Being able to explain your trade in plain terminology is a multi-faceted indicator that you are not only truly knowledgeable, but also resident to an area suiting your intellect and skill set. Proficiency. Totally agree with you MD. Good on David for spotting Rana. 11/10
Also never bother to reply students... I understand she might be busy but still doesnt look good for a teacher... To me she looks arrogant... No complaints about her courses...
I love her presentation as she is very concise and thorough breaking everything down. Her level of organization is impecable. I don’t know much about hacking or web security. However, I’ve always wanted to learn so I’m definitely signing up for her course. Thank for bringing her on Mr. Bombal. I really enjoy watching your channel and I have been learning quite a lot. Cheers!
Awesome introduction to the topic of Web Sec & hacking the web. Good call on spotting Rana to address the topic David - kudos fella! Another topic in the domain I would like to see addressed is exploiting latency to get in the door; latency is exploited in gaming and is very much a real-world technique employed by hackers trying to lull servers into a more time lenient state potentially allowing them (hackers) a larger window of opportunity. Everybody has to deal with latency especially concerning connections over larger WAN and is a growing problem and most likely at the root of governments (globally) addressing connections from outside their countries in a manner that most employ VPN services to bypass. Web Sec is definitely an interesting and very valuable topic for anyone creating anything that consumes anything over a network connection, but many if not all techniques benefit localized application development (like desktop apps). Good vid!!!
It will be awesome if Rana returns on your channel to teach and demonstrate code security. Often than not it is usually not clearly explained. I believe with Rana at the helm of this topic, clarity on this will be assured. Thanks David for all you do for the community.
There is a book called, "Writing secure code"; it was a required reading at Microsoft for a while. It goes over subjects such as Buffer Overflows, access control, running with least privilege, etc. You can pick it up on Ebay for cheap.
i think rana khalil is the best teacher of cyber security on youtube ,,, thanks for her and thank you david for inviting her ,,, keep up the good job both of you
This was a great segment on BAC. Rana does an amazing job of explaining the issues and the processes to test for said issues. I sort of equate the Multistep issue to having a building with a security guard, mantrap room, front desk clerk and then a lock on the door of the room with all of the goodies... If all you had was the security guard at the door and nothing else, because you figured that was enough, it would be much easier to get into the room with all the goodies if you managed to trick the security guard. As always, please keep the amazing content coming. Because it's very much appreciated by everyone!
A brilliant presentation. Rana has a very good way of explaining things. I particularly liked the way she gave a realife example of the online shopping session management vulnerability.
Very good video, really like the way she explains and the way you interacted with her! Hope to see more collaboration between you two a near future, particularly dev stuff!
David i was going to say something about her great teaching techniques but, after looking at comments, looks like it a majority vote shes great at explaining in laymen terms and simplify, very nice job.
Yeah definitely bring Rhanna back she's cool at explaining it in simple terms that easy enough to understand for people like me. Really appreciate it alot! Thank You xx
Love you from Pakistan sir. I watched your videos you give so much interesting knowledge about linux and others hacking tools .I am student but i have to manage time for your videoss. 😍
Thanks David for hosting Rana, I toke the chance and used the promotion code :) Thanks Rana for the valuable information and the your ability to simplify the concepts with examples. Regards,
Wow. Excellent video David and Rana 🙂. Very good information for pentesting beginners and developers. I remember that in 2013/2014 I had to make a website with access control on my job at that time for private access for a client. It was made in PHP and it was my first web programming experience. I googled a lot at that time about how to make the site secure but I couldn't find much information about it or the information was too disperse. I hope they are not using that site anymore, it must be a swiss cheese of vulnerabilities.
Dear David ! Your continues efforts with regard to the security awareness / knowledge sharing is extraordinary & remarkable. Thank you so much for making this content.
Thank you David for putting so much time and effort in creating these wonderful videos. Also many thanks to you too Rana for your fantastic and “easy to digest” presentation. You guys are fantastic. ❤🙏🏼👍🏼
hey David, am confused here, am a beginner my Lecture gave me this assignment and don't understand anything. three different questions are; Research on switch statement Shortcut method Software development cycle.
Dave you brought up a great point by requesting her to come back and code. I think someone who can blend the two would be great. Like 'when coding html what to not do. Java, what to not do, what to look for. I am only 15 minutes in the video right now, so maybe soon
I love David Bombal, I try to watch everything he puts out. I just finished a CompTIA Net+, Sec+, and CCNA courses through the VA at an IT school for Veterans. Have applied to over 115 jobs in the past 2 months. Can't get a job anywhere. Everyone wants you to have a PHD for an entry level IT job. It's depressing and discouraging out here! So desperate for someone in IT somewhere to give me a chance to get started. Can't get a job without experience, can't get experience without a job. Yay :(
The palestinian flag was copied from the Jordanian flag in 1964 (1964 comes after 1948), copied by Egyptian born murderer yasser arafat who invented the so called palestinian state, a hoax that never existed palestinians want a state INSTEAD of Israel, they don't want and never accepted a 2 state peaceful solution
Woww.. What a nice final thought.. "Education Should Be a Right, Not a Privilege" For me it's even more motivating to give money to someone who is not forcing you to do so (if you want the content).
David, and Rana thank you for the content. I am expecting more collaboration on web application security topics. Thank you again. A small question, WAF cannot help to prevent attacking a webiste?
that greenscreen bleed. she explains everything so well. she is a true professional. but man. even if she did record from a boring normal-people bedroom or whereever.. these fake-backgrounds (not just hers) make everything so much less authentic. if i had these skills, i would go: you know what, i'm streaming from a tiny closet, whatever. the things i say are important and not the room i'm in.
Hi David: Im not nearly as technical. But, most often the UA-cam videos you post are understood in concept. That said, what about defenses against mobile and desktop duplicating apps? In terms of research, the only options to match my then abilities are encryption on a live desktop. Not via Point-to-point or across within the IIP stack.
she is amazing and yes please bring her back again thank you and if possible if its ok for her to speak a bit more about oscp examination like how difficult it was in more details and what content can help someone like me to get closer to oscp please
Wow, that's absolutely amazing! Because she's prepared! The slideshow and these powerpoint slides! Great! Thanks David! now I'm subscribing to her channel as well!
Yes David some developers are watching also so thanks for highlighting this point and to assure that we have to know this when we build any kind of application, You are amazing Thanks and love from Syria
I can only recommend the book "Web Security for Developers: Real Threats, Practical Defense", this is explained in few pages. I like exemples during conferences, but they are often over-simplified : / A real exemple with anonymized data would be great
Awesome videos. I could watch you for hours. I would love to see a video on how to do penetration testing on the Tor network. It's all a bit different via an Onion address.
Super awesome!! I would also like to switch from Forensic to Bug Bounty, do you have a tip for a beginner like me, how and where you acquired your knowledge? Thank you my friend
Thank you very much Mr David and Ms Rana for a very useful and lucid session. I will join the web course sometime next month. I hope the 50% offer is open till then. Thanks and regards
This was a brilliant. One question though, was the labs have been updated? Do you need to use burb suite to do the labs or simply just dev tools? I was trying the first lab, and the request doesn't have the required query parameter.
Another example if there is not a window, is maybe the door is locked but no barrier in the wall more than 2 pieces of sheetrock to easily break through.
WE WANT RANA TO COME BACK AND THEACH US ABOUT SECURE CODE WRITING, PLEASE!!!! Pd = Thank you, thank you, thank you for this high quality content... The dedication and commitment to transmit knowledge and help other people to discover and understand new knowledge is truly invaluable ♥
David I am very thanks of watching your outstanding video I am working on Application security auditor in my country Ethiopia and your videos helping me so good thnks
Hello sir ! U will continue the serie large network? Ep13 is missing too .it helped me a lot hope u will add mpls with multiples area's .really like ur videos !
I love how she explains everything in clear understandable language. A true beginner course. 👏
Being able to explain your trade in plain terminology is a multi-faceted indicator that you are not only truly knowledgeable, but also resident to an area suiting your intellect and skill set. Proficiency. Totally agree with you MD. Good on David for spotting Rana. 11/10
so much. that its actually ok to run it at 1.25x you will barely noticed it is "sped up" :)
Bet u are one
I just started getting into bug bounty and this is perfect for me. Btw yesterday I found my first bug.
Congrats, such a huge thing. What did you find and in what site btw
@@0x3v4d3r Thank you! 😀 . I can't say the name of the company because they don't allow vulnerabilities to be disclosed but It was an open redirect.
Congratulations Gabriel! Well done! Very happy to hear that the video is what you want to watch :)
@@davidbombal Thank you David! Your videos are amazing! Can't believe you put out all this for free
Congrats. May please explain some tip of your open redirect bug. I am also learning may this helps. Thanks
She is a very good teacher, I am glad she is going over the basics.
Agreed Donald. She takes you from zero to hero with her content. She's fantastic.
Yes totally agree
Also never bother to reply students... I understand she might be busy but still doesnt look good for a teacher... To me she looks arrogant... No complaints about her courses...
1000% agreed
@@wordonthestreets3298 How would you know?
I love her presentation as she is very concise and thorough breaking everything down. Her level of organization is impecable. I don’t know much about hacking or web security. However, I’ve always wanted to learn so I’m definitely signing up for her course. Thank for bringing her on Mr. Bombal. I really enjoy watching your channel and I have been learning quite a lot. Cheers!
Awesome introduction to the topic of Web Sec & hacking the web.
Good call on spotting Rana to address the topic David - kudos fella!
Another topic in the domain I would like to see addressed is exploiting latency to get in the door; latency is exploited in gaming and is very much a real-world technique employed by hackers trying to lull servers into a more time lenient state potentially allowing them (hackers) a larger window of opportunity. Everybody has to deal with latency especially concerning connections over larger WAN and is a growing problem and most likely at the root of governments (globally) addressing connections from outside their countries in a manner that most employ VPN services to bypass.
Web Sec is definitely an interesting and very valuable topic for anyone creating anything that consumes anything over a network connection, but many if not all techniques benefit localized application development (like desktop apps). Good vid!!!
very clear and just enough pace on how she explain the topics really makes you listen and understand more of what she's teaching.
This is not only educational, as well as entertaining also. Thanks for doing amazing collabs.
Being a full stack developer I loved this video and her way of teaching is simply awesome.Thanks David for introducing us to such an amazing teachers.
It will be awesome if Rana returns on your channel to teach and demonstrate code security. Often than not it is usually not clearly explained. I believe with Rana at the helm of this topic, clarity on this will be assured. Thanks David for all you do for the community.
yea I'm a better coder than hacker. would be nice to see that.
There is a book called, "Writing secure code"; it was a required reading at Microsoft for a while. It goes over subjects such as Buffer Overflows, access control, running with least privilege, etc. You can pick it up on Ebay for cheap.
i think rana khalil is the best teacher of cyber security on youtube ,,, thanks for her and thank you david for inviting her ,,, keep up the good job both of you
This was a great segment on BAC. Rana does an amazing job of explaining the issues and the processes to test for said issues.
I sort of equate the Multistep issue to having a building with a security guard, mantrap room, front desk clerk and then a lock on the door of the room with all of the goodies... If all you had was the security guard at the door and nothing else, because you figured that was enough, it would be much easier to get into the room with all the goodies if you managed to trick the security guard.
As always, please keep the amazing content coming. Because it's very much appreciated by everyone!
I love the way she explains these concepts so smooth and easy to grasp. We need to see more of her
A brilliant presentation. Rana has a very good way of explaining things. I particularly liked the way she gave a realife example of the online shopping session management vulnerability.
If only she could teach me a course on Web Hacking i would learn. She explains it so effortlessly. Make it look so simple.
The course is free on her UA-cam channel. Use the link in the video description and subscribe to her channel for lots of amazing content.
@@davidbombal what’s the difference between the paid course on her website and the yt videos on her channel ?
@@mal3k_xd Content is same but with paid course you will get early access to the videos
That timer for the ad really makes a difference - makes it feel like my time is respected.
I would looooooove an episode covering access control and coding examples, really educational show. I learned a lot! Thank you both!
Very good video, really like the way she explains and the way you interacted with her! Hope to see more collaboration between you two a near future, particularly dev stuff!
It's so weird to see the person behind her voice haha i started off by watching her videos. Thank you rana for making such great quality content
Rana is amazing!
I started off with ok… another hacker… and then 10 minutes later, I was like oh S***! THIS IS IT. THANK YOU both David and Rana. Great job
David i was going to say something about her great teaching techniques but, after looking at comments, looks like it a majority vote shes great at explaining in laymen terms and simplify, very nice job.
Thank-you David for having Rama on your channel!! You always offer diversity among your guests. She is a fantastic teacher, much like yourself!!
Yeah definitely bring Rhanna back she's cool at explaining it in simple terms that easy enough to understand for people like me. Really appreciate it alot! Thank You xx
thank you rana and david for providing so much value ,keep on grinding the stuff
You're welcome :)
I would love to see Rana code live on the site. Thanks David!!!!
Love you from Pakistan sir. I watched your videos you give so much interesting knowledge about linux and others hacking tools .I am student but i have to manage time for your videoss.
😍
ANd also thanks both of you .
Thanks David for hosting Rana, I toke the chance and used the promotion code :)
Thanks Rana for the valuable information and the your ability to simplify the concepts with examples.
Regards,
Thank you David and Rama. I would love to see Rama come back to talk about coding.
Wow. Excellent video David and Rana 🙂. Very good information for pentesting beginners and developers. I remember that in 2013/2014 I had to make a website with access control on my job at that time for private access for a client. It was made in PHP and it was my first web programming experience. I googled a lot at that time about how to make the site secure but I couldn't find much information about it or the information was too disperse. I hope they are not using that site anymore, it must be a swiss cheese of vulnerabilities.
Dear David ! Your continues efforts with regard to the security awareness / knowledge sharing is extraordinary & remarkable. Thank you so much for making this content.
Thank you Rana and David. Rana you have an amazing gift of knowledge and teaching. Rana you are amazing!
Really great teacher and talk thank you David and Rana will deffinatly buy the course next and do the web application hacking course :)
a truly beginner course but the way she explain made it very easy huge respect for that beautiful soul
Another incredible video. Thanks man for putting so much effort in order to reduce ours.
You're welcome Rahat! Rana is amazing.
She's explaining using a very simple terms and easy to understand she's good bring her back
The teacher is really awesome, they way she explains is amazing
yaaaaay!!!! honestly i feel your channel should become a tv show. thanks for this wonderful content. thanks david! thanks Rana!!
She is an amazing teacher! Just started learning and this has cleared up a lot of questions I had
The pace is well digested with non native English speaker. Nice explanation
Thank you David for putting so much time and effort in creating these wonderful videos. Also many thanks to you too Rana for your fantastic and “easy to digest” presentation. You guys are fantastic. ❤🙏🏼👍🏼
Bring her back for code!!! This is great, I'd seen her channel before but UA-cam hasn't thrown her in my feed for a bit, but I'll be watching now!
Incredible video! 🙏🏾 Grateful! Big thanks to David and Rama for such enlightenment! Let's smash that like button and subscribe for both of them.
Thank you! Rana is amazing :)
hey David, am confused here, am a beginner my Lecture gave me this assignment and don't understand anything. three different questions are; Research on switch statement
Shortcut method
Software development cycle.
Dave you brought up a great point by requesting her to come back and code. I think someone who can blend the two would be great. Like 'when coding html what to not do. Java, what to not do, what to look for. I am only 15 minutes in the video right now, so maybe soon
I love David Bombal, I try to watch everything he puts out. I just finished a CompTIA Net+, Sec+, and CCNA courses through the VA at an IT school for Veterans. Have applied to over 115 jobs in the past 2 months. Can't get a job anywhere. Everyone wants you to have a PHD for an entry level IT job. It's depressing and discouraging out here! So desperate for someone in IT somewhere to give me a chance to get started. Can't get a job without experience, can't get experience without a job. Yay :(
Yes bring Rana back..have been appreciating her channel as well as this one...thank you..
a secure coding course !!! if its with rana khalil than yes without hesitation
am always like to hear rana talking about security ..she is one of the best for me,
thanks for make that happend david♥
She's amazing. Thank you David for this episode. Would love to see one focusing on secure code review.
Love the Palestinian necklace ❤❤❤ 🇵🇸
The palestinian flag was copied from the Jordanian flag in 1964 (1964 comes after 1948), copied by Egyptian born murderer yasser arafat who invented the so called palestinian state, a hoax that never existed
palestinians want a state INSTEAD of Israel, they don't want and never accepted a 2 state peaceful solution
Free plestine
There is no palestine
Women , just came here the necklace lol
@@zorancvetkovski8753 There is.
Woww.. What a nice final thought.. "Education Should Be a Right, Not a Privilege"
For me it's even more motivating to give money to someone who is not forcing you to do so (if you want the content).
David, and Rana thank you for the content. I am expecting more collaboration on web application security topics. Thank you again. A small question, WAF cannot help to prevent attacking a webiste?
that greenscreen bleed.
she explains everything so well. she is a true professional.
but man. even if she did record from a boring normal-people bedroom or whereever.. these fake-backgrounds (not just hers) make everything so much less authentic.
if i had these skills, i would go:
you know what, i'm streaming from a tiny closet, whatever. the things i say are important and not the room i'm in.
Rana Khalil in the house. Big fan here. Another iron lady is Katie Paxton-Fear (InsiderPhD)
Thanks for recommendations
Yes, want her back, maybe covering devsecops basics if possible. Cool video.
very good. Loved Rama with clear explanations and examples. Keep the top 5 work.
Very good keep teaching us such technology and pls recommend such nice hacking and cybersecurity related books pls love from India 🇮🇳
Hi David:
Im not nearly as technical.
But, most often the UA-cam videos you post are understood in concept. That said, what about defenses against mobile and desktop duplicating apps?
In terms of research, the only options to match my then abilities are encryption on a live desktop. Not via Point-to-point or across within the IIP stack.
Thank you, great video as always.If possible get a new video with coding.
Thank you! And you're welcome!
she is amazing and yes please bring her back again thank you and if possible if its ok for her to speak a bit more about oscp examination like how difficult it was in more details and what content can help someone like me to get closer to oscp please
Rana is the best, I’m so thrilled to see her on your channel 😁
Wow, that's absolutely amazing! Because she's prepared! The slideshow and these powerpoint slides! Great!
Thanks David! now I'm subscribing to her channel as well!
proud to live in the same country of Proton team ! thanks for the video
Lab exercises very good .thanks rana
Thank you David and Rana
Yes David some developers are watching also so thanks for highlighting this point and to assure that we have to know this when we build any kind of application, You are amazing
Thanks and love from Syria
I can only recommend the book "Web Security for Developers: Real Threats, Practical Defense", this is explained in few pages.
I like exemples during conferences, but they are often over-simplified : / A real exemple with anonymized data would be great
Awesome videos. I could watch you for hours. I would love to see a video on how to do penetration testing on the Tor network. It's all a bit different via an Onion address.
Just noticed the necklace now 😊 .. great necklace. Free Palastine. Great content, thanks Rana.
I just found my first bug today! On a very large watch company! It was an Idor that led to full account take over! I can’t believe it!!
Wow awesome, which site you use to get those sites for testing?
Super awesome!! I would also like to switch from Forensic to Bug Bounty, do you have a tip for a beginner like me, how and where you acquired your knowledge? Thank you my friend
@@mkson1 I used hackerone
Thank you for introducing Rana!
Thanks for this series!
A JavaScript development video of precisely how to correct the flaws shown in this video would be very interesting for me!
Thank you very much Mr David and Ms Rana for a very useful and lucid session.
I will join the web course sometime next month. I hope the 50% offer is open till then. Thanks and regards
Great skills, Rana. Proud of you. ما شاء الله لا قوة الا بالله
Great content thanks - would be awesome to see more stuff on Web3 now - Solidity smart contract security
I’d love to see Rana go into the Dev-side of coding a secure web application! 🙏
Her courses are amazing..well worth your time.
This was a brilliant. One question though, was the labs have been updated?
Do you need to use burb suite to do the labs or simply just dev tools?
I was trying the first lab, and the request doesn't have the required query parameter.
Another example if there is not a window, is maybe the door is locked but no barrier in the wall more than 2 pieces of sheetrock to easily break through.
Thank you a looot siir, iam full stack web dev + web pen tester and i will also watch your course.
WE WANT RANA TO COME BACK AND THEACH US ABOUT SECURE CODE WRITING, PLEASE!!!!
Pd = Thank you, thank you, thank you for this high quality content... The dedication and commitment to transmit knowledge and help other people to discover and understand new knowledge is truly invaluable ♥
Greetings from the Middle East, dear❤️❤️
I like your videos. Very straight with your presentation.
She's good. Thanks David for bringing Rana on
Rana please tell in how check vulenerableities like top 10owasp in manaul check & manual checking with burp suite
Great video David thanks !
Thank you Emmet! Rana is a fantastic person to follow and learn from :)
@@davidbombal Thank u for bringing these amazing people on and producing amazing IT content 👏🏾
Shes very good. Id Love to See her making Code examples. What Language would it be? PHP? Javascript?
Awesome topic. I like the whole video 👌🏻👌🏻. Keep doing great work.
I think it'd be awesome if she came back to demonstrate code side of things 💯
really I was thinking about this interview rana khalil vs David bombal just in this week
glad to to see in real
Absolutely, I want her to do a Python course!!! But anything coding I would tune in to!
Great video, Thankyou David & Rana, bring on the code !
Really Enjoyed it, Thanks!!
Beautiful video, great job both of you
Thanks for the course David and Rana.
David I am very thanks of watching your outstanding video I am working on Application security auditor in my country Ethiopia and your videos helping me so good thnks
Brilliant Rana, brilliant knowledge!!!!!!!!!! Thank you guys)
Bring Rana back for coding
Hello sir ! U will continue the serie large network? Ep13 is missing too .it helped me a lot hope u will add mpls with multiples area's .really like ur videos !