This is a really good point on how coding is not the same as software engineering. There’s core principles you need to know before even touching the keyboard.
These are all good points, apart from absolutely no one should have their uploads directory executing PHP in the server configuration, you cant really help that from the app code.
This immediately made me think of ChatGPT playing Capture The Flag in Unreal Tournament ('99, I'm old). Imagining ChatGPT trash-talk during a round of UT CTF made me chuckle. God I miss that game.
i have been following ur videos, i have few questions, can help to answer please, i know may be many have asked these for u before. please kindly answer these. a) what is the best OS used by Red Team? b) Is it best to setup OS on VM or on external disk? c) i hear if we setup OS on external SSD or VM it cannt access gpus if needed for brute force attack. Is it real? thanks lot in advance
Can you make a video on how to find anyway to hack into your website so you can fix it. I’m just starting to make html websites but I want to make sure there secure
This is quite good content. It’s very interesting to see how hackers could exploit a website. I had no idea and it looks easy. Do you think that this will also be true in nowadays technology? Most places I’ve worked at use nextJS which runs on a node server. Could you hack node server next? 🙏
@@yeetyeet7070 do you know the amount of different disciplines within web development? Security and backend are not my thing. Nor do I want it to be. But seems like with your reply you think a one person can make a website. Maybe for Wordpress or other equality simple things but that’s not the type of work I do.
One person sure can. I didn’t claim otherwise. I mention web development has multiple disciplines (even beyond frontend/backend) and because security, “forms”, authentication, API or databases isn’t my specialisation, I found the content of this video interesting enough to comment. Ur comment doesn’t respond to my question. But thanks for ur opinion.
@@yeetyeet7070cool, go make a fully functional multi-national e-commerce website by yourself from scratch then. Good luck. Let me know when you’re done in 7 years.
I've been following you since I heard about you back during the unfolding of your history with the FBI, but you being a software engineer is news to me. Did you get a degree in software engineering or did you mean developer? I ask just because I remember reading about you as a coding savant with no mention of your formal (e.g. University) educational achievement, and Engineer is a legally protected title like Doctor. This isn't in any way meant negatively, I'm just curious. 😊
@@MalwareTechBlog Ah, I just looked it up because that didn't sound correct to me. (In many states, boy I'm glad to be Canadian - it's less complicated here) it's protected if you're licensed and certified, holding the title Professional Engineer and working a public sector job, whereas if you work in the private sector you're covered under a historical exemption claus, I understand now! Thanks for your reply Marcus, I learned something new! 😊
I want to learn coding but I'm getting old, my worry is that the rise of ChatGPT makes me think by the time I reach an entry level understanding ChatGPT will be miles beyond what I can do.
Its time to start HTB (Hackthebox) you can learn all you need about website penetration with modules dedicated to being like a game. Its amazing and you can use it to get certified in multiple areas that will help you not only get a job in cyber security, but also start doing some bug bounties and helping people while getting paid for it.
I feel like you're learning to run before you crawl- you wont need to use chatgpt for years and by time you can, imo it will be loads better. Just get into it if you want and dont overthink. If you're anything like me you'll have a blast (especially if you have a good amount of spare time on your hands)
Always had a question, if I have an average to Below average, shall I kill myself? Since, I want to be into hacking. Reverse engineering, scripting, assembly, debugging and hardware phreaking seems way above my IQ's league
huge linux fanboy here but the ppl in the chat demanding you use linux are annoying af... y'all don't harass streamers about their tech preferences??? you're literally watching streams on youtube or twitch, don't throw stones in glass houses
Sorry buddy I’m just chilling lol I love it buddy I just don’t don’t know how how long I was like I was going on a walk and and then he got mad and then he threw up my feet and I got a knife lol I got it and got a lot more lol I was just going on the same way way lol I got got
Saw your biography on CRUMB, you're a legend!
Ha!!! I literally just saw that and came over. I’m a Electrician but I like watching channels like this
me2
This is a really good point on how coding is not the same as software engineering. There’s core principles you need to know before even touching the keyboard.
this is comical cause i can just imagine how mmany people have jumped on the chat gpt bandwagon for productivity
how may important websight do you think are made with ChatGPT lol
What you can also do is to open the file and force read everything instead of just the header. If any strings contain "
And then the user uses a user agent spoofing extension and proxies lol
PHP and security aren't usually two things that go hand in hand.
These are all good points, apart from absolutely no one should have their uploads directory executing PHP in the server configuration, you cant really help that from the app code.
sorry for necropost. this is so true. still, the points are valid.
Good work👍
Really nice👍
God bless you Marcus!
I wonder if it's possible to have a CTF that have some of it's challs to be generated from GPT-4
This immediately made me think of ChatGPT playing Capture The Flag in Unreal Tournament ('99, I'm old). Imagining ChatGPT trash-talk during a round of UT CTF made me chuckle.
God I miss that game.
Have you comment on A.I. concerns or optimism? If so, can someone link?
i have been following ur videos, i have few questions, can help to answer please, i know may be many have asked these for u before. please kindly answer these. a) what is the best OS used by Red Team? b) Is it best to setup OS on VM or on external disk? c) i hear if we setup OS on external SSD or VM it cannt access gpus if needed for brute force attack. Is it real? thanks lot in advance
Instructive !
Can you make a video on how to find anyway to hack into your website so you can fix it. I’m just starting to make html websites but I want to make sure there secure
This is quite good content. It’s very interesting to see how hackers could exploit a website. I had no idea and it looks easy. Do you think that this will also be true in nowadays technology? Most places I’ve worked at use nextJS which runs on a node server. Could you hack node server next? 🙏
oh boy, developers that don't understand the bare minimum of web attacks
gg internet.
@@yeetyeet7070 do you know the amount of different disciplines within web development? Security and backend are not my thing. Nor do I want it to be. But seems like with your reply you think a one person can make a website. Maybe for Wordpress or other equality simple things but that’s not the type of work I do.
@@andrevenancio lol xD of course one person can make a website, front-end and backend.
One person sure can. I didn’t claim otherwise. I mention web development has multiple disciplines (even beyond frontend/backend) and because security, “forms”, authentication, API or databases isn’t my specialisation, I found the content of this video interesting enough to comment. Ur comment doesn’t respond to my question. But thanks for ur opinion.
@@yeetyeet7070cool, go make a fully functional multi-national e-commerce website by yourself from scratch then. Good luck. Let me know when you’re done in 7 years.
this is INSANE!!
great video
I've been following you since I heard about you back during the unfolding of your history with the FBI, but you being a software engineer is news to me. Did you get a degree in software engineering or did you mean developer? I ask just because I remember reading about you as a coding savant with no mention of your formal (e.g. University) educational achievement, and Engineer is a legally protected title like Doctor. This isn't in any way meant negatively, I'm just curious. 😊
It's not legally protected
@@MalwareTechBlog Ah, I just looked it up because that didn't sound correct to me. (In many states, boy I'm glad to be Canadian - it's less complicated here) it's protected if you're licensed and certified, holding the title Professional Engineer and working a public sector job, whereas if you work in the private sector you're covered under a historical exemption claus, I understand now! Thanks for your reply Marcus, I learned something new! 😊
@@scbtripwire also note that he's originally from the UK
@@v380riMz His accent kind of gives that away. 😋 Engineer is a protected title there too though. 🙂
No it isn't
I want to learn coding but I'm getting old, my worry is that the rise of ChatGPT makes me think by the time I reach an entry level understanding ChatGPT will be miles beyond what I can do.
Its time to start HTB (Hackthebox) you can learn all you need about website penetration with modules dedicated to being like a game. Its amazing and you can use it to get certified in multiple areas that will help you not only get a job in cyber security, but also start doing some bug bounties and helping people while getting paid for it.
I feel like you're learning to run before you crawl- you wont need to use chatgpt for years and by time you can, imo it will be loads better. Just get into it if you want and dont overthink. If you're anything like me you'll have a blast (especially if you have a good amount of spare time on your hands)
A problem for now. Soon it won't be because this GPT-4 will look like a joke in a few years.
Not the best test. Always ask chatgpt followup prompt to fix all security holes and edge cases
I recommend you cut your webcam so its only just you because I could barely read the Network details when you looked at those.
Always had a question, if I have an average to Below average, shall I kill myself?
Since, I want to be into hacking. Reverse engineering, scripting, assembly, debugging and hardware phreaking seems way above my IQ's league
Just go for it.
Banger Hoodie
Rule is, use chat gpt for ideas, use your brain to actually program
huge linux fanboy here but the ppl in the chat demanding you use linux are annoying af... y'all don't harass streamers about their tech preferences??? you're literally watching streams on youtube or twitch, don't throw stones in glass houses
Sorry buddy I’m just chilling lol I love it buddy I just don’t don’t know how how long I was like I was going on a walk and and then he got mad and then he threw up my feet and I got a knife lol I got it and got a lot more lol I was just going on the same way way lol I got got
Dont do drugs kids, also "nazi punks fuck off volume 1."
Man your a hero saved the world billions of dollars your amazing
bug hounting going to go brrrrr after all this losers start doing web apps with chat gpt