Thanks! You should check out the more detailed series. I do three whole videos on SQLi for you.
@blueprintuniverse6 күн бұрын
Thank you. Very practical application of Burp Suite
@nhs.147 күн бұрын
i wonder why i can't see the image on preview, yet its was fine on paint
@jake26638 күн бұрын
23:25 probably one of the best intro Burp Suites out there thank you for your video
@NetsecExplained8 күн бұрын
Thank you!
@user-jr8ky7ok8x11 күн бұрын
thanks a lot but where can i find solutions to homework
@NetsecExplained8 күн бұрын
Hey there! The homework is more to get you to practice the things I describe and to explore other areas. However, there are plenty of writeups on Juice Shop that you can find online.
@reclaimedgracewood12 күн бұрын
great video! very helpful. Im very green with burpsuite and this video helps me feel more comfortable with using it
@rakeshray790013 күн бұрын
Great video, thank you. I see video was posted 8 months back, is that still the case that we can't generate targeted report with req/resp and explanation of vulnerability that can be shared with dev team?
@joy365815 күн бұрын
Great & Real Content.
@ogrimagy16 күн бұрын
very clear thanks a lot
@eto_fridrih16 күн бұрын
If you want to learn how to use "Burp" then you should not watch this video. Do not waste your time. much more information can be read in 5 minutes in the text instructions. all the examples given in the lecture will never come across you in real life, and the principles they reveal can be written down in several paragraphs of text on one page of a small notebook. this guy is very good at teaching you but he has big problems with the content of the lesson. This reminded me of the lesson "How to draw a raccoon in 3 steps." step one: draw a line. step two: draw another line. step three: add a raccoon to them. Done. Only in this video you will only be taught to draw lines and straight ones. This criticism is written with respect to the creator of the video and his work
@NetsecExplained16 күн бұрын
I agree, this video isn't for beginners who have not used Burp before. This video is aimed at those who have used Burp but want a better understanding on how professionals use the tool on real-world engagements, beyond what the manual will tell you. I walk through the thought process and methodology and where Burp fits every step of the way.
@sufiyanbuiya18 күн бұрын
it's awesome video thanks for the video.
@ChaoticParasite18 күн бұрын
Amazing vid man
@NetsecExplained17 күн бұрын
Glad you enjoyed
@christopherortiz497119 күн бұрын
Thank you, really easy to understand
@Club_Nightcore23 күн бұрын
Loving your videos!
@shivammaurya701123 күн бұрын
Hello bro, This is the Best video on Burp Suite I have seen so far, well constructed and straight to the point, while showing the usage of tools practically, this video tops all man, thanks for uploading, already subscribed, going to share it in my community so other beginners can learn burp too.
@NetsecExplained23 күн бұрын
Glad you liked it!
@CR7andJP27 күн бұрын
Man...this is the first video that was able to teach me this software. Even a course did not made the trick. Thank you sir for your efforts!
@NetsecExplained27 күн бұрын
Glad it helped! That's how I feel about most tutorials, they tend to sound like manuals instead of how the software is used in practice. I'll make more of these for sure.
@dedyalamsyah708628 күн бұрын
super best best pentest using burp suite i've seen, seriuosly if you open the class, definietly i'll register.
@bobbydrillboid28 күн бұрын
seriously the best pen testing tutorial of any kind I've seen yet, I'm a beginner and know next to nothing about this stuff, but man this was simple and amazing
@nudtanunwarnnissorn28 күн бұрын
Thanks! I’ll try to be better at cyber security (I’m 14 btw)
@NetsecExplained28 күн бұрын
I recommend starting with Portswigger Academy and TryHackMe. They're very approachable and will cover the deeper technical topics as you grow into it.
@pauldev17Ай бұрын
are you safe from burp when the site is already in SSL?
@NetsecExplained29 күн бұрын
Burp intercepts the SSL traffic and inserts its own certificate between Burp and your browser. So no, it can read SSL/TLS traffic you directly interact with. However, it cannot read the SSL/TLS traffic between the server and someone else.
@paca3107Ай бұрын
if anyone has issues with install it on windows, don't waste your time and run DVWA as a docker container :)
@NetsecExplained29 күн бұрын
Totally agree! It's been a while since I created this video, but Docker is now my go-to. I have a video on my channel that covers how to install and use it as a Docker container. Check it out.
@paca3107Ай бұрын
Man this tutorial rocks! I just started my journey with cyber security (I have frontend and backend background) and I very appreciate that beside of explaining how burp works you are providing very useful info about whole pentesting and finding out the vulnerabilities. Now I am more aware how important its checking requests and sending safe responses.
@NetsecExplainedАй бұрын
I'm glad this helped! That's exactly what I wish I had when I first started, so I'm making videos like these now.
@paca3107Ай бұрын
@@NetsecExplained great bro! I will be watching. Your teaching style its very good. thanks
@dennischristenson3804Ай бұрын
Excellent video. The highlghting using colors is awesome. You have an excellent way of explaining things. This is the best burpsuite video I have ever watched. I subscribed and liked. Keep up the good work.
@NetsecExplainedАй бұрын
Thank you so much!
@lautarovculicАй бұрын
Nice for pulish some little details
@abdallahabbas6910Ай бұрын
brother you need to explain everything from the beginning how u installed burp suite and how to configure it then we can continue, sorry I'll have to see another video cuz I'm a beginner .
@NetsecExplainedАй бұрын
I appreciate your feedback. This video was meant to be of how to use Burp on a simulated pentest assessment. If you need a video on how to install Burp, then this one isn't for you. Best of luck.
@HorstliciousАй бұрын
Awesome, not one of the thousand "basic" videos, but one with actual content!
@NetsecExplainedАй бұрын
100% There's plenty of videos that are created by beginners for beginners, but not many for those who work in the field. I try to introduce people into pentesting and network security from a senior's perspective.
@nojozol1816Ай бұрын
this awesome. hoping you make one more complex as well !
@nojozol1816Ай бұрын
this needs more views. super helpful content thank you!
@-0.0Ай бұрын
Im using the heroku site, but when I try to navigate or load anything really, I need to turn off the interceptor unlike your video. I am having to turn it on and off to get around the site, which is really annoying.
@kingprince2604Ай бұрын
Everything is an Assignment 😂
@NetsecExplainedАй бұрын
Practice Practice Practice!
@kevinhsieh9872Ай бұрын
great class can you produce more ml related video
@NetsecExplainedАй бұрын
Keep an eye out, I'll be releasing one soon. My next one is on attacking and defending generative AI.
@trashcan3810Ай бұрын
This is really cool but I was thinking you’d Edit something in the response tab too, I mean not only in the request tab 😊
@NetsecExplainedАй бұрын
I will sometimes. It helps to think of an application as having a front end and a backend (full details in another video on my channel). 90% of the time you want to edit the request to modify things on the server. Sometimes it is helpful to modify the response if you have a complicated JavaScript front end, but that's not as important since you usually use that to modify the next downstream request anyways. This video showcases what it's like to hack real-world applications and I do this method every day for my job.
@FahodinhoАй бұрын
20:18 how did you know it was base64 encoded? what gave it away? i know usually when it ends in == that's base64 encoding, but how did you know this one is? is it because it's a JWT token?
@NetsecExplainedАй бұрын
Good question! You will develop an intuition over time as to what looks like a Base64 string vs not. However, in this instance we can see the letters "eyJ" which translates to {" from Base64. That usually indicates the start of a JWT. Try repeating what I did here on your own and see if you notice the connection.
@ALXStrikersАй бұрын
My first Burp Suite tutorial and I'm so grateful. Thank you.
@NetsecExplainedАй бұрын
You're so welcome!
@nudtanunwarnnissorn28 күн бұрын
me too
@viktorfredholm7730Ай бұрын
Awesome video, watched countless videos showing features but never really explaining why you do it. Will follow and see your following videos!
@NetsecExplainedАй бұрын
Awesome, thank you!
@Siik94SkillzАй бұрын
I believe this is EXACTLY what i needed for Dante on HTB
@NetsecExplainedАй бұрын
Tell your friends!
@Siik94SkillzАй бұрын
@NetsecExplained turns out it wasn't but still a great video! 👌🏾
@TimCummingsFatLossАй бұрын
Do you think a complete beginner can learn this
@NetsecExplainedАй бұрын
I'd recommend you start with Portswigger Academy. My channel tends to focus on those who are already experienced with CTFs and technical security topics to get you up to that next level.
@nouser146Ай бұрын
this video only teach us of understanding of simple thing.. Not recommended for newbie.. too bored
@eidodoosАй бұрын
truly amazing video. professional and crystal clear explaination.
@mickymcfarts57922 ай бұрын
1:49 you already fukin lost me
@aiseoiv2 ай бұрын
Thanks bro 😎 Реально помог👍
@alexvath28382 ай бұрын
I just got into the bug bounty thing after finished my cybersecurity cert and I really with coursera used you for their lessons lol you have a great teaching voice. I feel like learning from your videos has been the easiest experience so far.
@NetsecExplained2 ай бұрын
Thank you! That means a lot.
@webrevolution.2 ай бұрын
I don't know if you (Internet user reading this) only use Burp in your spare time or if you use it for a job. But if you do, I strongly advise buying the professional version, it is worth it and can spare you so much time when working on decent websites that aren't specifically made to be easily hacked like OWASP web server you've used when following along with this video. Also, I find the title being not only misleading, but straight up wrong. This knowledge alone is absolutely not even close to someone who has mastered Burp Suite. Not even the community edition, let alone the whole software including the pro features.
@NetsecExplained2 ай бұрын
Hey, thanks for your input. I use Burp professionally, but we decided to show community edition in this video to allow others to follow along without getting overwhelmed by the cost and additional options in professional. If you'd like another video on how to use Burp Pro and all it's extra features, we can make that for you.
@ShesHeathcliff2 ай бұрын
You dont need to assign homework lol but you could link to other videos you make talking about the topics you dont get into deeply in this video
@NetsecExplained2 ай бұрын
As I have time to make more videos I will. I started my channel to teach juniors I worked with how to do this job. It's not perfect, but it's a start.
@ShesHeathcliff29 күн бұрын
@@NetsecExplained I appreciate i!
@alexdin15652 ай бұрын
the title must be This is homework for you everything you did is repeating the same phrase
@NetsecExplained2 ай бұрын
Haha I like that title. I'm invested in growing your skillset. I'm not just teaching you what Burp is, but how to use the tool in a real-world setting. It's like trying to watch a guitar tutorial and expecting to play AC/DC's whole discography. Of course there's going to be homework, I can only cover so much in 1 hour. On top of that, there are things you're going to have to play around with to be any decent at the techniques I show you. The struggle is part of the process.
@user-xo5he1qb8s2 ай бұрын
is there anyway to get the new usernsme when its changed , i only got the old username
@jonathankussman28072 ай бұрын
Awesome video
@wifeoftaehyungkim51662 ай бұрын
Really useful hope to see more videos like this
@NetsecExplained2 ай бұрын
Glad you liked it!
@bountyproofs2 ай бұрын
Thanks Great Video Keep it up
@mississippicynthia93802 ай бұрын
I download burp suite (Community edition) but it did not provide all the icons I saw int he video. Any suggestions? I'm in Denver
@NetsecExplained2 ай бұрын
I'm not sure what you mean by icons. What part of the video are you referring to?