Hey katie. Awesome methodology and video as always but I think it would be wonderful if you could a takeaways slide at the end of the presentation . I think it would help greatly in effective note taking . Because whenever i watch your video i try to take notes and understand some things from it but it is not always possible to grasp every tips and tricks you provide in just one watch. So then i do some more research on the topic and relate that to my notetaking and still there remain certain things that im not able to properly grasp so i have to watch the whole video all over again to find that point where you were describing the desired topic and try to understand it more. And so until im able to fully understand all the note taking ive done it takes me to watch your videos like 4/5 times . So i think it would be really great if you could do just one more slide on the takeaways and it would really mitigate this problem i have and also help me to be efficient in taking notes . Thank you 😊
Hey, I'd like to ask here since I'm a newbie to bug bounties.. What does it mean when a company states, that SCANNERS ARE NOT ALLOWED? Does it mean I can't use stuff like nmap, sqlmap, xsstriker etc? So I basically have to find all the bugs manually? Thanks in advance
It means you can’t run a bunch of automated scanners, nmap would probably be disallowed but sqlmap and XSStrike (assuming you were running it on one endpoint) would be. They just don’t want a bunch of requests that clog up a service for legitimate users. Or they want real security issues rather than best practice which scanner often find.
Is this information still valid nowadays?!! (It is two years since this video was posted) ... and does those vulnerabilities still exists in the wild?! ... thank you
Ugh, sorry, I must have forgotten to turn them off, they are so annoying, youtube puts them on by default and they play ALL the time, despite me turning off midrolls
Aww I’m sorry to hear that I know it sucks to lose your computer. I saved up for months to get my laptop and I can say I’d be absolutely devastated if it was stolen. Don’t worry too much about missing my content, it’ll all be here!
Thanks for sharing your knowledge about GraphQL. Its really helpful for beginners in graphl vulns scanning
Thank you for clearing my concept. Will listen to your practical video of it. Will help me in my work!!!!
You’re the best. Keep doing what you’re doing. Much love from San Diego
Hey~~ I got Information disclosure and got 6 redbull trays thank you!!
Perfect explanation!👏🏻This video cleared my brain about graphQL...
Thanks Katie 🔥
Best teacher to learn web application hacking
😁😁😁😁 I appreciate it!
She is back!!!!
Perfect explanation, keep making such videos plz. we all support you, katie.
As a Soap developer, having WS-Security this give me the creeps. As a bounty hunter this brings me joy!
Hey katie. Awesome methodology and video as always but I think it would be wonderful if you could a takeaways slide at the end of the presentation . I think it would help greatly in effective note taking . Because whenever i watch your video i try to take notes and understand some things from it but it is not always possible to grasp every tips and tricks you provide in just one watch. So then i do some more research on the topic and relate that to my notetaking and still there remain certain things that im not able to properly grasp so i have to watch the whole video all over again to find that point where you were describing the desired topic and try to understand it more. And so until im able to fully understand all the note taking ive done it takes me to watch your videos like 4/5 times . So i think it would be really great if you could do just one more slide on the takeaways and it would really mitigate this problem i have and also help me to be efficient in taking notes . Thank you 😊
Thank you for the feedback I will take it onboard and do a summary at the end :)
@@InsiderPhD you are most welcome katie 🥰❤️❤️
Why am i jealous of a youtube video wtf.
I hope i meet someone who pays as much attention to me as you do to graphql lectures.
@@kira_io #katiehax 🙃
@@mohammedsabbirahmed3015 😳
amazing lecture!! - thank you for creating this. I'm new to this bug hunting so doing the hacker101 challenges and stuck on this graphQL nonsense :)
Do live bug Hunting
Love.. Your.. Content.. Thank you.. ❤❤👍👍☺
thank you so much!
dude its like ads every 3 minutes, great content though.
I’m so sorry it’s RUclips adding them in automatically I’ve turned them off now and hopefully for all future videos!
Rewatching this video now.. apparently I forgot nearly everything :P
Hey, I'd like to ask here since I'm a newbie to bug bounties.. What does it mean when a company states, that SCANNERS ARE NOT ALLOWED? Does it mean I can't use stuff like nmap, sqlmap, xsstriker etc? So I basically have to find all the bugs manually?
Thanks in advance
It means you can’t run a bunch of automated scanners, nmap would probably be disallowed but sqlmap and XSStrike (assuming you were running it on one endpoint) would be. They just don’t want a bunch of requests that clog up a service for legitimate users. Or they want real security issues rather than best practice which scanner often find.
Hey Katie
Your content is amazing but please try to make small videos in a playlist manner.
how do i get the introspection?
Find a graphic endpoint and use the introspection query
❤️
your videos are nice, can you please teach everyone about subdomain takeover?
-thanks
Hey i tried to find bugs many time.
I can't even find a single bug. 😭
@ahmad.mansour Mansour NO.
Hi kitty i really need your help where can i contact you i just need 5min please
Discord! I’m pretty active and if I’m not around someone else will try to help you
@@InsiderPhD give me the link please
Is this information still valid nowadays?!! (It is two years since this video was posted) ... and does those vulnerabilities still exists in the wild?! ... thank you
Yup, actually even more common now as more companies have adopted this technology!
@@InsiderPhD Thank you for answering ... and I would like to say "You are an awesome person" :-)
Hello mam
Nice video, but loud ads every 2 minutes... less happy about that.
Ugh, sorry, I must have forgotten to turn them off, they are so annoying, youtube puts them on by default and they play ALL the time, despite me turning off midrolls
Hey Katie I loss my laptop (stolen) I may miss your lessons but I was hoping I get one soon
....
Aww I’m sorry to hear that I know it sucks to lose your computer. I saved up for months to get my laptop and I can say I’d be absolutely devastated if it was stolen. Don’t worry too much about missing my content, it’ll all be here!
@@InsiderPhD Yes Dear my Valuable data is Lost ,😔 Hope 2021 gives something .....