Revealing Secrets with Information Disclosure Bugs
Рет қаралды 7,249
Күн бұрынInformation disclosure is really broad, ranging from technical things like finding API keys or code review, to that webpage is displaying my address publicly! So they can be great bugs particularly if you don't have access to a regular computer or you're not familiar with
This series couldn't happen without the support of our sponsor Bugcrowd, Bugcrowd is the best place to start hacking with a wide range of public and private programs from APIs to Desktop Applications and everything in between. Not ready to jump into a public program yet? Fill out your platform CV and sign up for a waitlisted program. Tell Bugcrowd a bit about your skills, previous certifications or experience and they’ll match you up with the right program using their industry-leading CrowdMatch technology. Whatever your level, there’s a place for you in the crowd. You can sign up with my link here: bugcrowd.com/user/sign_up.
- Social Media -
Discord: insiderphd.dev/discord
Patreon: / insiderphd
Twitter: / insiderphd
@mostafaomer1513 Жыл бұрын
I've been waiting for this for a long time❤❤ I decided to get started with information disclosure
@ariel1l Жыл бұрын
Thank you very much! I would love to hear next month on the "Authorize" burp add one with practical example, thank you again I love you content !
@taiwomiracleveecthor2617 Жыл бұрын
Thank you so much for aspiring us more
@alexandersoltesz8103 Жыл бұрын
Great content as always, thanks so much!
@SolitaryElite Жыл бұрын
omg, i was literally going to comment asking if you were going to make a vid about info disclosure bugs today💀💀
@elbivio Жыл бұрын
Thanks!
@ridowansikder6374 Жыл бұрын
Great contents , loving it so far Would you please considering also share the slides with these videos ? That will be really helpful
@mostafaomer1513 Жыл бұрын
🎉❤ I hope to find first bug information disclosure
@aqwerzerd Жыл бұрын
HEYYYY professor Missed you really
@mr.researcher1525 Жыл бұрын
Welcome..back..🎉🎉
@camelotenglishtuition6394 Жыл бұрын
Great job! I also had a random q? I'm testing a parameter on a site and I'm getting a 500 with the ' so it seems vulnerable to sqli. It also seems to allow me to add to an sql statement but everything I try just gives me a 200 status. Shall I just walk away? lol or perhaps you have a little advice?
@InsiderPhD Жыл бұрын
Blind SQL injection, see if it takes a lil longer to load!
@camelotenglishtuition6394 Жыл бұрын
@@InsiderPhD yeah I tried a timing attack with sleep (10) but still nothing, frustrating as it's clearly vuln but I can't get anything out of it. Fantastic of your to come back so fast, thank you. Any other ideas or just walk away? lol
@badxcode Жыл бұрын
@@camelotenglishtuition6394 super late but did your try out-of-band techniques? :)
@greentorm5467 Жыл бұрын
Could someone change GCSE grades? I'm well out of school, just a curious question?
@Nightfire6565 Жыл бұрын
First
@onisakura9 8 ай бұрын
So if someone were able to an start editing people's names, phone numbers, location on those peoples accounts when they aren't supposed to be--is that a security vulnerability? Edit: whoops... never mind--if I'm using their cookies to change their info then that would be intended behavior--sorry 😅
@InsiderPhD 8 ай бұрын
Sorry to disappoint:( yeah you need to do it without the victims cookie it’s just a way to simulate logging into accounts easily
@onisakura9 8 ай бұрын
Bummer... Back to the drawing board 😅
@rb-py5cv Жыл бұрын
Hello ma'am thank you for the videos but in the videos there is missing methodology and approach of it to find bug and i need the methodology and right techniques to find bug 🪲 please ma'am can you see through this and thanks for everything❤
超人夫妇
Рет қаралды 45 МЛН