videoworldfadi8464
@-videoworldfadi8464 2 жыл бұрын
Want talk toghether
@lorrainenewton2338
@lorrainenewton2338 3 жыл бұрын
I love you sist
@ca7986
@ca7986 2 жыл бұрын
🙏👌
@Shintowel
@Shintowel 2 жыл бұрын
Love u
@TheBashir007
@TheBashir007 Жыл бұрын
Sisterrrrrrrrrrrr u are amazinggggggggggg Jazakallah Made some bucks out of your video Some bucks wink wink
@anrstudio9916
@anrstudio9916 Жыл бұрын
Good content but terrible voice 😨😨😨
@earthlyelder
@earthlyelder 2 жыл бұрын
Thank you
SSRF - Lab #1 Basic SSRF against the local server | Long Version
23:04
Cross-Origin Resource Sharing (CORS) | Complete Guide
52:17
Rana Khalil
Рет қаралды 76 М.
Beat Ronaldo, Win $1,000,000
22:45
MrBeast
Рет қаралды 158 МЛН
Enceinte et en Bazard: Les Chroniques du Nettoyage ! 🚽✨
00:21
Two More French
Рет қаралды 42 МЛН
99.9% IMPOSSIBLE
00:24
STORROR
Рет қаралды 31 МЛН
SQL Injection | Complete Guide
1:11:53
Rana Khalil
Рет қаралды 264 М.
Server-Side Request Forgery (SSRF) Explained
15:58
NahamSec
Рет қаралды 30 М.
Cross-Site Request Forgery (CSRF) | Complete Guide
48:11
Rana Khalil
Рет қаралды 101 М.
Cross-Site Request Forgery (CSRF) Explained
14:11
PwnFunction
Рет қаралды 469 М.
Authentication Vulnerabilities | Complete Guide
31:03
Rana Khalil
Рет қаралды 18 М.
Broken Access Control | Complete Guide
39:33
Rana Khalil
Рет қаралды 56 М.
How to exploit a blind SSRF?
9:36
Intigriti
Рет қаралды 24 М.
🎙️AI Alone Isn't Ready for Chip Design (AI generated)
16:40
Find and Exploit Server-Side Request Forgery (SSRF)
8:56
The Cyber Mentor
Рет қаралды 44 М.
Cross Site Request Forgery vs Server Side Request Forgery Explained
12:23
Beat Ronaldo, Win $1,000,000
22:45
MrBeast
Рет қаралды 158 МЛН