Just wanted to say to everybody at free code camp thank you, my brain needed to settle down and learn a new skill and you guys made that possible I really appreciate it.
I have literally started learning SQL injection, the day it was uploaded and wondered where can i find a helpfull tutorial to help me, Thank you so much!
When I tell you I screamed when I saw this in my sub box..... let me chill, lol, thanks for this vid! It's been a while since I practiced this and can't wait to go at it again.
At 25:15 you mentioned that the website is not using double quotes but how come you were able to login to the website from the command line using double quotes?
excuse me sir, Here 33:45 you've mention that to find the column we can use bruteforce technique, but isnt the brute force technique used for directly cracking the password of the user using technique like dictionery attack and rainbow table ?
no its not,,bruteforce is not actually cracking password ,,,its basically giving number of random or suspected inputs tiil you get the desired results ,,usually its used for password cracking , but you can use for usernames as well,anywhere you need to put specific input to get desired output but u dont know the input then you can try giving random input until u get output, then its a bruteforce,,,for eg if u want to unlock your friends phone but dont know password so u try guessing different pins then it can be called bruteforce,,,dictionary attack is very diffirent in dictionary attack you need to have the hashed or encrypted data. in dictionary attack you need to take random or suspected words and encrypt or hash it then you have to compare with the encrypted or hashed data,, rainbow table attack is same as dictionary attace where rainbow table already have hashed words so you can directly compare the captured file with the hashes
SQLi, XSS, Broken Authentication, RCE and IDORs the most common bugs currently SQLi being one of the oldest and tbh i don't know much longer it will stay, most likely long more unless some new way to stop is randomly developed out of no where
when we are giving username as input and when it matches with the database it show the stuff of given username but by sql injection we are not providing the username so how its login with that username and show stuff of that username
thanks for the video but could you add a dB limiter next video cause my ears have are sensitive for sudden loud sounds and somehow this video has alot so i had to keep it at a lower volume
@@BillyMahmood Laravel developers do dumber things than this am afraid … do you know how many times I've seen a Laravel built site spit out config information or reveal! source! code! because of an unhandled error!! of some sort? … there's still one I came across last week that I haven't reported yet, and the site is professionally coded in all sense, and has thousands! of monthly users! … now anytime a developer/lead tells me "oh we used Laravel to handle all that" I am much more optimistic that I would find something that will go wrong than when they say "Oh we did our backend in Django", because I've come to understand that when it comes to Laravel there's a hundred ways to shoot yourself in the foot. unfortunately, that has given me a bias, now I don't recommend Laravel to clients, not because Laravel is insecure, but because finding decent or security conscious Laravel developers is not easy!, compare to Django that will not let you do some things by default, and less ways to mess things up, and even if you mess things up, default errors are not as verbose as revealing source code or spitting out config files!!!. Sorry for the long story!!.
![Felix "Unfair" | [Stray Kids : SKZ-PLAYER]](http://i.ytimg.com/vi/Oswujxm2Ag0/mqdefault.jpg)
Just wanted to say to everybody at free code camp thank you, my brain needed to settle down and learn a new skill and you guys made that possible I really appreciate it.
Every time I think of something, this channel makes a videos
I have same thought 🙂
Hey, Can You give me SBVA file?
Injection, Penetration, Testing...
Sounds like 2020 & 2021 Covid related stuff 😂 😂 😂 😂
Thanks FCC
I just came here to write the same Thing.
But the First two words reminds me also of something else.
Coz its related. Remote work as well
@@cy_wareye7395 Man , Can You give me SBVA file?
Great Video .. But learning this all together ..made me understand , I should Sit and Study SQL😂
I have literally started learning SQL injection, the day it was uploaded and wondered where can i find a helpfull tutorial to help me, Thank you so much!
Ma kore
Aich holech
@@disrael2101 sababa, eh ata?
Amazing Course. Loved the content. Thanks a lot. Binged the whole thing in 1 shot.
Much more info than I expected. Thanks
I saw a lot of courses here @ youtube, also pay for other. This explanations are outstanding
cant find the sbva link .. does not exist ...please help
an excellent video, helped me a lot to understand various SQL injection techniques
Hey, Can You give me SBVA file?
I was ranting yesterday but I've watched the whole thing and I love it
Whenever I tell ppl I code, this is what they imagine.
4:10 that number plate is crazy idea💥💥💥💥
When I tell you I screamed when I saw this in my sub box.....
let me chill, lol, thanks for this vid! It's been a while since I practiced this and can't wait to go at it again.
Hey u r just providing free tech related stuff and it can't be explained in words.Thank you so much
clever people use Opera :)
great work, Thank you so much.
Nice course!!!!!
Thanks for upload the video....🔥🔥🔥
Much awaited thanks
Can't just believe am seeing this kind of file now. Thanks greatly. This is 2021 for me.
The course looks great but you've changed where you can access SBVA and now people can't download it.
This dude made an entire course just to flex his custom number-plated Benz, and I love it!
hello sir where is the sbva lab
we can't access
At 25:15 you mentioned that the website is not using double quotes but how come you were able to login to the website from the command line using double quotes?
This is the best content. I mean🔥🔥
I am finding it hard to get the sbva file. Has it been removed?
Any help?
excuse me sir, Here 33:45 you've mention that to find the column we can use bruteforce technique, but isnt the brute force technique used for directly cracking the password of the user using technique like dictionery attack and rainbow table ?
no its not,,bruteforce is not actually cracking password ,,,its basically giving number of random or suspected inputs tiil you get the desired results ,,usually its used for password cracking , but you can use for usernames as well,anywhere you need to put specific input to get desired output but u dont know the input then you can try giving random input until u get output, then its a bruteforce,,,for eg if u want to unlock your friends phone but dont know password so u try guessing different pins then it can be called bruteforce,,,dictionary attack is very diffirent in dictionary attack you need to have the hashed or encrypted data. in dictionary attack you need to take random or suspected words and encrypt or hash it then you have to compare with the encrypted or hashed data,, rainbow table attack is same as dictionary attace where rainbow table already have hashed words so you can directly compare the captured file with the hashes
boht acchi video banai hai, sab samajh main aaya. aur zaada samajh main aata agar bhai aap ye fake firangi accent kaa use nhi krtay.
very goooooood video!
The SBVA file is not on the website, and this individual is not a teacher; rather, he is a fraud. Freecode should remove his video and ban him.
Oh wow didn’t know this was still a thing
It is! Still a thing which stands top of the vulnerability
SQLi, XSS, Broken Authentication, RCE and IDORs the most common bugs currently SQLi being one of the oldest and tbh i don't know much longer it will stay, most likely long more unless some new way to stop is randomly developed out of no where
Where is the SBVA file its not avaible on this page
Very good video, sir! Thank you!
ORMs and API based programming pattern will eliminate SQLi not fully, but 90% is done. 10% is good programming skills.
Means sql is useless now days🙄
@@theintrovert894 yes.
very good course
@@sagarbansal Hey, Can You please
give me SBVA file?
Woah very informative, thanks
Actually very good video to freshen up some knowledge ty for that 👍🏼
Are there any alternatives to the sbva file? (since the sbva link doesn't 'seem to be working anymonre)
Thank you 🙏🙏🙏🙏🙏
If you can't figure this out, don't worry neither can I
You guys wouldn't happen to have an XBRL or XML lecture in the works, would you?
Thank you Sir 👍
Very good sir
Python course Hacking Basis do
Thanks good video #Useful
At 25:43 you have not enclosed 1=1 in single quotes fully like this '1=1' . Are you not supposed to use single quotes to enclose 1=1 ?
django mein sql injection possible hai?
50% yes
i think you have removed the sbva from your website cant find it
This dude's flexing everything.
The sbva isnt on the server anymore
I just added Learn about SQLI in my todo list, and then FCC hacked my laptop and made this course)
My phone is also a victim of this hack lol
@@sagarbansal oh mind heckar
how can i download the sbva application
Next video should be for cross site scripting.
@Sagar Bansal can you plz update the link....
when we are giving username as input and when it matches with the database it show the stuff of given username but by sql injection we are not providing the username so how its login with that username and show stuff of that username
Great Course 🔥
Thank you ❤️
नमस्ते,he is indian
Any training are you providing sir bansalji
Hello sir , can you tell me the lab setup for the 32 bit
Can't download sbva
thanks for the video but could you add a dB limiter next video cause my ears have are sensitive for sudden loud sounds and somehow this video has alot so i had to keep it at a lower volume
I don't know if you are on desktop or mobile, but I know there are browser extensions for decibel limiters out there
The link can't get me the lab files Sagar.
Why injection is always scary.
This works!!!
link for sbva is broken
SQL is used along side with Python ?
@@sagarbansal THANKS A LOT
Not python but django or flask which python frame work
@@yasser7077 Hey, Can You give me SBVA file?
There is any problem, I can't download this video ?
Truly remarkable content. A similar book I delved into was a game changer. "Game Theory and the Pursuit of Algorithmic Fairness" by Jack Frostwell
could you please update the sbva lab file
One question?? Here can we learn to access anyones android or ios systems?? With linux or anything?
and why do you wanna do that?
@@nagahumanbeingzooofparticl8836 because i have done web penetrating and i want to go up next level......!!!
think you so match I need ulr for sbva please
hello sir I can,t access the sbva lab, kindly assist
Please complete devops
hello sir how to know which SQL injection can exploit
any tips for us sir
if yes, please help
Can't download lab file why
Here we learn again
I cant access using " or 1=1# cuz the type isn't username but email address
hi, i can't download the lab file.could you please assist me?I urgently need to learn this course.
this is not gonna age well
Yeah, for real. Abandoned ;(
Man your links don't get anywhere.... i think you need to review them
Cannot access sbva site..can anyine help with lab file please
did you manage to download the file? If yes, kindly share
the lecture was pretty amazing, but IDK what's wrong with your accent!
should I learn SQL programming before learning sql injection
Yes, it will make the concepts of sql injection easy to understand
Your webapp won't getting SQL Injection if you only host at 127.0.0.1
Watched the whole video, hope i can hack NASA someday
site not live anymore... wonder what happened..
Listen to the intro in x2 speed.
Me: Vuuuuut???
please provide the files in SVBA
Who still writes code like this? Please use a framework like Laravel and encrypt your passwords
@@sagarbansal I would love to see you carry out the same techniques for a Laravel project or Symfony project using their built in auth package
@@sagarbansal lol Laravel 5.4? You know they are on version 8 now right?
@@BillyMahmood
Laravel developers do dumber things than this am afraid …
do you know how many times I've seen a Laravel built site spit out config information or reveal! source! code! because of an unhandled error!! of some sort? … there's still one I came across last week that I haven't reported yet, and the site is professionally coded in all sense, and has thousands! of monthly users! … now anytime a developer/lead tells me "oh we used Laravel to handle all that" I am much more optimistic that I would find something that will go wrong than when they say "Oh we did our backend in Django", because I've come to understand that when it comes to Laravel there's a hundred ways to shoot yourself in the foot.
unfortunately, that has given me a bias, now I don't recommend Laravel to clients, not because Laravel is insecure, but because finding decent or security conscious Laravel developers is not easy!, compare to Django that will not let you do some things by default, and less ways to mess things up, and even if you mess things up, default errors are not as verbose as revealing source code or spitting out config files!!!.
Sorry for the long story!!.
@@temitopehardhekheyhe7359 Yeh
@@BillyMahmood
waaay beyond getting triggered though
16:41
Why sqlmap didnt work the first time
35:58
Sir I want a course on RUclips clone with react js
Ahh I'll rather use sqlmap
Looks like pen testing tutorials didn't chang in the last 10 years. lmao
E commerce website pdf link send
the lab file doesnt exist
No lab file anymore, web goes as landing page and it offers to pay money for your lessons... bad move bro
XSS attack's basics PWWWESE
your website is not working
what is this
I hacked nasa using HTML5, yeah