Jesteś wybitnym Pentesterem i fajnie jakby były chociaż napisy po Polsku. Właśnie będę działał z angielskim z Wiki Sitko i działam również z Security Starter pakietem, ze Szkoły Maćka Kofla. Fajna sprawa Cybersec. tylko nie wiem czy już dla mnie nie jest za późno..... chodzi o moj wiek.🤔 Zrobiłem suba Twojego kanału, cóż będę słuchał po angielsku😁
I’ve watched so many videos, done courses on http request smuggling and still don’t understand. I’m thinking about making a http server in C to exploit it myself to understand it better
Thank you. I see soo many people ask this question so sorry lol, that database on the article looks like an image so that's what I always thought it was. But you mention it in the video. Thanks again.
Hey dude, great video as always. I had a question for so long after completing all the labs related to http request smuggling from portswigger is that I am able to identify the HRS vulnerabilities using the detection method, and even the Smuggler tool but never able to showcase a full-proof POC because I have seen people use Turbo intruder for that like here 6:26, and I couldn't find a place to learn that so I request you if you can make a video on how to actually make a POC or show the IMPACT as we say, because I have so many places I couldn't show the actual poc it was annoying.
There are many scenarios, many context and I couldn't make one video to cover all exploit methods. If you believe you have a valid bug but can't piece an exploit, DM me on Twitter or Discord and I'll try to exploit.
Hello, I am from China. I like the video content of your channel very much. I want more people to learn these vulnerabilities. Can I translate your video and repost it to the Chinese bilibili video website? I will mark your UA-cam address on the video page, thank you
Thank you for watching this video. If you've learnt something new, leave a like to show me that you appreciate it!
Szkoda, że nie ma tłumaczenia na Polski. Pomyśl o tym😉
@@michamoneta669 myślałem nie raz i doszedłem do wniosku, że jeżeli ktoś chce rozwijać się w web security to i tak musi znać angielski
Jesteś wybitnym Pentesterem i fajnie jakby były chociaż napisy po Polsku. Właśnie będę działał z angielskim z Wiki Sitko i działam również z Security Starter pakietem, ze Szkoły Maćka Kofla. Fajna sprawa Cybersec. tylko nie wiem czy już dla mnie nie jest za późno..... chodzi o moj wiek.🤔 Zrobiłem suba Twojego kanału, cóż będę słuchał po angielsku😁
Why do we have to use white space character please clarify this is possible
And also how can we figure it out that a backend is using HTTP/1.1, HTTP/2 or HTTP/3
Hi thanks for the video, can I get the notion link of the reports?
In addition to Burp Plugin HTTP Request Smuggler, what other methods can find this vulnerability?🤒
I’ve watched so many videos, done courses on http request smuggling and still don’t understand. I’m thinking about making a http server in C to exploit it myself to understand it better
Is that you didn't understand or that you couldn't exploit one HRS in the wild ?
I did understand the bug class but I never found one in the wild.
@@huzaifamuhammad8044well maybe, I’m testing a target right now and I have two responses but I’m not sure if its a false positive or not
a few years ago, I made a video about basics of request smuggling, maybe that will help: ua-cam.com/video/gzM4wWA7RFo/v-deo.html
🧉mate time 19:24
I love mate!
您好,我有一些关于 HTTP 请求走私的问题。我如何在 Discord 上联系你们?
Can you share the notion reports?
At this point I don't know if you're trolling me or just haven't watched the video but I answered this in 6:57
I think he means the database, which i also just tweeted you about because I cant find it
@@InfoSecIntel it's in the bottom of the article that's linked in the description
Thank you. I see soo many people ask this question so sorry lol, that database on the article looks like an image so that's what I always thought it was. But you mention it in the video. Thanks again.
@@InfoSecIntel No problem ;) There's also the link to the same database but in Notion below that embedded database.
How to contact you privately?
write me a DM on twitter
Next Video: $$.$$$ bounty using request smuggling
Hopefully!
Hey dude, great video as always.
I had a question for so long after completing all the labs related to http request smuggling from portswigger is that I am able to identify the HRS vulnerabilities using the detection method, and even the Smuggler tool but never able to showcase a full-proof POC because I have seen people use Turbo intruder for that like here 6:26, and I couldn't find a place to learn that so I request you if you can make a video on how to actually make a POC or show the IMPACT as we say, because I have so many places I couldn't show the actual poc it was annoying.
There are many scenarios, many context and I couldn't make one video to cover all exploit methods. If you believe you have a valid bug but can't piece an exploit, DM me on Twitter or Discord and I'll try to exploit.
Hello, I am from China. I like the video content of your channel very much. I want more people to learn these vulnerabilities. Can I translate your video and repost it to the Chinese bilibili video website? I will mark your UA-cam address on the video page, thank you
Please reach out to me privately
@@BugBountyReportsExplained How?
thanks👍
Se garantiu