Interested in supporting me and gaining early access to the Web Security Academy videos when they're recorded? Consider buying my course: academy.ranakhalil.com/p/web-security-academy-video-series! ✨ ✨
@10:07 I was only able to solve the lab using the GET method, instead of POST method here (Burp Community edition). This makes sense to me now, as the title of the lab is CSRF Where Token Validation Depends on Request Method (where this video was found @Portswigger Academy). I really like your teaching style, Rana. Hopefully, this saves someone time, if they get stuck.
hi Rana, I'm trying to use your html payload and Burp payload, I start the server on ngrok, the page loads and I'm thrown to the lab. Why? why don't I stay on the website with a payload?
Can anyone provide a overview or sample code which is written on the backend and which is vulnerable to the above depicted attack i.e how the backend is handling the request in terms of CSRF token
Interested in supporting me and gaining early access to the Web Security Academy videos when they're recorded? Consider buying my course: academy.ranakhalil.com/p/web-security-academy-video-series! ✨ ✨
@10:07 I was only able to solve the lab using the GET method, instead of POST method here (Burp Community edition). This makes sense to me now, as the title of the lab is CSRF Where Token Validation Depends on Request Method (where this video was found @Portswigger Academy). I really like your teaching style, Rana. Hopefully, this saves someone time, if they get stuck.
U have great knowledge. And thanks for sharing ur knowledge. Really helpful. I want to know ur path. When did u start, wt r resources, books u hv used
I really want you to cover all the portswigger labs
Keep up the great work
Thank you 😊
hi Rana, I'm trying to use your html payload and Burp payload, I start the server on ngrok, the page loads and I'm thrown to the lab. Why? why don't I stay on the website with a payload?
Can anyone provide a overview or sample code which is written on the backend and which is vulnerable to the above depicted attack i.e how the backend is handling the request in terms of CSRF token
thank you, sister. give me more video........
مشاءالله ❤
Can you add an arabic caption
Tweet me, DM me etc etc but never replies.... Masha allah....