Easy way to Find SSRF manually+Automation | Bug bounty poc
HTML-код
- Опубликовано: 28 янв 2024
- Disclaimer: This video is for strictly educational and informational purpose only. I own all equipment used for this demonstration. Hacking without permission is illegal so always ensure you have proper authorization before using security tools in any network environment. thanks.
Наука
![EST Gee - NEVER NEED (Feat. Selfpaid Savage) [Official Video]](http://i.ytimg.com/vi/f2cRtr52HXI/mqdefault.jpg)
Proud of you bro, I expect that you will become a great person
thnq so much brother its means a lot for me 😇❤️
@@lostsecc You’re welcome!
@@lostsecc You have discord?
best video for ssrf
I love this! Thank you very much!
welcome buddy ❤️
awesome bro tks!!
How long does it take to get to this level
Broh if you know to read the language of this things you can easily do vai automation tools but i prefer to do manually
@@CRACK_888most programs only allow manual anyways
Bro you too fast. we are basically noob bug bounty hunter. so i'm gonna watch this with slow motion. You are really great
😥❤️
Bro tell me Command for doing ssrfmap with gf to do bulk of url or multiple urls
check there help menu
Bro please talk in your videos
For deep explanation
Impressive brother!
thnq brother 😇
Wow that's awesome 💯
thnq so much brother ❤️
superb bro
!!!
thnq brother ❤️
Which platforms do you usually use for bug bounty?
all
Is the use of automation tools authorized?
Or, are we forced to exploit a vulnerability manually without automated tools?
if they have rate limit apply use low threads no prbm in automation tool but send poc from burp only
@@lostsecc Thank's u my bro ❤
So is this Wsl with Kali?
yes
Excellent
loved it
Can you tell me how you inserted a skeleton photo into the terminal?
download window terminal from microsoft store and goto setting you have option to change.
Which wsl do you use bro?
wsl2
Which OS in wsl2 bro like kali , ubuntu, parrot etc
kali
Bro how to enable autocomplete can you tell me in wsl2😢
Or can you share any resources 😊
I was working on one the program on which I got a DNS request on the polling section, does that make it bug for SSRF ?
you need to full demonstrate like scanning internal ports and exploit the vulnerable ip's..or just scan internal port that will count as medium impact but only pingback not worth to report
@@lostsecc thank you for explaining.
what recon tools u use?
join my telegram i share there
awesome!
thnq ❤️
What is the role of burp suite?
bruteforce the sql payloads
Bro.....its damn impressive❤🔥❤🔥❤🔥❤🔥 I want to connect to you please reply by tagging me
yeah dm me in telegram ❤️
Which is the best OS to do these please reply...
kali-linux
@@lostsecc or parrot security?
i used before but now love kali bcz its repo update fast and new new updates comes early in kali like all kernal update,package updates,tools updates.
Can we connect ?
telegram
Cool
🔥🔥🔥
How you find the bug bounty program
hackerone,bugcrowd,intigriti,reposonsible disclosure dork
is that a cracked burp pro?
ys
How to do this in multiple urls
use gf ssrf with pipeline mode
Tell me that command
I tried but it shows error
How do i get the pro version without paying?
i will share in my telegram all things
@@lostsecc Nevermind i got it, and u also did the same by using a keygen
noice 👏
thnq ❤️
Is this not LFI ?,and why ?
ssrf internal file read
Am a beginner can you/anyone tell me what you/he achieved through this exploitation bro?
internal sensitive files /etc/passwd
bhai site ke server ko intercept kese kre kuch files me changes krna tha
use burpsuite
@@lostsecc burpsuit me bhi sql ya know vulnerability nhi mil rha kuch video bano yrr server ko intercept krne ke liye ya reverse shell establish krne ke liye tutorial bano pls
Did any report get triaged using this tool?
yes there is also wafbypass payloads
@@lostsecc have you any Twitter pr insta account?
Or*
twitter @coffinxp7
Cheetah
🙈❤️
Bist❤
This guy is Indian and from delhi
that socks5 proxyip lol
@@lostsecc i know
Hello Min 😁
❤️
Bro Video Burp Suite Crack Please
Where i can get that .py file
search on github ssrfmap
bro what the song name
A great Dancer
pdf_path all one using payload
for etc file
Any bounty ?
nothing its not bounty program
🎉❤
😇
isn't it SSRF to LFI ?
its internal arbitrary file read through ssrf
Means ssrf to lfi?
ill watch this later
ok
😂 You watched till yet or not 😂
Funny
nothing new
omg aaaaaaaaaaaaaaaaaaaaaa
copy video
Cve-2022-2068 create this vuln video plz..
Bro how much money you earn till now 😅 ? Can you share your hacktivity
100000000000000000000000000$
count and tell me how much it is 🌝
Please 🥺 make a video in which you share your journey step by step if you don't want to add voice then go with text and your songs 😁
How long does it take to get to this level
which level
@@lostsecc I mean how many years of experience do you have
6month only in bug hunting but before i was done ceh chfi redhat ccnp now i am full time bug hunter