Bug Bounty Hunters are WRONG about this‘ OR 1=1

Рет қаралды 4,794

28 күн бұрын

Hey everyone! This video is all about SQL Injection. Enjoy!
🚀 Learn about the easiest bug class here - • Bug Hunting is easy if...
📩 Download the SQLi Cheat Sheet here - bit.ly/sqli_cheat_sheet
👍🏻 Like, subscribe, and turn on notifications for more bug bounty insights
📬 Comment below with your best SQLi payloads
💻 Happy Hacking!
Follow me on
✖️ - / bughunterlabs
Thanks for watching,
BugHunterLabs
Chapters:
00:00 - Intro
00:40 - CVE-2024-2879
01:20 - SQLi Example
02:35 - Basic SQLi
03:09 - Error-bases SQLi
03:21 - Union-based SQLi
03:39 - Blind SQLi
03:48 - Boolean-based SQLi
04:11 - Time-based SQLi
04:29 - Out-of-band SQLi
05:15 - SQLi identification
05:56 - Wordlists
06:43 - Advanced Injection Points
07:47 - Second-order SQLi
08:22 - sqlmap
10:27 - Outro

Пікірлер: 35

@Horo-oe9yu 25 күн бұрын

Coming back to cybersec after a 3 month break, ur videos are indeed worth watching. You definitely earned a subscribtion!

@bughunterlabs 25 күн бұрын

Thanks a lot :)

@arijit1472 26 күн бұрын

Great video with Catchy thumbnail. Keep it up man 👍

@BLKSD 27 күн бұрын

I started to addict your videos

@Free.Education786 26 күн бұрын

Please cover Ghauri for time based blind SQL injection using only http request with http headers and without headers using custom headers like x-forward-for or similar private headers. Technique also bypass WAF. Hope to see it soon. Thanks 🎉❤

@m7mad540 27 күн бұрын

Yet another incredibly helpful and fantastic video! Your content consistently exceeds expectations. Keep up the excellent work!

@bughunterlabs 27 күн бұрын

Thank you :)

@Ott3rly 27 күн бұрын

Very good quality videos. I see that you put a lot of time and effort into this. Keep going!

@bughunterlabs 27 күн бұрын

Thank you! That means a lot! :)

@l00pzwastaken 27 күн бұрын

I watch both of you thanks both

@TheCyberWarriorGuy 27 күн бұрын

Please create a seperate playlist for vulns !

@MustafaGains 27 күн бұрын

Great content

@abhisheksinha9719 27 күн бұрын

Please make a video on SSRF to gain metadata

@flexboigaming3706 27 күн бұрын

Next topic CSRF AND OPEN REDIRECT PLEASE ❤

@bughunterlabs 27 күн бұрын

Noted!

@confusionofdahighestorda668 19 күн бұрын

Nice video bro

@IncomeMenu 26 күн бұрын

Bro this content is golden. However i feel like you need to work on the thumbnails

@bughunterlabs 26 күн бұрын

Thank you. How would you improve the thumbnails?

@l00pzwastaken 27 күн бұрын

Thanks I am learning SQL injection now already completed xss . Thanks for showing how it's performed. What you think about adding Broken Access Control to your video pipeline till .Also thanks for checklist

@bughunterlabs 27 күн бұрын

BAC is on the list :)

@No0ne683 27 күн бұрын

keep up bro

@carsonjamesiv2512 27 күн бұрын

COOL!😀😃😎👍

@firzainsanudzaky3763 27 күн бұрын

hey man, if i dont have burpsuite pro do you think its worth more to focus to sql, ssrf, xss ,or what ? i've found idor and xss bug but xss is out of scope

@bughunterlabs 27 күн бұрын

Don't buy Burp Suite Pro until your bounties cover it. There are free tools for everything you need to do out there. Have a look at ZAP and Caido as well. You can even find sql, ssrf, xss with curl and developer tools :)

@flexboigaming3706 27 күн бұрын

Your video content is too good ❤

@bughunterlabs 27 күн бұрын

Thank you 🙌

@st3alth_chased643 27 күн бұрын

Yeah , sometimes sql injection occurs in cookie and user-agent..

@anonraxor317 11 күн бұрын

cheat sheet link not working' or '1'='1--

@bughunterlabs 11 күн бұрын

Hi. It seems to work for me? Did you try: bit.ly/sqli_cheat_sheet

@anonraxor317 11 күн бұрын

@@bughunterlabs This content does not exist

@anonraxor317 11 күн бұрын

@@bughunterlabs This content does not exist

@misero1 23 күн бұрын

Awesome videos you got here im loving the format you got keep up the awesome work. As someone studying cybersec for red team and pentestibg purposes its a great resource.