Top 3 Burp Suite Plugins for a More Collaborative Workflow
HTML-код
- Опубликовано: 21 авг 2024
- Pentests & Security Consulting: tcm-sec.com
Get Trained: academy.tcm-se...
Get Certified: certifications...
Merch: merch.tcm-sec.com
Sponsorship Inquiries: info@thecybermentor.com
📱Social Media📱
___________________________________________
Twitter: / thecybermentor
Twitch: / thecybermentor
Instagram: / thecybermentor
LinkedIn: / heathadams
Discord: / discord
💸Donate💸
___________________________________________
Like the channel? Please consider supporting me on Patreon:
/ thecybermentor
Support the stream (one-time): streamlabs.com...
Hacker Books:
Penetration Testing: A Hands-On Introduction to Hacking: amzn.to/31GN7iX
The Hacker Playbook 3: amzn.to/34XkIY2
Hacking: The Art of Exploitation: amzn.to/2VchDyL
The Web Application Hacker's Handbook: amzn.to/30Fj21S
Real-World Bug Hunting: A Field Guide to Web Hacking: amzn.to/2V9srOe
Social Engineering: The Science of Human Hacking: amzn.to/31HAmVx
Linux Basics for Hackers: amzn.to/34WvcXP
Python Crash Course, 2nd Edition: amzn.to/30gINu0
Violent Python: amzn.to/2QoGoJn
Black Hat Python: amzn.to/2V9GpQk
My Build:
lg 32gk850g-b 32" Gaming Monitor:amzn.to/30C0qzV
darkFlash Phantom Black ATX Mid-Tower Case: amzn.to/30d1UW1
EVGA 2080TI: amzn.to/30d2lj7
MSI Z390 MotherBoard: amzn.to/30eu5TL
Intel 9700K: amzn.to/2M7hM2p
G.SKILL 32GB DDR4 RAM: amzn.to/2M638Zb
Razer Nommo Chroma Speakers: amzn.to/30bWjiK
Razer BlackWidow Chroma Keyboard: amzn.to/2V7A0or
CORSAIR Pro RBG Gaming Mouse: amzn.to/30hvg4P
Sennheiser RS 175 RF Wireless Headphones: amzn.to/31MOgpu
My Recording Equipment:
Panasonic G85 4K Camera: amzn.to/2Mk9vsf
Logitech C922x Pro Webcam: amzn.to/2LIRxAp
Aston Origin Microphone: amzn.to/2LFtNNE
Rode VideoMicro: amzn.to/309yLKH
Mackie PROFX8V2 Mixer: amzn.to/31HKOMB
Elgato Cam Link 4K: amzn.to/2QlicYx
Elgate Stream Deck: amzn.to/2OlchA5
*We are a participant in the Amazon Services LLC Associates Program, an affiliate advertising program designed to provide a means for us to earn fees by linking to Amazon.com and affiliated sites.
![[TF2] The Russian Bear Trap](http://i.ytimg.com/vi/YFNSwz2_rOA/mqdefault.jpg)
Welcome to TCM!
Great start, thanks for the tips.
A introduction to the presenter would be appreciated next time.
Thank you liveoverflow, I really enjoy your videos!
🤣🤣
lmao
take some rest buddy
Actively learning BS now, working through the authentication exploits modules. THIS IS GOLD!!
Thank you for including Pentest Mapper ❤️
what a handsome dude!
Thanks for this video, very informative. By the way, would it be possible to have a copy of the checklist that was uploaded on the Pentest Mapper? TIA!
Welcome sir, more of this kind of tutorials.
Gute Erklärung. Du solltest vielleicht noch ergänzen, dass der Pentest mapper die Community edition quasi um die fehlende Speichermöglichkeit ergänzt. Zwar wird nicht das ganze Projekt gesichert, aber zu mindestens die relevanten Einträge, die man in den API mapper schiebt.
Cool , thanks! A bit smile next time ;)
Welcome alex
Much Helpful Thanks. !!!
Thanks for the video =)
great one thank u
Can I get a .csv file?
1,Parameter Tempering
2,SQL Injection
3,Reflected Cross Site Scripting
4,IDOR
5,Priviledge Esclation
6,Code Tempering
7,DOM Cross Site Scripting
8,Stored Cross Site Scripting
9,Rate Liming
10,CORS
11,Verbose Error
12,Options Method Enabled
13,Forced Browsing
14,Missing HSTS Header
15,Missing X-Frame Header
16,OTP Bypass with Response Modification
17,Directory Listing Enabled
18,Hard-Coded Sensitive Information
19,SSL not Enabled
20,SSL not Enforced
21,Weak Passowrd Policy
22,Cookie without Secure Flag
23,Cookie without HTTP Only Flag
24,Sensitive Information in URL
25,User Enumeration
26,Long Password DOS
27,Insufficient Account Verification
28,Open Redirect
29,2FA Bypass
30,CSRF
31,Insufficient Session Expiry after Logout
32,Insufficient Session Expiry after Change of Forget password
33,Command Injection
34,Local Storage not Cleaned
35,Host Header Injection
36,OPT Valid for more than one time
37,Password Reset Link is not expired
38,Password Rest Link Poision
39,Password Reset Token is predictable
40,File Path Traversal
41,LFI
42,RFI
43,SSSRF
44,XPath Injection
45,No SQL Injection
46,HTTP Request Smuggling
47,XMLPRC Enabled
48,DEBUG Method Enabled
49,View State Not Encrypted
50,Captcha Bypass
51,Price Manipulation
52,Internal IP Disclosed
53,Login Bypass
Save this with extension csv and upload it.
Quick question, im new to pentesting, i was told to ask tcm, should i learn ccna for networking or net+? People say ccna is overkill and net+ is enough, and vice versa… id like your input.
CCNA is very Cisco focused, better to learn the knowledge and skip the cert, unless you can afford it or need it
I didn't have any success using Replicator plugin, the menu to send the requests to replicator is not showing up (under right click on the request>Extensions>), the replicator tab loads normally and the plugin doesn't show any error messages when loaded. Is it working normally in a updated burp version ? I've also generated the jar file through the source code, but still didn't have success.
❤️💙❤️
From Pakistan
Woah ❤❤first
First view