Burp Suite and Hydra vs DVWA

Рет қаралды 19,052

Жыл бұрын

AS MENTIONED IN THE VIDEO:
- My generating passwords video: • 4 Simple Tools to Help...
- My setting up DVWA video: • 1 Simple Way to Learn ...
CONNECT WITH ME:
LinkedIn: / thegaryruddell
X: / thegaryruddell
Instagram: / thegaryruddell
Website: www.garyruddell.com
🎵 Where I get my Music (amazing for KZfaqrs) - share.epidemicsound.com/ye2zqm
PS: Some of the links in this description are affiliate links that I get a kickback from 🤝

Пікірлер: 53

@tylercoan Жыл бұрын

I swear KZfaq algorithms are spying on me. Your video is timely. Just went over this topic in TCM's class.

@theGaryRuddell Жыл бұрын

Oh the algorithm is DEFINITELY working the magic!

@user-uh1zo7bg2z 10 ай бұрын

KEEP UP THE GOOD WORK

@theGaryRuddell 10 ай бұрын

Thank you so much!!

@pbrown22 Жыл бұрын

Another Great video Gary

@theGaryRuddell Жыл бұрын

Glad you enjoyed it pal!

@verynaughtyg 4 ай бұрын

simple and quick.. thanks a lot

@theGaryRuddell 4 ай бұрын

You're welcome!

@teachmecyber Жыл бұрын

BurpSutie is a great tool to know. You can do so much with it.

@theGaryRuddell Жыл бұрын

Yeah it’s incredible. There’s really not a competitor I know of??

@nullowl1305 Жыл бұрын

Great to see you starting off this year with amazing content Gary ! What's your take on different tools for Bruteforcing,lets say we have hydra,John the ripper and hashcat,how do you ideally choose between them I'm kinda confused sometimes,does it depends upon what exactly we looking for ?

@theGaryRuddell Жыл бұрын

Yeah I’m recording a Hashcat video very soon. Hashcat is mainly used if you get hashes from say /etc/passwd or anywhere else for that matter, and you want to crack them. You can do it really cheap in the cloud these days. Hydra is great for CTFs and things like that, but you can’t really have much success on enterprise systems because of MFA and Fail2Ban etc. John the Ripper is similar to Hashcat in many ways at a basic level.

@nullowl1305 Жыл бұрын

@@theGaryRuddellOkay got it thanks 👍🏻

@jejakperetas Жыл бұрын

🙂 thank you

@theGaryRuddell Жыл бұрын

You’re welcome 😊

@diogorech 11 ай бұрын

Thank you for sharing your knowledge! I followed the steps of the video and always get 16 valid passwords, none of which were actually the correct one. Where should I start to solve this problem ?

@theGaryRuddell 11 ай бұрын

Hey it’s hard to say from here! But I’d recommend watching other tutorials to see if something clicks!

@petregmd Жыл бұрын

Nice video, Gary! Do you mind if I write a short blog post based on this video? I will mention the source. 🙂

@theGaryRuddell Жыл бұрын

Yeah sure! I’d love to see where you share it in the end. I’m on LinkedIn too if it’s easier to talk there 😊

@petregmd Жыл бұрын

@@theGaryRuddell Thank you, Gary. I will share it on LinkedIn. 🙂

@Stuff-morestuff 3 ай бұрын

whatever I do I can't get username=test&password=test&login=login to show up

@U-shapeMgall 2 ай бұрын

What about the app that I download how to find the name and password

@noureldinehab2686 Жыл бұрын

💙

@theGaryRuddell 7 ай бұрын

💚

@eTqXfc6ODY7g8bDV Жыл бұрын

Hello I have two problems. I look for my password but I don't need to have a login. I only need a password to log in. So how I do to make an attack without the flag -l or -L. Morover my request body for the http-post-form is "username=admin&password=c9bcacd403244145cea61db556e9efd0" and hydra say that "the variables argument needs at least the strings ^USER^, ^PASS^, ^USER64^ or ^PASS64^. I don't kwon how to do. Can you help me ?

@theGaryRuddell Жыл бұрын

Try using another tool like Brutus or Burp Suite. I’m not sure on this one!

@eTqXfc6ODY7g8bDV Жыл бұрын

@@theGaryRuddell Ok but do you know how I can do if I only need a password to log in and not a login ? How can I process ?

@theGaryRuddell Жыл бұрын

Brutus and Burp have that functionality!

@eTqXfc6ODY7g8bDV Жыл бұрын

@@theGaryRuddell ok thank you. I will test them later.

@user-sc4th6rq9d 5 ай бұрын

What is the format if website start from https mean secure

@theGaryRuddell 5 ай бұрын

Sorry I don’t understand the question

@ReligionAndMaterialismDebunked Жыл бұрын

Early :3

@gerdmuller8258 5 ай бұрын

ciao, io sono stato hackerato su outlook. Ho seguito il tuo video che si può fare su outlook?

@theGaryRuddell 5 ай бұрын

Grazie per la visione, se vieni violato su Outlook, dovrai parlare con il supporto Microsoft.

@gerdmuller8258 5 ай бұрын

@@theGaryRuddell ho provato contattare con il supporto su Xbox Microsoft. Hanno detto che non si può recuperare account. Quindi il tuo video si può recuperare l'account Outlook?

@theGaryRuddell 5 ай бұрын

@@gerdmuller8258 Se Microsoft non riesce a recuperare un account compromesso, nessun altro può farlo. Scusa amico!

@Drluxurious 3 ай бұрын

will this work to hack an old Gmail account? if yes how? forgot the password to my old Gmail account.

@theGaryRuddell 3 ай бұрын

Whether it’s an old account or not, you’re hacking Google. That’s stupid. Just email customer support and prove it’s your old account.

@user-sb5tc1uo2f 4 ай бұрын

Kali Linux,Can I hack Facebook account suing this

@theGaryRuddell 4 ай бұрын

😂 you want to go to prison for 20 years?

@user-sb5tc1uo2f 4 ай бұрын

@@theGaryRuddell yes

@user-sb5tc1uo2f 4 ай бұрын

@@theGaryRuddell please help me

@PCs454 4 ай бұрын

why is the audio so quiet even at 100% volume ;//////

@theGaryRuddell 4 ай бұрын

It isn’t for me. Make sure your KZfaq volume AND your computer volume are right?

@PCs454 4 ай бұрын

@@theGaryRuddell both are on 100% and i got a notification and it scared me as it was so loud, its just youtube is acting weird. and it affect other videos too..

@theGaryRuddell 4 ай бұрын

@PCs454 😂 Yeah it works fine for all of my devices.