Видео

✅

thank you sooooo much can not thank you enough for this lesson <3

My docker won’t install it says “waiting for cache lock: could not get lock”

isn't the scaning a target is a 2nd phase for pentesting?? while not Info Gathering?

Hey if we shut down our system or close the docker seession do we need to download them again . and btw i love your videos and content you provide . THANKS FOR THEM , you are just helping us more than you think.!!!

Thank you so much for the video, I'm studying a Master's of Science in Cybersecurity and it was really helpful for a class. ✌

parameters do not appear to be injectable

i'm getting issues like "The security score cannot be calculated until AWS Config is enabled and resource recording is configured."

Where is the full course

i am following the exact steps except sqlmap is not doing anything it just stopped : sqlmap -u 127.0.0.1/vulnerabilities/sqli/?id=212&Submit=Submit# --cookie="v09fjlf03mjchvfgi9rceelrs1;security=low" --tables [INFO] testing connection to the target URL got a 302 redirect to '127.0.0.1/login.php'. Do you want to follow? [Y/n] [6]+ Stopped sudo sqlmap -u 127.0.0.1/vulnerabilities/sqli/?id=212

Full course

You are going too fast . I am a beginner and You lost me

why you said S not AWS

Also a very shit tool hahaha linux is shit

Hi there, I would like to know if when I purchase your courses on your website, is it full-time access or...?

You were able to explain this topic as if someone has never scene it, yet leaving them with a solid understanding of a high-level view.

how can i prepare for the pbq's aside from the 5 questions u provide? i have seen some people mention logs, firewall configuration, determining which computer is infected w/ malware but I can't see how i could prepare for pbq's if i don't know what they will consist of in the exam?

Is it possible for 5g wpa2-Personal ?

Thank you! 😄🎉🤠

Can't argue with a guy wearing an Iron Maiden shirt, it means I know I'm in the right place!

This is awesome content! Studying for PenTest+ to get an idea if i want to pursue pentesting. Your channel is an excellent resource.

Can this tool be integrated with Wazuh?

💯 great advice! I am using the Udemy platform and Dion CompTIA training courses and it is a ton of definitions, especially if you study the Network+ training modules as well. I am doing a lot of hand writing of definitions as I see them in the training courses and also using Quizlet for additional training questions and flashcards. There are already available sets of flashcards on Quizlet and I like that the tool has dark mode and is free to use. It is best if you can make your own study aides but at least if you have written/typed the definitions at least once then you should be okay. I rewrite the terms on practice questions I miss. Also take as many practice tests as you can to make sure you are learning the terms vs just memorizing answers. Finally while training courses offer suggested paces make sure you are going at a pace that is comfortable for you, don't get burnt out especially if you have a full time career, Rome wasn't built in a day.

Doesn't work on 5ghz 🤣

Does it still work in 2024

This course is just perfect! Thanks so much.

Html

great content and cant thank you enough for the extra effort you put for us to understand . bravo

New to cybersecurity and application security and recently hired as an apprentice to do on the job learning as an Application security engineer. Having difficulties of where to start my journey . Recently passed the net (+), security (+) and cysa (+). Do you know of a good instructor led programming course to get my foundation?

Cybr, Subscribed because your videos always make me smile!

awesome cleanly explained. look forward more realistic example, the IAM put* definitely low hanging fruit

Video starts at 23:50

Thanks

This video could’ve been cut in half because why waste time showing how to install everything and then use sqlmap when if you never have used kali or installed a virtual machine then you most likely shouldn’t be wondering about sqlmap

IAM GOING TO DO THIS FOR MY INTERNAL 3. THANKS BBRO

Good morning,please at the beginning while trying to set up docker .. When I run the command...docker run --rm -it -p 80:80 vulnerables/web-dvwa I get am error messages saying Error starting userland proxy Address already in use Docker: error response from daemon

Thanks man , I finally got it sorted

<script>alert("hachnjimkd");<script>

wow. finally understood the vault structure. thank you very much.

Great course. Big ups buddy!

Is it recognize able by the website owner?

Very awesome

Very useful

Nice explanation with the illustrations. It also beautifully showed the differences between the different types. Still wondering some things: It is called cross-site scripting. I always wondered what's exactly cross-site about it, i.e., what is denoted as the different sites where the code is to cross in between. From your explanation, it sounds like two different frontend pages, i.e., you see some HTML page, click a link or submit a form and thus the browser requests another HTML page, which will execute the code you brought over. But in modern day we may also have a single page application, so we don't get a completely new HTML page from the backend, only some data and the frontend can re-form using the logic it already has. You could of course still inject some script there depending on the logic in the frontend, though it's a bit of a question when a site is crossed there. Another idea is that you could call different machines or processes sites, i.e., the frontend being a site and the backend server being a site, but DOM-based XSS would not fit in this frame. When you submit a form normally, you get another HTML page. Of course, it would not make sense as an attack to inject something in the javascript of that new HTML page while targeting yourself. You can control your own browser and issue own javascript. So I wonder how reflected XSS targets the browser of another user. The thing that comes to mind is when the backend has a reactive pattern and sends data to other users with for example websockets but then they would usually not get whole new HTML pages from that. Another idea would be to send the target users the URL with the malicious payload.The HTTP GET method uses query parameters. For POST method, the payload would need to be in a header or entity, which would be more difficult to trick other users into to issue, since this isn't entailed in a URL. Similarly with DOM-based XSS, to target another user, you would need to send them a URL with the malicious payload via different means, tricking them to open it. And I guess there could be mixed forms of XSS, where a stored XSS places some links with malicious URLs on the HTML page of victim users and clicking them can trigger additional stuff as any type of XSS.

awesome thanks

Thank you! This is very useful for learning how IAM access keys work.

wow very articulate, excellent

Such a blatant fireship ripoff.

Ok. I'm confused, having taken the CCNA and the Network+ classes. What are you talking about? How can you even understand the basics of computing, let alone packet, segment, or frame content if you can't understand the OSI Protocol stack and it's functions?

name is a column or function?