Pronunciation is so clear, material is so clear, I’m just starting to learn how to read the code in searching for bugs, thank you so much, we are waiting for the next part. Much appreciated!
0:54 Could you please share tips and tricks how did you find the vulnerable page /invoker/JMXInvokerServlet? Did you fuzz it? I use the docker image but couldn't find this page. Is there any specific requirements needed?
You can fuzz the endpoint from a black box perspective. You may also come across it in your burp history if you do proper application mapping. I also explain at about 10:20 how to find that endpoint in source code. In real-world assessments, I find it through fuzzing or burp history.
Music is perfect, not too loud and keeps your mind on the task 🎵 thanks for these videos
Hats Off this is the best explanation of the vulnerability ! Thanks For Video !
Pronunciation is so clear, material is so clear, I’m just starting to learn how to read the code in searching for bugs, thank you so much, we are waiting for the next part. Much appreciated!
Good job sir. Can you make a demo how crowdstrike falcon works ? Thanks mate!
Unfortunately that's a commercial cloud product, so I wouldn't be able to go beyond the 14 day free trail period without a license.
Can u cover websockets attacks
Sure thing, I'll add it to the list!
0:54 Could you please share tips and tricks how did you find the vulnerable page /invoker/JMXInvokerServlet? Did you fuzz it?
I use the docker image but couldn't find this page. Is there any specific requirements needed?
You can fuzz the endpoint from a black box perspective. You may also come across it in your burp history if you do proper application mapping. I also explain at about 10:20 how to find that endpoint in source code. In real-world assessments, I find it through fuzzing or burp history.