Web App Pentesting - HTTP Cookies & Sessions
ฝัง
- เผยแพร่เมื่อ 15 เม.ย. 2022
- Welcome to the all-new, revamped Web App Pentesting course, in this video, I explain what HTTP cookies and session IDs are used for, and how they can be exploited by attackers.
//LINKS
DVWA Docker Image: hub.docker.com/r/vulnerables/...
DVWA GitHub Repo: github.com/digininja/DVWA
Get started with Intigriti: go.intigriti.com/hackersploit
//PLATFORMS
BLOG ►► bit.ly/3qjvSjK
FORUM ►► bit.ly/39r2kcY
ACADEMY ►► bit.ly/39CuORr
//SOCIAL NETWORKS
TWITTER ►► bit.ly/3sNKXfq
DISCORD ►► bit.ly/3hkIDsK
INSTAGRAM ►► bit.ly/3sP1Syh
LINKEDIN ►► bit.ly/360qwlN
PATREON ►► bit.ly/365iDLK
MERCHANDISE ►► bit.ly/3c2jDEn
//BOOKS
Privilege Escalation Techniques ►► amzn.to/3ylCl33
Docker Security Essentials (FREE) ►► bit.ly/3pDcFuA
//SUPPORT THE CHANNEL
NordVPN Affiliate Link (73% Off) ►► bit.ly/3DEPbu5
Get $100 In Free Linode Credit ►► bit.ly/3yagvix
//CYBERTALK PODCAST
Spotify ►► spoti.fi/3lP65jv
Apple Podcasts ►► apple.co/3GsIPQo
//WE VALUE YOUR FEEDBACK
We hope you enjoyed the video and found value in the content. We value your feedback, If you have any questions or suggestions feel free to post them in the comments section or contact us directly via our social platforms.
//THANK YOU!
Thanks for watching!
Благодарю за просмотр!
Kiitos katsomisesta
Danke fürs Zuschauen!
感谢您观看
Merci d'avoir regardé
Obrigado por assistir
دیکھنے کے لیے شکریہ
देखने के लिए धन्यवाद
Grazie per la visione
Gracias por ver
شكرا للمشاهدة
-----------------------------------------------------------------------------------
#Pentesting#Cybersecurity - วิทยาศาสตร์และเทคโนโลยี
Dude your videos are so fire, I got a bachelors in cyber and I have learned soooooo much from your videos because of the way you explain the concepts, bought your book too looking forward to reading it, Thank you!
@Michael Van Winkle I KNOW ALL THE BEST SHORTCUTS, YOU JUST HAVE TO-
Alexis you are genuinely a marvel. Thank you so much for all you do
High quality explanation, Alexis!! Well keep it up. Learned lots from you.
Dude, another great one! I've been wanting to get into more web stuff, and bug bounties etc..and this stuff is invaluable! I know Burp some, but only have the community edition...just downloaded ZAP and have started to learn it a bit. I just noticed you had some videos using that as well!
Huge appreciation for this video, keep it up, man!
Excellent demo with explanations. Thank you very much.
Always waiting for your video. Thank you Sir. Lots of Love from India 🇮🇳 ♥️
i always like your sharing without looking at it. i know that they are valuable.
Great knowledge comes from a great heart. 👍🏻
Thanks Alexis giving me great knowledge of this.
awesome video and very easy to understand , keep up the excellent knowledge level!!! thanks
Your videos never disappoint
Great and useful video, thanks!
More web and network penetration videos bro. That would be great.
Awesome! Thanks for sharing!
Education is the key!
Great content as always
Amazing & Excellent
Thank you so much for this great content. Can you please number and compile your latest web app pentesting videos into a playlist? They will be much easier to follow that way. Thank you very much.
شکریہ
Superb bro
Thank you senpai
this was really useful.
Thank you for sharing
Love you 💞😘 bro 🤗
Great. Can you please do a video about pentesting report writing?
Pls make a videos on powershell and bash script
Cool extension
Is there any well structured and complete Web App Pentesting course of yours ? Paid will do the work too.
thank you!
Thanks!
hi thanksss please make such same tutorial for SOP
Thanks alot
is it comes under xss bug??
when we perform in live site and get cookies of the session
yes !
Which screen recorder do you use..
Cool.....
Alexis
Actually the browser itself is concerned with cookie expiration date,if it has expired by the time request is made ,browser will delete it silently and make a request without adding cookie to it.I’m not sure there is a practice by which server will validate the cookie for its expiration date,correct me if I wrong.Thanks
please also discuss how we know whether a hash is md5 or base64 62 and others😁
It usually says it. Or you'll know after you crack it with for example crackstation
hash-identifier is pretty useful too!
@Voldemort thks bro😁🙏
sir at 12:20 before the server had sent a response , when we sent a get request a cookie had generated , so who generated cookie browser or server?
its already generated by the server when you visit that website(in this case but the cookie are same because it is vulnerable website)and when we login through the website, it is also again generate with session cookie.
Didn't know this dude is from Nairobi Kenya
Anyone use the BURP SUITE HERE? LEAVE DISCORD.
1빠
Bitcoin should be next topic
Dude he stop making content?!
Hacker
Hacking bitcoin videoo
Any one tell how to get access from old cookies in facebook anyone can help i can pay for it any one can help🥹