Next Level API Hacking with Kiterunner
ฝัง
- เผยแพร่เมื่อ 27 มิ.ย. 2024
- 00:00 Intro
00:47 Setup
02:52 Running kr
03:40 Wordlists
04:12 Basic scans
05:45 Filtering results
07:42 Outro
Pentests & Security Consulting: tcm-sec.com
Get Trained: academy.tcm-sec.com
Get Certified: certifications.tcm-sec.com
Merch: merch.tcm-sec.com
Sponsorship Inquiries: info@thecybermentor.com
📱Social Media📱
___________________________________________
Twitter: / thecybermentor
Twitch: / thecybermentor
Instagram: / thecybermentor
LinkedIn: / heathadams
TikTok: / thecybermentor
Discord: / discord
💸Donate💸
___________________________________________
Like the channel? Please consider supporting me on Patreon:
/ thecybermentor
Support the stream (one-time): streamlabs.com/thecybermentor
Hacker Books:
Penetration Testing: A Hands-On Introduction to Hacking: amzn.to/31GN7iX
The Hacker Playbook 3: amzn.to/34XkIY2
Hacking: The Art of Exploitation: amzn.to/2VchDyL
The Web Application Hacker's Handbook: amzn.to/30Fj21S
Real-World Bug Hunting: A Field Guide to Web Hacking: amzn.to/2V9srOe
Social Engineering: The Science of Human Hacking: amzn.to/31HAmVx
Linux Basics for Hackers: amzn.to/34WvcXP
Python Crash Course, 2nd Edition: amzn.to/30gINu0
Violent Python: amzn.to/2QoGoJn
Black Hat Python: amzn.to/2V9GpQk
My Build:
lg 32gk850g-b 32" Gaming Monitor:amzn.to/30C0qzV
darkFlash Phantom Black ATX Mid-Tower Case: amzn.to/30d1UW1
EVGA 2080TI: amzn.to/30d2lj7
MSI Z390 MotherBoard: amzn.to/30eu5TL
Intel 9700K: amzn.to/2M7hM2p
G.SKILL 32GB DDR4 RAM: amzn.to/2M638Zb
Razer Nommo Chroma Speakers: amzn.to/30bWjiK
Razer BlackWidow Chroma Keyboard: amzn.to/2V7A0or
CORSAIR Pro RBG Gaming Mouse: amzn.to/30hvg4P
Sennheiser RS 175 RF Wireless Headphones: amzn.to/31MOgpu
My Recording Equipment:
Panasonic G85 4K Camera: amzn.to/2Mk9vsf
Logitech C922x Pro Webcam: amzn.to/2LIRxAp
Aston Origin Microphone: amzn.to/2LFtNNE
Rode VideoMicro: amzn.to/309yLKH
Mackie PROFX8V2 Mixer: amzn.to/31HKOMB
Elgato Cam Link 4K: amzn.to/2QlicYx
Elgate Stream Deck: amzn.to/2OlchA5
*We are a participant in the Amazon Services LLC Associates Program, an affiliate advertising program designed to provide a means for us to earn fees by linking to Amazon.com and affiliated sites. - วิทยาศาสตร์และเทคโนโลยี
Good video. Small tip if you didn't know it: you can CTRL+click urls in the terminal.
00:39 is the most important part of the video.
Good video Alex!! Thanks again.😊
This is so good!!! I love your content!!
Thanks bro i love you i support you always ❤❤
Thanks man, subscribed
Que aula ,meu deus ! vlw , essa ferramenta é maravilhosa ! tks guy ! very good video !
Thanks for the tip. 😊
So helpfull
Thank you alex
thats some good content
not gono lie i spent over 10 hours installing kiterunner on my vm and 2 days later u post this video
Lol same haha
It will show you around 54 hours of time if you will try it on a real domain instead of local host.
I do love this tool to use in real projects to perform api pentest. My experience shows that it takes about 6 hours against prod (not staging/test) environment.
@@denisvoroshilov2682are you even allowed to use this tool in a bug bounty on a live target...?!?
Thanks❤
How this tool is different from any other directory bruteforcer? Such as dirsearch or dirbuster, FFUF, Gobuster etc?
Love API Hacking. I used this tool before, and its very good! Thanks!
are you even allowed to use this tool in a bug bounty on a live target...?!?
I wanted to try but I can't authenticate
I can pass the --headers but there's no equivalent to curl's --data-raw option
Please how I bypass 403 on api
Failed to list wordlist error= "failed to get remote wordlists"
First ❤
it gets stuck at 0% when trying on a real target, anyone has a similar issue and a potential solution?
I will take hours and hours on real target 😢
@@akashpatel-bs8ve I wonder if it's different on a super strong VPS but I don't think so, I have normal internet for enumeration/bruteforce with other tools so I don't really get it.
are you even allowed to use this tool in a bug bounty on a live target...?!?
Hi, I am trying to do the PNPT Certificate, what is the url for me to start? I finished all the training but I can’t find the place to start the test