Bug Bounty Hunters are WRONG about this‘ OR 1=1
ฝัง
- เผยแพร่เมื่อ 7 พ.ค. 2024
- Hey everyone! This video is all about SQL Injection. Enjoy!
🚀 Learn about the easiest bug class here - • Bug Hunting is easy if...
📩 Download the SQLi Cheat Sheet here - bit.ly/sqli_cheat_sheet
👍🏻 Like, subscribe, and turn on notifications for more bug bounty insights
📬 Comment below with your best SQLi payloads
💻 Happy Hacking!
Follow me on
✖️ - / bughunterlabs
Thanks for watching,
BugHunterLabs
Chapters:
00:00 - Intro
00:40 - CVE-2024-2879
01:20 - SQLi Example
02:35 - Basic SQLi
03:09 - Error-bases SQLi
03:21 - Union-based SQLi
03:39 - Blind SQLi
03:48 - Boolean-based SQLi
04:11 - Time-based SQLi
04:29 - Out-of-band SQLi
05:15 - SQLi identification
05:56 - Wordlists
06:43 - Advanced Injection Points
07:47 - Second-order SQLi
08:22 - sqlmap
10:27 - Outro - วิทยาศาสตร์และเทคโนโลยี
Coming back to cybersec after a 3 month break, ur videos are indeed worth watching. You definitely earned a subscribtion!
Thanks a lot :)
Please cover Ghauri for time based blind SQL injection using only http request with http headers and without headers using custom headers like x-forward-for or similar private headers. Technique also bypass WAF. Hope to see it soon. Thanks 🎉❤
Great video with Catchy thumbnail. Keep it up man 👍
I started to addict your videos
Please create a seperate playlist for vulns !
Yet another incredibly helpful and fantastic video! Your content consistently exceeds expectations. Keep up the excellent work!
Thank you :)
Please make a video on SSRF to gain metadata
Very good quality videos. I see that you put a lot of time and effort into this. Keep going!
Thank you! That means a lot! :)
I watch both of you thanks both
Bro this content is golden. However i feel like you need to work on the thumbnails
Thank you. How would you improve the thumbnails?
Thanks I am learning SQL injection now already completed xss . Thanks for showing how it's performed. What you think about adding Broken Access Control to your video pipeline till .Also thanks for checklist
BAC is on the list :)
Nice video bro
Great content
Next topic CSRF AND OPEN REDIRECT PLEASE ❤
Noted!
keep up bro
hey man, if i dont have burpsuite pro do you think its worth more to focus to sql, ssrf, xss ,or what ? i've found idor and xss bug but xss is out of scope
Don't buy Burp Suite Pro until your bounties cover it. There are free tools for everything you need to do out there. Have a look at ZAP and Caido as well. You can even find sql, ssrf, xss with curl and developer tools :)
Your video content is too good ❤
Thank you 🙌
COOL!😀😃😎👍
cheat sheet link not working' or '1'='1--
Hi. It seems to work for me? Did you try: bit.ly/sqli_cheat_sheet
@@bughunterlabs This content does not exist
@@bughunterlabs This content does not exist
Awesome videos you got here im loving the format you got keep up the awesome work. As someone studying cybersec for red team and pentestibg purposes its a great resource.
I'll not say this again kid: where are the half an hour/hour long videos? I need this on my table asap otherwise you're fired
Haha. These videos take a long time to make. I will have a look at how I can get to 1 hour.
Yeah , sometimes sql injection occurs in cookie and user-agent..
meh sql injection is shitty php code only