Approaching Large Scope Targets Without Feeling Overwhelmed

Поделиться
HTML-код
  • Опубликовано: 24 дек 2024

Комментарии • 24

  • @keppubgpc
    @keppubgpc Год назад +6

    Video Idea: How to get your first bug in 2024

  • @Cawnnak
    @Cawnnak Год назад +1

    I burned out too quick sometime and this gave me such amazing refresh ideas.

  • @mianashhad9802
    @mianashhad9802 Год назад

    Always love your videos, Katie. I am going to be hacking on my first ever live target after my university exams end.
    When I do find my first bug, you will have played a big role in that. Can't believe you are going to complete 100 videos after your next upload.

    • @InsiderPhD
      @InsiderPhD  Год назад +3

      You got it, good luck! 🤞 I didn’t even realise I was at 99 public videos though I don’t think I will count my uni hackathon submission so maybe I’m technically at 98

    • @mianashhad9802
      @mianashhad9802 Год назад

      @@InsiderPhD Thank you!
      Well, 2 uploads to go then. 🙂

  • @bertrandfossung1216
    @bertrandfossung1216 Год назад +1

    Thank you Katie. This video came right on time 😊

    • @InsiderPhD
      @InsiderPhD  Год назад +2

      Good courage! Just focus on a small little bit to start with keep your scope narrow but pivot often!

  • @T3chnocr4t
    @T3chnocr4t Месяц назад

    thanks for the presentation it is really insightful.

  • @Ch1R0n1n
    @Ch1R0n1n Год назад

    Thank you for being such an inspiration Katie!

  • @Pubgucxxxx
    @Pubgucxxxx Год назад

    love from UZBEKISTAN💌

  • @MFoster392
    @MFoster392 Год назад

    You're the best, I hope you have a Happy New Years :)

  • @bhag47
    @bhag47 11 месяцев назад

    hey katie i found a critical idor in program i hunt but i have a doubt i found this when uploading and deleting post's. so in the cookie they using a parameter called "cticket" and it's act like a session manager of particular user so i change this with the second accounts cticket and boom! the post is uploaded to other account i created. but the problem is this cticket parameter is using in cookie and we don't need any user id or other component in request to get access even if that things in the request. and my doubt is a month ago i reported a bug that was like i can add things to other users cart with just changing the cookie's of the account's but they told me you need to preform a MITM attacks to get cookie's so that become informative. and in this case the cticket parameter is in the cookie so is this report become like that ? idk in your videos you telling jest change the cookie's and this trick is works well but those guy telling you need to peform MITM 😵‍💫🥴

    • @bhag47
      @bhag47 11 месяцев назад

      please replay i asked this to chatgpt and that thing is telling to me it's a session hijacking fuck !😖

    • @InsiderPhD
      @InsiderPhD  11 месяцев назад +1

      You’ve got the cookie the wrong way round, this is working as intended and is secure, with changing the cookie (or any cookie-like parameter) changing the cookie is just an easier way to login to another account. So if you make a request using user As cookie and it affects user As account that is totally fine, it’s only if you can use user As cookie and affect user B that it is a vulnerability. Because you’re saying “when you login to Katie’s account you can affect Katie’s account” that’s intentional, you need to do “when you login to exe’s account you can affect Katie’s account” you don’t need the cookie of your victim at all.

    • @bhag47
      @bhag47 11 месяцев назад

      @@InsiderPhDok i get it thanks. so my two reports are gonna become NA🙂

  • @aboveanything
    @aboveanything 11 месяцев назад

    I have been watching your videos for a while rn. Also, i already found paid bug. But, it wasn't api related bug😢

  • @shingareom
    @shingareom 11 месяцев назад

    Katie, could you please tryna make video on the full syllabus of web penetration testing like the whole syllabus of web penetration testing including the API pen testing, offsec 200, offsec 300 and more you know.. Please 😢❤

  • @orbitxyz7867
    @orbitxyz7867 Год назад

    happy new year❤

  • @orbitxyz7867
    @orbitxyz7867 Год назад

    Thank you mam ❤

  • @Sandeep-c3c4j
    @Sandeep-c3c4j 11 месяцев назад

    Some malware, spy app and virus is difficult to remove even after factory reset phone they came automatically don't know how I am in problem please help me . Not possible to change phone hard-disk

  • @Proxyone444
    @Proxyone444 Год назад

  • @TheCyberWarriorGuy
    @TheCyberWarriorGuy Год назад

    :)

  • @yosif_qasim
    @yosif_qasim Год назад

    You forgot to link the recon article 🫣

    • @flashcrick7082
      @flashcrick7082 9 месяцев назад

      Ya scrolled a lot just to find a link to it maybe I will need to look for it myself.