- 113
- 57 269
Bradsen
Приєднався 4 чер 2020
Documenting my journey in becoming an Ethical Hacker and Cybersecurity Engineer.
P.S. All opinions expressed here are my own.
P.S. All opinions expressed here are my own.
CSRF vulnerability with no defenses
In this video, I'll share with you my approach to solving [CSRF vulnerability with no defenses] from PortSwigger Web Security Academy.(Without using Burp Suite)
//REFERENCES//
1) portswigger.net/web-security/csrf#what-is-csrf
2) portswigger.net/web-security/csrf/lab-no-defenses
//FOLLOW ME HERE//
Website: bradsen.com
Github: github.com/bradsen
Instagram: @bradsendesign
Twitter: @bradsendesign
//REFERENCES//
1) portswigger.net/web-security/csrf#what-is-csrf
2) portswigger.net/web-security/csrf/lab-no-defenses
//FOLLOW ME HERE//
Website: bradsen.com
Github: github.com/bradsen
Instagram: @bradsendesign
Twitter: @bradsendesign
Переглядів: 20
Відео
Hybrid Identity with Federated Authentication (Configure Entra Connect/AAD)-Part 7
Переглядів 26Місяць тому
In the last part of the series, I'll share with you my step by step process in configuring Microsoft Entra Connect/Azure Active Directory in the federated authentication. Commands: github.com/bradsen/ADFS-Deployment //INSTRUCTIONS// 00:36 ▶️Turn off firewall 00:43 ▶️Rename computer 00:48 ▶️Join domain 01:02 ▶️Download Entra Connect (Method 1) 01:24 ▶️Download Entra Connect (Method 2) 01:58 ▶️In...
Hybrid Identity with Federated Authentication (Web Application Proxy Configuration)-Part 6
Переглядів 102 місяці тому
In this video, I'll share with you my step by step process in configuring the web application proxy. Commands: github.com/bradsen/ADFS-Deployment //INSTRUCTIONS// 01:00 ▶️Install SSL Cert 01:35 ▶️Rename computer 02:18 ▶️Turn off firewall 02:45 ▶️Add remote access service 03:22 ▶️Configure WAP 04:06 ▶️Publish Web App 05:03 ▶️Add Web Server (IIS) 05:41 ▶️Enable Windows Authentication 06:00 ▶️Upda...
Hybrid Identity with Federated Authentication (ADFS deployment)-Part 5
Переглядів 82 місяці тому
In this video, I'll share with you my step by step process in deploying ADFS. Commands: github.com/bradsen/ADFS-Deployment //INSTRUCTIONS// 00:00 ▶️Rename Computer 01:07 ▶️Turn off firewall 01:18 ▶️Configure forward lookup zone 02:32 ▶️Join domain 04:20 ▶️Add Active Directory Federation services 04:54 ▶️Configure Federation service 05:35 ▶️Add ADCS in Domain Controller 06:32 ▶️Configure ADCS 08...
Hybrid Identity with Federated Authentication (Configure AD)-Part 4
Переглядів 222 місяці тому
In this video, I'll share with you my step by step process in configuring the AD in the federated authentication. Commands: github.com/bradsen/ADFS-Deployment //INSTRUCTIONS// 00:00 ▶️Turn off firewall 00:43 ▶️Rename Computer 02:33 ▶️Add Active Directory Domain Services 03:05 ▶️Promote server to a domain controller 05:10 ▶️Create ADFS service account 07:38 ▶️Create DHCP option set //FOLLOW ME H...
Hybrid Identity with Federated Authentication (Deploy servers)-Part 3
Переглядів 72 місяці тому
In this video, I'll share with you my step by step process in deploying the various servers in AWS. Commands: github.com/bradsen/ADFS-Deployment //INSTRUCTIONS// 00:00 ▶️Deploy ADFS Server 02:50 ▶️Deploy WAP Server 04:17 ▶️Deploy Entra Connect Server //FOLLOW ME HERE// Website: bradsen.com Github: github.com/bradsen Instagram: @bradsendesign Twitter: @bradsendesign #ADFS #FederationService #ide...
Hybrid Identity with Federated Authentication (Setup Bastion Host)-Part 2
Переглядів 102 місяці тому
In this video, I'll share with you my step by step process in implementing the bastion host. Commands: github.com/bradsen/ADFS-Deployment //INSTRUCTIONS// 03:18 ▶️AWS Setup 06:42 ▶️Bastion Host Setup 09:16 ▶️Domain Controller Setup 11:37 ▶️Remote Desktop Connection Manager Setup //FOLLOW ME HERE// Website: bradsen.com Github: github.com/bradsen Instagram: @bradsendesign Twitter: @bradsendesign
Hybrid Identity with Federated Authentication (Microsoft Entra ID + ADFS)-Part 1
Переглядів 982 місяці тому
In this video, I'll share with you my step by step process in implementing federated authentication using Microsoft Entra ID (AAD) and ADFS. Commands: github.com/bradsen/ADFS-Deployment //INSTRUCTIONS// 04:23 ▶️Implementation Overview 07:47 ▶️Create FREE Domain name 09:05 ▶️Add Domain Names in Microsoft Entra ID //FOLLOW ME HERE// Website: bradsen.com Github: github.com/bradsen Instagram: @brad...
DOM XSS in document.write sink using source location.search inside a select element
Переглядів 473 місяці тому
In this video, I'll share with you my approach to solving [DOM XSS in document.write sink using source location.search inside a select element] from PortSwigger Web Security Academy. //REFERENCES// portswigger.net/web-security/cross-site-scripting/dom-based/lab-document-write-sink-inside-select-element ua-cam.com/video/ojiOCfg-FXU/v-deo.html //FOLLOW ME HERE// Website: bradsen.com Github: githu...
Reflected XSS into HTML context with most tags and attributes blocked
Переглядів 443 місяці тому
In this video, I'll share with you my approach to solving [Reflected XSS into HTML context with most tags and attributes blocked] from PortSwigger Web Security Academy. //REFERENCES// portswigger.net/web-security/cross-site-scripting/cheat-sheet forum.portswigger.net/thread/exploit-server-aa4a80d3078c64417395d //FOLLOW ME HERE// Website: bradsen.com Github: github.com/bradsen Instagram: @bradse...
How to download Windows 10 ISO directly from Microsoft Homepage
Переглядів 2993 місяці тому
In this video, I'll share with how you can download Windows ISO directly from Microsoft homepage. //REFERENCES// www.microsoft.com/en-au/software-download/windows10 //FOLLOW ME HERE// Website: bradsen.com Github: github.com/bradsen Instagram: @bradsendesign Twitter: @bradsendesign
Change Secure RDP Port Access (Your server at AWS)
Переглядів 213 місяці тому
How to change Secure RDP Port on Windows server in AWS //TIMESTAMP// 01:30 ▶️Creating Elastic IP address 02:45 ▶️Create a free domain name 05:15 ▶️Edit inbound Security Group 05:45 ▶️Enable TLS on the server 07:05 ▶️Generate self-sign dummy cert 10:00 ▶️Obtain a CA-signed certificate from Let's Encrypt 17:45 ▶️Acme challenge 19:30 ▶️Adding Acme challenge string into DNS record //FOLLOW ME HERE/...
DOM XSS in jQuery selector sink using a hashchange event
Переглядів 223 місяці тому
In this video, I'll guide you through my approach to solving [DOM XSS in jQuery selector sink using a hashchange event] from PortSwigger Web Security Academy. //REFERENCES// portswigger.net/web-security/cross-site-scripting/dom-based/lab-jquery-selector-hash-change-event portswigger.net/web-security/cross-site-scripting/dom-based //FOLLOW ME HERE// Website: bradsen.com Github: github.com/bradse...
Reflected XSS into a JavaScript string with angle brackets HTML encoded
Переглядів 344 місяці тому
In this video, I'll guide you through my approach to solving [Reflected XSS into a JavaScript string with angle brackets HTML encoded] from PortSwigger Web Security Academy. //REFERENCES// portswigger.net/web-security/cross-site-scripting/contexts/lab-javascript-string-angle-brackets-html-encoded portswigger.net/web-security/cross-site-scripting/contexts //FOLLOW ME HERE// Website: bradsen.com ...
Stored XSS in HREF attribute with double quotes HTML-ENCODED
Переглядів 144 місяці тому
In this video, I'll guide you through my approach to solving [Stored XSS in HREF attributes with double quotes HTML-encoded] from PortSwigger Web Security Academy. //REFERENCES// portswigger.net/web-security/cross-site-scripting/contexts portswigger.net/web-security/cross-site-scripting/contexts/lab-javascript-string-angle-brackets-html-encoded //FOLLOW ME HERE// Website: bradsen.com Github: gi...
Reflected XSS into attributes with angle brackets HTML-encoded
Переглядів 234 місяці тому
Reflected XSS into attributes with angle brackets HTML-encoded
DOM XSS in HREF sink using source LOCATION.SEARCH
Переглядів 134 місяці тому
DOM XSS in HREF sink using source LOCATION.SEARCH
DOM XSS in innerHTML sink using source LOCATION.SEARCH
Переглядів 354 місяці тому
DOM XSS in innerHTML sink using source LOCATION.SEARCH
DOM XSS in DOCUMENT.WRITE sink using source LOCATION.SEARCH
Переглядів 234 місяці тому
DOM XSS in DOCUMENT.WRITE sink using source LOCATION.SEARCH
How to Install OpenVPN using Docker
Переглядів 2,2 тис.10 місяців тому
How to Install OpenVPN using Docker
Connect to Linux Instance from AWS Windows Server using Putty
Переглядів 7111 місяців тому
Connect to Linux Instance from AWS Windows Server using Putty
Virtual Environment in Python (venv)
Переглядів 1111 місяців тому
Virtual Environment in Python (venv)
How to install SSL/TLS Certificate in AWS Application Load Balancer
Переглядів 1,2 тис.Рік тому
How to install SSL/TLS Certificate in AWS Application Load Balancer
File transfer using SimpleHTTPServer (Python)
Переглядів 368Рік тому
File transfer using SimpleHTTPServer (Python)
File transfer from Linux machine to another Linux machine using scp
Переглядів 41Рік тому
File transfer from Linux machine to another Linux machine using scp
File transfer from Windows Machine to a Linux Machine using Powershell
Переглядів 862Рік тому
File transfer from Windows Machine to a Linux Machine using Powershell
nice one, it helped me
This is great
Very interesting.
thank you for good video.
hello there, thansk for the video. at 8:17 when I open the ssl.conf file I find it empty! I am using AmaLinux from Amazon EC2
Hi @hannoushy583 did you install the apache module mod_ssl?
Hi thanks for the tutorial, when i try ot use the simplehttpserver, i run into an error saying there is no module neame Simplehttpsserver. is there a way to bypass this?
Hi @Threecommaaclub, may I know which python version are you using?
@@bradsen currently using python 3.11
@@Threecommaaclub In python 3, SimpleHTTPServer has been merged into http.server module. You can use below command to run python http server in Python 3. python3 -m http.server
Hey! Would you be interested in doing a coding project for me?
What language is it?
Thank you 😊
Public will not work ? Elastic ip is necessary
Hi, you can assign public IP to your instance. But once you stop the instance, you will receive a new public IP when it is started. That's why we use elastic IP to make sure the public IP stays the same throughout.
@@bradsen sorry to disturb but please can you tell me how can I assign a policy to my instances if someone login in them i will get notified
You know what, immediately after posting this I did it. Thank you so much you are an absolute life saver. I have never smashed the subscribe button so hard. You deserve more recognition. Amazing work!
Thanks a ton mate! really appreciate your info.
When you did the acme-challenge, your new record propagated very fast so you hit enter in the firts window and worked. I have godaddy and the record takes hours to propagate so the continue window in aws has to be rebooted. And this happens again and again. Do you have any tip to help me with this issue?
Hello @alfonsoramirezelorriaga1153, have you tried adjusting the TTL?
@@bradsen Hello yes I have. The most that I can adjust it is down to 1/2 and hour but still the record takes longer than that to propagate.
1:09 instead of turning off defender, could you show the right way to do it with defender on?
You can add an exclusion path by powershell command. So u don't need to turn off defender.
I have a question can I do ssh in Amazon linux terminal using putty??
Are you asking if you can install putty in Amazon Linux 2?
@@bradsen yes
@@technologist908 Yup, you can. If you are also asking if you can open up the putty GUI, you have to install the Xming server first. You can check out the link below. aws.amazon.com/blogs/compute/how-to-enable-x11-forwarding-from-red-hat-enterprise-linux-rhel-amazon-linux-suse-linux-ubuntu-server-to-support-gui-based-installations-from-amazon-ec2/ I have done some something similar before for OpenSCAP. ua-cam.com/video/PFKT2sAjMlw/v-deo.html
@@bradsen can you make tutorial how to connect windows server instance into Amazon linux terminal instance using putty
@@technologist908 Okay, will update you when I'm done :)
GOD THANKS, I WAS DEALING WITH THIS FOR A MONTH NOW, THANK YOU VERY MUCH.
No problem! I'm glad it helps
love u bossssssssssssssssssss
Excellent video. You went over everything I need help with!
Thank you! I'm glad it helps
♥️😀
thanks
You're welcome!
Biggest problem is to find real ip of website hosting server or Web server which are usually behind WAF like Cloudflare Or Akamai. Please help about this real practical problem. Thanks in advance for your kind support. 😊
explained quickly 👍
Thank you for sharing these tips! Definitely gonna try this out.
You're welcome! :)
You deserve more subscribers. Exactly what I wanted to know and finally found this specific video. All other SSL/AWS videos are intended for wordpress sites, which I am not using! Thanks friend!
Thank you for your kind comments.
kek
Pls post more beginner level AWS projects brother.
Hey Harsha, thank you for you comment. What kind of AWS projects would you like to see?
🔥🔥🔥
🤗 𝓹𝓻𝓸𝓶𝓸𝓼𝓶
nice ❤️
Thank you!
thx !!
You're welcome!
how are you doing 80 port redirect to 443?
Hi Alex, I did the web redirect in my DNS record. ua-cam.com/video/6UhaYFEFiRg/v-deo.html Alternatively, you can also configure it at the load balancer or virtual host file.
Really helpful. Thank a ton 🙂
You're welcome!
Thought that was creative that you took some notes on spreadsheet.
Thank you!
Excellent video!!!! Would you by any chance have your spreadsheet available for download? That is my logic of thought and study as well and it would be absolutely helpful in studying for the AWS Solutions Architect Associate Exam! Thank you so much and keep the videos coming Brother! New subscriber here too!
Hello, thank you for your kind words and thanks for subscribing. You can download it from my blog post. www.bradsen.com/blog/2022/6/5/how-i-passed-my-aws-solution-architect-certificate-in-2-months (Scroll all the way down to download the excel spreadsheet)
This is very helpful. Thank you for sharing your exam strategies
You're welcome!
Hi Missdaly100, if you need the excel sheet for reference, you can download the excel sheet from my blog post. Please see the link below. www.bradsen.com/blog/2022/6/5/how-i-passed-my-aws-solution-architect-certificate-in-2-months
I made a mistake in the video. There is a difference between alias and environment variable. An alias holds a reference to a command and an environment variable just withholds data. discuss.codecademy.com/t/whats-the-difference-between-storing-aliases-and-environment-variables/386233
You should definitely share the excel table you made. 😭💖
Let me see what I can do :)
Hi Andraya, you can download the excel sheet from the blog post. Please see the link below. www.bradsen.com/blog/2022/6/5/how-i-passed-my-aws-solution-architect-certificate-in-2-months
Great quick breakdown!
Glad it was helpful!
thx for the tutorial. It was really usefull for me. I let you my like too
Thank you. I'm glad that it has been helpful to you.
How to customise policies with OpenSCAP base cli tool ?
Hi Rahul, based on my understanding, we can only do the customisation using the OpenSCAP workbench. If you found a way to do it using CLI, do let me know as well :) www.open-scap.org/resources/documentation/customizing-scap-security-guide-for-your-use-case/ www.open-scap.org/security-policies/customization/
I like your cause. Will visit again
Thank you!
does activating ssl on lightsail have costs $?
Hey Brendo, if you are using a free and open certificate authority like "Let's Encrypt" then it is free to use the SSL certificates on Amazon Lightsail. Just that you need to renew the certificate every 90 days. You can check out the links below. lightsail.aws.amazon.com/ls/docs/en_us/articles/amazon-lightsail-using-lets-encrypt-certificates-with-wordpress letsencrypt.org/
Nice!
thx you saved me
Thank you so much! Great video.