Just picking a random video from your channel to tell you that you're doing a marvelous teaching job! You managed to explain very complex topics in a very gentle and simple way, I hope I could one day reach a tenth of your teaching quality. Congratulations and thank you so much for your work
I have watched a couple of videos, but I struggled to grasp the meaning of SSRF. However, after watching your video, I gained a much clearer understanding. Jazakallah khairan, sister Rana 🤲
Mam please upload more videos on client side and server side attacks....Your videos are much awaited...Please upload videos on XSS soon...waiting for that
thx for the video, it really clarified my knowledge on SSRF. Thankyou so much for making this video, you are a great teacher. Consider making a patreon like the guy down below said.
Hi Ma'am. I follow your videos. The content is great in all your videos. In this video particularly, I felt that DNS rebinding could have been explained in a more clearer way as this is my first time encountering it. Just a feedback from my side. I hope this helps you in making your content better someway.
great rana but i hope u can do this in arabic version for arab white hat hackers . im so glad to see u in youtube and i will support u cuz u deserve that , big thanks and i wait a lot from u ! ty
One of the most precise and well-organized videos I have ever seen. Unfortunately, I'm from Iran otherwise I would definitely get your course. is there any way I can get it?
Hi madam, thank you for your great content, I have a question that at 07:47, you talked about clicking on add items or delete items is an external request that will be blocked by the firewall. I just wonder why that is the case? Thank you again because your videos are giving me a lot of useful knowledge.
Hello Quyen. In the "real word", real work environments often block external ip addresses from accessing internal systems and its functionalities. Imagine a monitoring system functionality inside a network that requires no authentication, for disaster recovery purposes. As it represents a risk, it can only be accessed internally by administrators. As so, if you make a request to the service, you will get blocked (e.g. firewall). WIth SSRF, you are tricking the actual application to make that request to his own server, through the loopback network interface, and as so, it is not you requesting, but the vulnerable application hosted in the server. As it is allowed to access internally, you have access. The same with "Add Items".
Don't want to wait for the weekly release schedule to gain access to all the videos and want to be added to a discord server where you can ask questions? Make sure to sign up to my course: bit.ly/30LWAtE ✨✨
@@francisdonald4298 Not necessarily but it will help you understand better and learn faster. If you're pentesting a web application and you want to perform an SQL injection attack, you'll need to 'at least', understand the syntax of PHP and how SQL is used to query a database.... If you're doing an XSS attack, you'll need to understand JAVASCRIPT.
Just picking a random video from your channel to tell you that you're doing a marvelous teaching job! You managed to explain very complex topics in a very gentle and simple way, I hope I could one day reach a tenth of your teaching quality. Congratulations and thank you so much for your work
Thank you! I appreciate the kind words ❤
I have watched a couple of videos, but I struggled to grasp the meaning of SSRF. However, after watching your video, I gained a much clearer understanding. Jazakallah khairan, sister Rana 🤲
أحبك في الله يا أختي والله سهلتي علي المعلومات بصورة جميلة وواضحة بارك الله فيك وجزاك الله كل خير على هذا الشرح الرائع والمتميز
Great teacher and very well taught .... Explained very well.
Thank you Rana ! I really appreciate your effort. These videos are really wonderful
Mam please upload more videos on client side and server side attacks....Your videos are much awaited...Please upload videos on XSS soon...waiting for that
Look forward to more great tutorials! One of the best and comprehensive talks on this subject!
cant stop watching your videos and learning! you make learning these complex subjects so easy! i just subscribed to your course to do more hands-on 😊😊
Thanks Ghinwa!
thx for the video, it really clarified my knowledge on SSRF.
Thankyou so much for making this video, you are a great teacher.
Consider making a patreon like the guy down below said.
Your videos are much awaited.Please upload videos continuously❤❤❤❤❤❤❤❤❤
Need Videos For Every Portswigger Labs Ur Videos are easily understandable
Hi Ma'am. I follow your videos. The content is great in all your videos. In this video particularly, I felt that DNS rebinding could have been explained in a more clearer way as this is my first time encountering it. Just a feedback from my side. I hope this helps you in making your content better someway.
Amazing vid, shukran sis!
great rana but i hope u can do this in arabic version for arab white hat hackers . im so glad to see u in youtube and i will support u cuz u deserve that , big thanks and i wait a lot from u ! ty
Great video and explanation Rana! thanks for sharing this high quality content!!!
This is awesome just saw you on David Bombal and I can see why such a great tech name recommends you. Great work👍
Totally Awesome! Thank you !
Was waiting for this.
Thanks for making this. Can you please change auto generated subtitles from Indonesian to English?
kindly share a video on XXE attack
thanks for the content
This is superb, thank you so much!!
Thank you, it is awesome… can you advice us about oscp certification?
Thanks for the video
can you change auto-generated subtitle in English instead Indonesian, please?
One of the most precise and well-organized videos I have ever seen. Unfortunately, I'm from Iran otherwise I would definitely get your course. is there any way I can get it?
Thanks sister....
thank you, gracias Rana
Theory is a torture😅
Time for practical
Thank you so much.
good explanation
Thank you
great job!!! you Rock!!
Thank u so much ❤
precious one
thank youuuu
Rana SSRF lab 4-8 is hidden we can not wach it
Hi madam, thank you for your great content, I have a question that at 07:47, you talked about clicking on add items or delete items is an external request that will be blocked by the firewall. I just wonder why that is the case? Thank you again because your videos are giving me a lot of useful knowledge.
Hello Quyen.
In the "real word", real work environments often block external ip addresses from accessing internal systems and its functionalities. Imagine a monitoring system functionality inside a network that requires no authentication, for disaster recovery purposes. As it represents a risk, it can only be accessed internally by administrators. As so, if you make a request to the service, you will get blocked (e.g. firewall). WIth SSRF, you are tricking the actual application to make that request to his own server, through the loopback network interface, and as so, it is not you requesting, but the vulnerable application hosted in the server. As it is allowed to access internally, you have access. The same with "Add Items".
U r the best.
What network diagram do you know to draw?
Awesome
Explanation speed is very fast, it would be better if you reduce the speed.
Thanks from iraq
mam, can you make course for xxs ?
There are a slides on her githup
Todo esto es casi igual al sistema bug bounty
Makasih rana
🤩😍
I love you sist
Sisterrrrrrrrrrrr u are amazinggggggggggg
Jazakallah
Made some bucks out of your video
Some bucks wink wink
Love u
🙏👌
Want talk toghether
make audio clear
Don't want to wait for the weekly release schedule to gain access to all the videos and want to be added to a discord server where you can ask questions? Make sure to sign up to my course: bit.ly/30LWAtE ✨✨
Learning pentest is there need for programming???
@@francisdonald4298 Not necessarily but it will help you understand better and learn faster. If you're pentesting a web application and you want to perform an SQL injection attack, you'll need to 'at least', understand the syntax of PHP and how SQL is used to query a database.... If you're doing an XSS attack, you'll need to understand JAVASCRIPT.
Good content but terrible voice 😨😨😨
Thank you