Hunting IDOR with Z-winK (Part 2)
Вставка
- Опубліковано 14 лип 2022
- Welcome to the fifth piece in Bugcrowd's LevelUpX series! Our speaker in the series is Z-winK. In this presentation, Z-winK will build on his latest series and will take you through a deeper dive into hunting IDOR (Insecure Direct Object Reference) for big dollars.
Want to get involved?
We’re always looking for researchers and hackers like you who have tips, tricks, and skills that you want to share with the community! If you have any questions, or would like to participate with LevelUpX, please reach out to researcher.marketing@bugcrowd.com - Наука та технологія
This is one of the few videos that is legitimately teaching actual knowledge. Hoping his channel would come back.
One of the cleanest easy to understand videos on the topic!! 💯Bravo
Thank you man , thats so amazingly helpful ❤
Great video!!! Loved the phrase "It doesn't require rocket surgery" :)
Great explanation! Thanks Z-winK😁🙌✌💪
thanks for the amazing video!
please make more content about another vulnerabilities.
Great video!
In my research into hacking APIs, rarely do I find IDs in the GET request. If I see any ids they are highly encoded in the cookie. What do you do when you see this?
thank for information bro you are great
Awesome video 😄 ❤.
I like when ryan reynolds himself teachers IDOR !! Just Awesome !!
Nice tutorial. I have been having content issues with my hmdi connected speaker and subwoofer. No soft is coming through, still coming out of
where is part1
very helpful video
very very gooood, thaaankss maan
Thank-you ✨
Z-winK, when you are testing for idor, which are not numerical values can you irritate over the list not exposing sensitive information?🤔
26:51 Damn, that's cool
Ty
Favorite bugs 🐛
project a lot because I've been working on other stuff (and being lazy lol). Also, I had been facing a recurring problem of content dropouts in
Where is part 1 plz
where is part 1
What is this site/ others?
How to works in this site?
plz help me.
Please what about the cookie swap with accounts
I procrastinated for 6 years
Where is first part ?
In his own channel
The GMS that you use here is completely different softing than the one I use even though I'm using tNice tutorials exact software, why is tNice tutorials?
I want to start bug bounty...
And I just don't wanna start, I also want to find bugs,
So first I have to learn then I will do this
so where do i start learning.
Portswigger Web Academy is a good place to start.
@@wardellcastles +1
All his videos are gone
Why ?!
!
lmao XDDD
If you saw api/detaback/?ad_id=1234577