amazing, this could be probably one of the biggest information that i have ever been given..the way how you explain is an amazing..we need such playlist more and more in upcoming days
People were getting jealous of Bugcrowd sponsoring ...now Intigriti has sponsored ...and soon Hackerone will ...to hell with them 😂😂...keep up the good work 👍🔥
Aweeome . Just awesome . For noobs like me who are just starting in bug bounty . This is the place where we can learn basics in depth. Thanks . Please keep posting more such practical videos .
Isn't OAuth is for authorization part only? the 'Sign in with' buttons use OpenID Connect protocol not OAuth. Although nowadays people use these terms interchangeably .
OpenID Connect is a layer that's built on top of OAuth... you can check this here developer.okta.com/blog/2019/10/21/illustrated-guide-to-oauth-and-oidc
can you make a video on your journey of how you became a hacker i want to learn to do all of this stuff but really don't know where to start with .please make a video on it. and if you can refer to any video on youtube .i mean for learning.
are GAJAB lots of love dear stay safe but kabhi video thoda hindi meh bhi bana dena toh aapke susbcribers bhi jada jldi grow karenge hope u got it my point and thanks for this video. by @MR CYBERTRON YT
Thank you for this video! Is it possible for you to do a tutorial on how to create a live web server similar to the one you showed in this video that captures vulnerabilities like the OAuth access token?
So if i want to get details of a user on client side of the application using an ajax call and display those same details to the user then it is an authorisation code grant example right?
I am getting warning as: Warning: missing space before text for line 14 of jade file "/usr/src/app/views/login.jade" And not able to authorize the request. can someone help me with it please :) ?
Hi, I am your big follower. I have started new in this bounty. Can you tell what about Automated Scans? Every where I got out of scope this Automated Scans. Please I need some help.
Basically, programs mark automated scans as out-of-scope findings because they create too much noise on the server and result in the discovery of bugs that are known or false positives. It's best to not rely on automated scans for bug bounties.
@@FarahHawa thank for very good reply. Takr my respect. You are like my sister. Really I am appreciate to you and your channel. I started bug bounty. But I am not getting any path how to start. What kind of toolsa I will use? Can you help me little bit. Really I am stuck. Thanks for your reply and respect.
what if we replace the state parameter value with other account state value,and the account logged in ?. is it still consider as OAuth missconfiguration?
hello mam. I have encountered that while signing again, the website is sending an OTP to my previous device, not on my number in the new device. I once had an account on that website that was deleted due to inactivity. is it a flaw to be explored?
Just wanted to know the specs of your laptop..?? And if you're comfortable,i want to know that..... How you make thumbnails😰😰😰😰😰its looks damn! Cool! :'??
Hi dhidhi . I'm completely a zero level beginner intrested in learning about ethical hacking and I was on search of finding people who could suggest me possible ways of learning things from beginning and I found your profile in linkedin . Please could you suggest me some youtube tutorial for learning hacking from very basic level .
ua-cam.com/channels/PiN9NPjIer8Do9gUFxKv7A.html , ua-cam.com/channels/QN2DsjnYH60SFBIA6IkNwg.html and ua-cam.com/channels/CZDt7MuC3Hzs6IH4xODLBw.html are all great
Awesome 😊😊.Nice video. I too wanna to become bug bounty hunter. Which topics should I start to read in web application hackers handbook? and which topics just to leave? Please answer.
@@gowthamvyasmalkari4511 you can do it in a few months tbh. I was doing a little bit of coding, reading handbook, labs and blogs everyday. Give 1-2 hours to each resource and you can be done in 2-3 months if you're a fast learner.
Shez doing a great job on youtube cuz to get sponsors within just
amazing, this could be probably one of the biggest information that i have ever been given..the way how you explain is an amazing..we need such playlist more and more in upcoming days
People were getting jealous of Bugcrowd sponsoring ...now Intigriti has sponsored ...and soon Hackerone will ...to hell with them 😂😂...keep up the good work 👍🔥
No one jealous. all are belong in hacker world.
@@graycybermonk3068 HAHA STOP KIDDING BUDDY
Have been having issues comprehending Oauth, this video is a problem solver thanks farah ❤️
You’re welcome 😊
Yaw Farah This Is Just Awesome, Brief And Useful That's Why I Love What You Are Doing, Keep It Up And Stay Safe .
You are good with knowledge and theoretical stuff, your videos gets me into reals basics of topics
Aweeome . Just awesome . For noobs like me who are just starting in bug bounty . This is the place where we can learn basics in depth. Thanks .
Please keep posting more such practical videos .
Your videos are amazing. Simply to understand and very explicative.
Farah you are doing great! Very informative video. You taught so many things in just 10minutes.
Excellent, and very good command over Knowledge
Great Teaching Style. Loved Your Contents.🤗
Make an video on best course for beginners in ethical hacking
Awesome.. loved the way you teach the concepts and the labs!! Keep it up!
Beautifully explained hope to get more knowledge from you girl.More power to you
Can you make a video on your cyber security journey ??
...............................................................
Video is good👍👍
Isn't OAuth is for authorization part only? the 'Sign in with' buttons use OpenID Connect protocol not OAuth. Although nowadays people use these terms interchangeably .
OpenID Connect is a layer that's built on top of OAuth... you can check this here developer.okta.com/blog/2019/10/21/illustrated-guide-to-oauth-and-oidc
@@FarahHawa Thanks for clarifying
Great job. Thanks man. Now I am clear.
How old are you? Don't think you are out of school yet. But, amazing grasp of the subject. Kudos!!
can you make a video on your journey of how you became a hacker
i want to learn to do all of this stuff but really don't know where to start with .please make a video on it.
and if you can refer to any video on youtube .i mean for learning.
Such a nice explanation 👍
thank you so much dear for such a wonderful explanation
once again simple and good explanation.
Spot on!!. Simply amazing. Thanks for sharing :)
Thanks for the tutorials
Very good video, presentation is understanding quiet easily.
I learned something today.💯
Thanks.
Good for beginner like me 👍 .... Please make an advanced level video also
Plzz make a videp about recon
are GAJAB lots of love dear stay safe but kabhi video thoda hindi meh bhi bana dena toh aapke susbcribers bhi jada jldi grow karenge hope u got it my point and thanks for this video.
by
@MR CYBERTRON YT
Hi Farah can you please tell the impact of the csrf one and reuse of token and also there severity category?
Btw nice video
Hi Farah, Do you take session on the bypass techniques for Saml, Oauth ,oidc..I am very much interested.
Please make hindi vedio
awesome video, keep it up. you earned a sub !
Thanks for the sub!
nice explanation. Thank you
Really a good video!
Make more videos please I love them and I want to be just like you
Can you Please upload more about oAuth Vulnerability
In websites with more detail.
Thank you for this video! Is it possible for you to do a tutorial on how to create a live web server similar to the one you showed in this video that captures vulnerabilities like the OAuth access token?
Bhai yeh kittiiiee Awesome hai.. 😍😘
😘❤️❤️🔥🔥
Wow 10k congrats your channel has grown so fast earlier this year I had like 1 or 2k subs
Thank you Farah. Very useful explanation and amazing demos. Keep up the great work.
the best source(it may piad too) learn hacking and related, and where you learn all these things
awesome explanation as always :)
Nice work thanks for this video
Farah this helps me a lot but can u plzz make a vedio on subdomain takeover
ua-cam.com/video/67chVkq3g0M/v-deo.html
Thanks it's good info for developers as well to improve there application security 🔒🔒🔒 thanks ❤❤❤❤ again.
Very much appreciated
Nice video, thanks you so much
great explain sister
Excellent work. Very informative. But please don't use music. 👍
Awesome work :D
So if i want to get details of a user on client side of the application using an ajax call and display those same details to the user then it is an authorisation code grant example right?
Sooper videos
Thank you!
I am getting warning as: Warning: missing space before text for line 14 of jade file "/usr/src/app/views/login.jade"
And not able to authorize the request.
can someone help me with it please :) ?
Please Make Playlist On Bwapp,Dvwa
Excellent work :)
Great work Farah!
Hi, I am your big follower. I have started new in this bounty. Can you tell what about Automated Scans? Every where I got out of scope this Automated Scans. Please I need some help.
Basically, programs mark automated scans as out-of-scope findings because they create too much noise on the server and result in the discovery of bugs that are known or false positives. It's best to not rely on automated scans for bug bounties.
@@FarahHawa thank for very good reply. Takr my respect. You are like my sister. Really I am appreciate to you and your channel. I started bug bounty. But I am not getting any path how to start. What kind of toolsa I will use? Can you help me little bit. Really I am stuck. Thanks for your reply and respect.
Can you help me with resources to study about advanced SQL
I also want to study but didn't found something better.
which ubuntu distribution are you using
Awesome ...!!
what if we replace the state parameter value with other account state value,and the account logged in ?. is it still consider as OAuth missconfiguration?
Yes!
@@FarahHawa Thank you!
Hey I learn lot from You !
Can you create how we exploit dom based xss or any dom based issue
Where did you find your information? :)
Which lab are you using ?
Much Appreicated . :)
hello mam. I have encountered that while signing again, the website is sending an OTP to my previous device, not on my number in the new device. I once had an account on that website that was deleted due to inactivity. is it a flaw to be explored?
excellent 🤗
Wow. Such a beauty and skills is just
Awesome
You should add subtitles
what is your ug course?
Love u bro
Great job+great content
I really appreciate her work❤
her* Thank you!
@@FarahHawa noted👍
Just wanted to know the specs of your laptop..?? And if you're comfortable,i want to know that..... How you make thumbnails😰😰😰😰😰its looks damn! Cool! :'??
8gb ram, i5 processor. I do have another laptop with better specs but this one does it for me on most days. Thanks, I use Canva to make thumbnails :)
Not a fan of the background music Farah. Great video tbh!
Can someone explain the impact of reusing access tokens?
awesome
Apne hacking kaha se sikha ??
Hi dhidhi . I'm completely a zero level beginner intrested in learning about ethical hacking and I was on search of finding people who could suggest me possible ways of learning things from beginning and I found your profile in linkedin . Please could you suggest me some youtube tutorial for learning hacking from very basic level .
ua-cam.com/channels/PiN9NPjIer8Do9gUFxKv7A.html , ua-cam.com/channels/QN2DsjnYH60SFBIA6IkNwg.html and ua-cam.com/channels/CZDt7MuC3Hzs6IH4xODLBw.html are all great
@@FarahHawa thank you ! So much
thx
Hey appreciate your skill & teaching skills.....
I've cleared my 12th, please advise me what should i do to get cyper security
Hello, I need your help please
Awesome 😊😊.Nice video.
I too wanna to become bug bounty hunter.
Which topics should I start to read in web application hackers handbook? and which topics just to leave?
Please answer.
Please make a videos on this.Thank u
Everything up till chapter 13 is mostly relevant
@@FarahHawa how much time do u think for a beginner to a bug hunter by the resources u mentioned in the first videos.
How many years took it for u ?
@@gowthamvyasmalkari4511 you can do it in a few months tbh. I was doing a little bit of coding, reading handbook, labs and blogs everyday. Give 1-2 hours to each resource and you can be done in 2-3 months if you're a fast learner.
@@FarahHawa hi farah u havent hunted a single bug .U will face massive trolling
Really informativel video Farah 💯
So glad it helped!!
Love to watch your videos and also learn a lot from your video:)
That's great! Thank you for watching!
nice sister
wow. you are just amazing.
Nice video . You have helped me a lot .
Great work Farah! So you're from Commerce background how did you come to hacking?
She attacks, she protects (with help of bug bounties) and most importantly she hacks ;D great job again well explained video.
an awesome detailed written guide here decatechlabs.com/oauth2-explained-and-how-oauth2-works-oauth-in-action
god level knowledge
Well Explained!!! Why do you use ubuntu instead of kali linux??
thank you! I use both, but the lab required Docker and that's set up on my Ubuntu box.
@@FarahHawa ohk nice. Waiting for the next series of vdos. keep 'em coming
Nice explanation, keep sharing 👌
Your great in teaching ... Cyber security researcher
Thank you so much!!
Beauty with Brain ⚡
👏👏👩💻🧙♀