CSRF - Lab #1 CSRF vulnerability with no defenses | Short Version
Рет қаралды 38,668
Күн бұрынIn this video, we cover Lab #1 in the CSRF module of the Web Security Academy. This lab's email change functionality is vulnerable to CSRF. To solve the lab, we craft some HTML that uses a CSRF attack to change the viewer's email address and upload it to to our exploit server.
▬ ✨ Support Me ✨ ▬▬▬▬▬▬▬▬▬▬
Buy my course: academy.ranakhalil.com/p/web-...
▬ 🔗 Links 🔗 ▬▬▬▬▬▬▬▬▬▬
Long version of the video: • CSRF - Lab #1 CSRF vul...
CSRF theory video (previous video): • Cross-Site Request For...
Notes.txt document: github.com/rkhal101/Web-Secur...
Web Security Academy KZfaq Video Series Release Schedule: docs.google.com/spreadsheets/...
Web Security Academy: portswigger.net/web-security/...
Rana's Twitter account: / rana__khalil
@RanaKhalil101 2 жыл бұрын
Interested in supporting me and gaining early access to the Web Security Academy videos when they're recorded? Consider buying my course: academy.ranakhalil.com/p/web-security-academy-video-series! ✨ ✨
@barebears289 2 жыл бұрын
How do you only have 10k subs?? You're so good at explaining difficult concepts, tyvm! 😄
@UnknownSend3r 2 жыл бұрын
Very good explanation. Straight to he point and no fluff. Keep it up.
@joao_victor11 Жыл бұрын
it's really good knowing that i not the only one got that bug with this lab.. and thank you for the video. Awesome explanation!
@carlosmonteslatam Жыл бұрын
You're an angel. Blessings!
@user-ni7rd7st8z Жыл бұрын
Thank you, teacher, from the bottom of my heart
@mohamedhamdy636 2 ай бұрын
ما شاء الله تبارك الله
@Z3kyTw0 Жыл бұрын
Just found your amazing channel after seeing the video on David Bombals page. New sub your content is amazing
@hossamramzy4310 2 жыл бұрын
When will you start the XSS course?
@muzamilop4197 Жыл бұрын
Such a amazing teacher
@BossManTee Жыл бұрын
You are a legend!
@JuanBotes 2 жыл бұрын
Thanks for make great content and explaining it \o/ appreciate
@R4z0r_arg 2 жыл бұрын
I think you missed resetting the browser cache to read the new mail, with shift + f5 it usually works, thank you very much for the video :)
@kunal-kh1ws Жыл бұрын
Very helpful 2022✌🏻💵
@hackPalan Жыл бұрын
Hats off 🙆 mam you are so cool
@suryakantupadhyay3112 2 жыл бұрын
Hi Rana, I have a question here, initially when you started SQLi labs, you said we will be following Burpsuite Academy's learning path, however, now you moved on to CSRF, whereas in the Burp Academy the next topic after SQLi is Authentication. So should we follow that path, or we can continue as you are teaching and it does not really matter?
@commentor93 2 жыл бұрын
Thanks for the tutorial, Rana. When I copy your code and click on 'View Exploit', I always get the message 'Client: Forbidden'. Do you have an idea what the issue could be?
@frolicfox5432 2 жыл бұрын
Hello mam, @Rana Khalil,, Is the CSRF attack applicable for a login page in an application?? If yes, can you throw some light on the POC for that?? Requesting your answer as soon as possible!!
@rafiusarafiusa41 2 жыл бұрын
Hi Rana Khalil IM looking for a training + job providing are you one of that ?
@muzamilop4197 Жыл бұрын
Hello ma'm can we get vedio on XSS
@deadeye821 2 жыл бұрын
make more videos ab this but upload more regularly
@MOHDBINMUKHTARAnonymous_XSS Жыл бұрын
Email changed for own account or 2nd Account ? @Rana Khalil
Rana Khalil
Рет қаралды 18 М.
Rana Khalil
Рет қаралды 10 М.