Interested in supporting me and gaining early access to the Web Security Academy videos when they're recorded? Consider buying my course: academy.ranakhalil.com/p/web-security-academy-video-series! ✨ ✨

I love how she teaches. There is not that many good teachers in cyber security, that will take there time and go step by step in the process of what is going on in coding or troubleshooting to gain control in with certain tools. I salute her and her patients with us all. She is one of my favorite Like Heath Adams (Cyber Mentor), John Hammond, InsiderPHD katie, IT Security Labs guy, Tib3rius, STOK and Nahamsec

I’ve seen many tutorials and even paid courses that don’t get even closer to the quality of this video. Thanks for sharing this for people who are just starting out. Really appreciated

This series is great. And I really appreciate the scripting section

IMO.. this is the best approach !! Programming is an inevitable skill for a successful pentest career. Nailed it !! Very much excited for rest of series.

Perfectly explained! I don't think this can be explained better than this one. Thanks

this series is very helpful, it is an exciting course, and this is what I need, many thanks

The art of automating the attack's stunning🎉

I found your channel today, the way you explain is awsm😍😍😍. Thank you for explaining soo clearly mam. Please make more videos mam on different topics too😅

100 percent as per my demand....thanks... Dear Viewer, don't forget to share this amazing video, and give her positive feedback for hard work.

This is Great. I don't have enough words to thank you. You saved me. Excited for rest of the series.

I watch @ippsec tutorials for my lunch&learn skills development ; now your videos will become the secret sauce for my documentation and scripting technique. excellent work , looking forward to see more

i started learning portswigger labs and i found this vid is extremely helpful. tysm for making this content❤

I was struggling for a long time for a video like this video.Thanks

Hi madam, Your way off teaching are awesome..!! (Theory,practical & scripting) Happy women's day 🎉❤️🙏

You belong to people who we subscribe getting impressed, well deserved

Gracias por los vídeos, son maravillosos!! Y la explicación para hacer los scripts en python está genial, muchas gracias.

Best pen testing course ever!

Maam, my honest suggestion: please add practical Hands-on Lab. This will help us a lot. Otherwise internet is full of theoritcal material like slides and pdf. So kindly, focus on Core and practical Hands-on operations in every Web-Security videos series. Thanks..... a lot of love and respect...

جزاكى الله خيرا ونفعك وزادك من فضله فى الدنيا والاخرة بأذن الله

You're a pro ! Good job and thanks for the video

@14:00 is really cool. I've made a bunch of web fuzzers in python, but have never seen the proxy thing done.

Being third person we will be completely unknow of what is going to release then how can we write a script for that ? Here you knew that cat grin will be there but not in every case you know something.

congrats on 30k

Salam Aleikum, I am a Muslim from Russia studying for Information Security. I am very happy for this sister and wish her every success.

what what what an amazing explanation you've given to us in free of Cost.... I hope you'll not *Private/OnlyMe* these Videos

Just a small query. Since we were able to add payload in the browser itself where showed that there is something called "Cat Grin" which we used as payload. But in real-life, we won't be able to get those. In such cases what would be our key in place of Cat Grin. Awaiting your revert.

Why we used Cat Grin

How do you access the lab in the terminal? In the script section of the video.

nice speech.keep it up mam and give us more information

Eagerly waiting for this...

Nice Initiative Rana Khalil

this is super awesome.. and exactly what i needed. thank you so much, Rana.. you are a gem

Thankyou for this great playlist on SQLi... Waiting for more. ❤️

الله يعطيك العافيه شرحك اسطوري

Definitely loved ur content would like more videos on other topics on portswigger

Really great video - thank you for taking the time to share this with us. The question I have is related to the scripting. In theory, the point of scripting would be to automate the process instead of doing it manually. As you wouldn't know there was a hidden product for the Cheshire Cat unless you had already succeeded in the injection, then I'm confused as to why we would add that to the script that's supposed to tell us whether or not the injection was successful? How would we write a script that tells us if it's successful or not without already having that information?

I am getting the concept, and it is beautifully explained, but where can I learn this scripting this is the only thing I'm lagging here.

Thank you for these videos . i appreciate the way you teach us.

Greate Video. on top of that scripting the attack made the exploit even more clear.I just have one question . When you wrote script for the attack for checking if its successful you used something which we got from manually exploiting the app i.e the Cat string. Can you give another method to check the attack when we did not manually found the result. Hope my doubt was clear. Again thanks for the video

amazing video i like your coding skill ma'am

Great vid Rana, keep it up! :)

Thank you so much for the amazing video Rana! Had to ask what extension did you use in vs code?

Great content. How come you do not use the browser built into Burp ? Is there a reason to use foxy proxy instead ?

perfect explanation!

MashaaAllah Great video.. I love the section writing exploit with python.

Can I only run the python code in Kali Linux? Or in windows it is possible?

Great Appreciation

Very well said. I learned a lot, looking forward for your future contents 😁. Thank you♥️

Plz make a detailed video on sensetive information disclosour

Love From India

what's there in r.text in function exploit_sqli(url,payload) when I did print(r.text) for trouble shooting, it printed "Not found" that's why while scripting it always says [-] SQL injection unsuccessful! even though link and payload both are correct

Thank you for the informative content. What note taking and windowing/terminal app were you using?

Hi Rana, firstly great work!! You have explained the things in such an elegant way. I am eagerly waiting for the upcoming videos. But I have one small query though. Since we are finding all the products of all categories, can we not comment out just after select * from products where it will select all the products? The query: select * from products -- where products = 'gifts/pets' and release = 1. So the query effectively executed by the website will be "select * from products". Please do throw some light on my doubt. Thanks.

hi rana , that is a great video and helpful but i have an error and i don't understand the reason Can u help me?

Great video! Thank you!

Your content also very useful. More videos upload we are support your videos

How do I get the terminal to complete the lab?

amazing explanation

mam pls make playlist on other topics too

This is great work

excited for that💙

Thanks for all the awesome content! , God bless.

awesome! Thank you for share this tutorial!

Does anyone know why endless loading happens when I tried to perform a similar attack?

Very good!

Hello Rana, Can you Please offer a course for the python programming that is needed for SQL injection

This is such a great explanation but the video is so blurry I cannot see what you are doing when modifying the URL

This is a great video. could this go any quicker tho.. at this pace.. itll take more than two years to finish the labs

Good video!

😔 very thankful بوركتي

thanks Rana

Great content !

Hi Rana, I see your whole methodology is very nice. Do you provide any online classes for web pentesting. How to reach you in case need some career consultation on Cyber security.

شكرا من المغرب

is this code run if we run through windows

what vscode theme is she using

very good

You don't recommend using sqlmap? Or will it not help in this situation

thank you

im ready to learn!

Helpful ,, thank you

Great mam

Hi everyone! I would really appreciate it if you could fill out the following feedback form after watching the video: bit.ly/38g0SdZ. Thank you!

Doesn’t work for me

mam please make a playlist for python scripting , please.

good job , please zoom in so we can see what you are typing :)

Don't forget to hydrate!

may i know where to learn python scripting

I started learning from here, I want to be the best cybersecurity in the world, hehehe

Scripting section was great

Using sql injection to buy items off commerce sites without paying anything

ALGORITHM

🎊👍

14:25

why just '-- is not enough

Hey Rana can I get your business mail

I think there was no need of the python script.I think i am naive that i cant understand why she wrote a python querry for the simple task.

yo who tf need college :))

Thank you