[Hindi] Directory Traversal Attack | Path Traversal Attack | How to Find | Code review | Mitigations

Поделиться
HTML-код
  • Опубликовано: 16 июн 2024
  • Timestamps:
    0:00 Introduction
    0:52 What is Directory Traversal Attack?
    5:48 Code review
    9:36 Directory Traversal vs File inclusion
    10:13 Let's Practice on DVWA
    18:53 Portswigger all labs
    28:55 Mitigations
    30:57 Bug Hunting Tips
    In this video, we dive deep into the concept of Directory Traversal Attacks, a common yet dangerous security vulnerability that can expose sensitive files and data on a web server. You'll learn:
    What is a Directory Traversal Attack?: We start by explaining the basics of this attack, how it exploits improper validation of user input to access restricted directories and files on a server.
    How It Works: We'll demonstrate step-by-step how an attacker can craft malicious requests to traverse directories and gain unauthorized access to sensitive information like configuration files, database credentials, and more.
    Real-World Examples: We provide real-world scenarios where directory traversal attacks have been successfully executed, highlighting the impact and severity of such vulnerabilities.
    Code Review: Watch as we perform a thorough code review to identify common coding mistakes that can lead to directory traversal vulnerabilities. We analyze sample code, pinpoint security flaws, and discuss how to rectify them.
    Detection and Prevention: Most importantly, we'll cover effective strategies to detect and prevent directory traversal attacks. This includes input validation, proper configuration, and using security tools to safeguard your web applications.
    Best Practices: Finally, we share best practices and recommendations for developers and system administrators to enhance the security posture of their web applications and servers.
    By the end of this video, you'll have a comprehensive understanding of directory traversal attacks, be able to identify potential vulnerabilities in your code, and be equipped with the knowledge to protect your systems against them. Don't forget to like, comment, and subscribe for more cybersecurity tutorials and tips!
  • НаукаНаука

Комментарии • 9

  • @user-iu4gc8bt7g
    @user-iu4gc8bt7g 9 дней назад

    Thank you. Your teaching style are very understandable 😊
    From Bangladesh 🇧🇩

  • @buntygandhi21
    @buntygandhi21 9 дней назад

    Good one👍

  • @SHIVA_Shinde_901
    @SHIVA_Shinde_901 11 дней назад

    Please start with cyber security sir ❤

  • @Lovesatan666
    @Lovesatan666 20 дней назад

    Keep going and keep motivating us❤

  • @nirajthegreat5742
    @nirajthegreat5742 20 дней назад

    🔥🔥🔥🔥

  • @HarshMehta-tn1yr
    @HarshMehta-tn1yr 6 дней назад

    Bro which tool you use for bug bounty and pentesting

  • @Kb31962
    @Kb31962 21 день назад +1

    Aap hacking ke liye konsi machine use kerthe ho????

  • @Kb31962
    @Kb31962 21 день назад +1

    Kya aap Kali Linux use karthe ho????

  • @geekforyou543
    @geekforyou543 20 дней назад

    Bhai ye file inclusion vulnerability naam se padha tha.

Следующие
Автовоспроизведение
Hadoop Distributed File System (HDFS) ll Blocks ll Name Node and Data Naode Explained in Hindi6:35Hadoop Distributed File System (HDFS) ll Blocks ll Name Node and Data Naode Explained in Hindi
Hadoop Distributed File System (HDFS) ll Blocks ll Name Node and Data Naode Explained in Hindi5 Minutes Engineering
Просмотров 274 тыс.
[Hindi] BurpSuite Complete Course in Hindi | Everything you need to know #burpsuite #bugbounty1:02:40[Hindi] BurpSuite Complete Course in Hindi | Everything you need to know #burpsuite #bugbounty
[Hindi] BurpSuite Complete Course in Hindi | Everything you need to know #burpsuite #bugbountyTanish Mahajan
Просмотров 5 тыс.
Everything about Linux from Scratch-Part-1 Hindi/urdu | Linux tutorial for beginners in hindi41:53Everything about Linux from Scratch-Part-1 Hindi/urdu | Linux tutorial for beginners in hindi
Everything about Linux from Scratch-Part-1 Hindi/urdu | Linux tutorial for beginners in hindiTechnical Guftgu
Просмотров 1,2 млн
Surprising Family with NEW Gaming Room! *Secret* (FV Family / FGTeeV vlog)29:40Surprising Family with NEW Gaming Room! *Secret* (FV Family / FGTeeV vlog)
Surprising Family with NEW Gaming Room! *Secret* (FV Family / FGTeeV vlog)FV FAMILY
Просмотров 644 тыс.
Ángela Aguilar - Gotitas Saladas (Video Oficial)03:21Ángela Aguilar - Gotitas Saladas (Video Oficial)
Ángela Aguilar - Gotitas Saladas (Video Oficial)Angela Aguilar Oficial
Просмотров 1 млн
World’s Deadliest Obstacle Course!28:25World’s Deadliest Obstacle Course!
World’s Deadliest Obstacle Course!MrBeast
Просмотров 65 млн
I Built A Killer Skyscraper in Minecraft25:29I Built A Killer Skyscraper in Minecraft
I Built A Killer Skyscraper in MinecraftBranzy
Просмотров 393 тыс.
HOW TO SECURE YOUR SYSTEM FROM HACKERS? - BE CAREFUL 💀12:26HOW TO SECURE YOUR SYSTEM FROM HACKERS? - BE CAREFUL 💀
HOW TO SECURE YOUR SYSTEM FROM HACKERS? - BE CAREFUL 💀WsCube Tech
Просмотров 35 тыс.
How to Become AWS Cloud Engineer in 2023 | For Experienced & Freshers | AWS | Cloud Engineer4:55How to Become AWS Cloud Engineer in 2023 | For Experienced & Freshers | AWS | Cloud Engineer
How to Become AWS Cloud Engineer in 2023 | For Experienced & Freshers | AWS | Cloud EngineerLearn AWS with Linux
Просмотров 10 тыс.
What is Local File Inclusion? How Directory Traversal Works? Hunt for Path Traversal | Bug Bounty26:38What is Local File Inclusion? How Directory Traversal Works? Hunt for Path Traversal | Bug Bounty
What is Local File Inclusion? How Directory Traversal Works? Hunt for Path Traversal | Bug BountyAnkit Chauhan
Просмотров 15 тыс.
What is directory traversal? (file path traversal) - Web Security Academy5:09What is directory traversal? (file path traversal) - Web Security Academy
What is directory traversal? (file path traversal) - Web Security AcademyPortSwigger
Просмотров 80 тыс.
Mastering MLOps (Introduction): Part 119:13Mastering MLOps (Introduction): Part 1
Mastering MLOps (Introduction): Part 1AI Council
Просмотров 6
OWASP Top 10 Vulnerabilities in Hindi17:22OWASP Top 10 Vulnerabilities in Hindi
OWASP Top 10 Vulnerabilities in HindiCyberwings Security
Просмотров 28 тыс.
How to get 50% OFF ON ANY AWS CERTIFICATE12:33How to get 50% OFF ON ANY AWS CERTIFICATE
How to get 50% OFF ON ANY AWS CERTIFICATEAlienwareSec
Просмотров 3,4 тыс.
pfSense Firewall - pfSense Administration Full Course3:35:47pfSense Firewall - pfSense Administration Full Course
pfSense Firewall - pfSense Administration Full CourseKnowledge Power
Просмотров 468 тыс.
Best Programming Language for Ethical Hacking in 20248:14Best Programming Language for Ethical Hacking in 2024
Best Programming Language for Ethical Hacking in 2024WsCube Cyber Security
Просмотров 19 тыс.
ВЫ ЧЕ СДЕЛАЛИ С iOS 18?22:40ВЫ ЧЕ СДЕЛАЛИ С iOS 18?
ВЫ ЧЕ СДЕЛАЛИ С iOS 18?Overtake lab
Просмотров 120 тыс.
WWDC 2024 - June 10 | Apple1:43:37WWDC 2024 — June 10 | Apple
WWDC 2024 - June 10 | AppleApple
Просмотров 10 млн
ПК за 40к для игр и работы в 2024 | Arc A580 - новый топ18:02ПК за 40к для игр и работы в 2024 | Arc A580 – новый топ
ПК за 40к для игр и работы в 2024 | Arc A580 - новый топМой Компьютер
Просмотров 109 тыс.
keren sih #iphone #apple00:16keren sih #iphone #apple
keren sih #iphone #applekadangaruan
Просмотров 1,7 млн
AI от Apple - ОБЪЯСНЯЕМ24:19AI от Apple - ОБЪЯСНЯЕМ
AI от Apple - ОБЪЯСНЯЕМDroider
Просмотров 119 тыс.
ЛУЧШИЙ ПОВЕРБАНК ОТ XIAOMI00:39ЛУЧШИЙ ПОВЕРБАНК ОТ XIAOMI
ЛУЧШИЙ ПОВЕРБАНК ОТ XIAOMIHOME EXPERT
Просмотров 15 тыс.
How To Unlock Your iphone With Your Voice00:34How To Unlock Your iphone With Your Voice
How To Unlock Your iphone With Your Voice요루퐁 yorupong
Просмотров 23 млн
Обслуживание видеокарты. Качество-наше второе имя00:13Обслуживание видеокарты. Качество-наше второе имя
Обслуживание видеокарты. Качество-наше второе имяANDMINING
Просмотров 23 тыс.