Burp for Beginners: How to Use Intruder
HTML-код
- Опубликовано: 15 июл 2024
- Intruder is an awesome tool, but it can be really intimidating. When you know everything you can do with it, it can fundamentally change your testing methodology. In this video, we cover everything intruder, like what's the difference between Sniper and Battering Ram? What are all the payloads? How can we use intruder to find race conditions? Oh yeah, by the way... this video is almost ALL DEMO!
Did you know this episode was sponsored by Intigriti? Sign up with my link go.intigriti.com/katie I'm so pleased with everyone's positive response to the Intigriti sponsorship and I'm so pleased you folks are finding bugs and even finding your first bugs! Thank you for being awesome!
Happy fourth of July Americans, I hope you have a great holiday weekend! Next week's video is going to be all about iOS testing and how to setup an old iOS device for hacking as well as how to actually find bugs in iOS, stay tuned for that!
What are you doing this weekend? What burp videos do you want to see? Let me know in a comment!
Do you want to support me? Why not buy me a coffee? ko-fi.com/insiderphd
Got questions? I have answers, Tweet at me / insiderphd Развлечения
tx, kt. another extremely enjoyable saturday night. popcorn and wsl... really cannot be original but again grep how intuitive and instructive all your videos are.
finally,a video that actually worths watching and simple enough to understand.
thank you,you are awesome :))
i recommend this video to my friends who want to work as a web pentester or curious about fun stfus . i really enjoy your explanation . good luck
Hi Katie
I wanted to take some time out to Thank You for your time and effort in educating me and several others like me who are new to this world of BugBounty.
I started learning about bug bounty a week ago. And I cant express in words how helpful your channel is to me as an absolute beginner. Please continue to educate us. :)
Thank you, as long as people are watching I'll keep making them and sharing what all info I have !
Another great video with basics ! Thanks katie 🦾⭐️
for beginners watching your videos are super helpful and i am one of them so thank u for the content that u r posting
This was insane! Thank you so much!
Thanks a lot for this video, it really help me a lot
Mind Blowing Content, Personally I like your API series , which is literally explained in easy method !! 🤩🤩🤩❤❤❤❤
Thanks so much, for a beginner like me is so useful, i am here for the cyber mentor recomendation. and again great job :)
thank you for the masterclass :)
Thanks for the awesome video!! I’d love some tutorials on ZAP as well.
Ya
Awesome. I learn a lot from you.
crystal clear!
thank you for the great well-presented content ....happy hunting
Good video, it would also be nice if you linked to any github projects in the description too
thank you
Thanks... ❤
Thx For such Great content ❤️
No problem! I really love making content for you folks
Can you share a video which shows burp scanning a jwt based application and using the session handling to replace the jwt. It would be really helpful for modern applications
Thx u so much
Hi Mam,thanks for providing the very useful content for free of cost.Thanks a lot .small request from my end.please do a video on OWASP top ten web application security vulnerabilities.Thanks in advance
I'll add your suggestion to the list! I think it might be neat to compare OWASP with h1+bugcrowd
Awesome video:)
Glad you liked it
Thank you for this! Learned something new. By the way, are you also planning to have a race condition video in the future?
Yup, I plan on making race conditions + turbo intruder into one video, though there are lots of ways to experiment with race conditions, I thought they would make a good pair!
@@InsiderPhD Thank you, will wait for that one 😁
Thank you Katie.
I saw you said Burp is quite slow, so we might use another tool for the requests and send it to Burp 17:01.
I dont get it. How can u use another tool and send the request to Burp?
10x!
Hi Katie,
may I know how long you take time to master this burp suite?
does burp community edition have request engine under the options panel in intruder?
thanks
nice demo Thanks so much
You are welcome! I'm glad you liked it :)
What is the formula to calculate total request count in Cluster Bomb?
How can you be my mentor what had to do for that
can you bypass 2fa with this
At 11.40, Response received of all user id's have success status of 200, A newbie will think all ids are valid regardless of what the response is. User id which does not exist should throw status like 404 etc. What's your take on this?
By the way thanks for such awesome tutorials
It probably should, I made this one, so any poor design decisions are completely on me! But it's still useful to sort by response length rather than 100% relying on response codes, one because you may get a lazy developer (guilty) and two because you might find other juicy goodies like an error message :)
@@InsiderPhD Hmm sounds interesting. Thanks for your clarification.
first one to comment
Those two thumbs down, whack
*Hi, can you cut down on chit chat in favour of keeping the videos short and to the point?*
I need Burpsuit as Premium Do you have ??
Nope! You definitely don’t need burp pro and there are so many ways to make burp community feel like burp pro. I’m working on a video right now explaining how to get the most of the free version of burp
5:50 PayloadBOX git repo as well !!