Missing HTTP Security Headers - Bug Bounty Tips

preview_player
Показать описание
In this video we talk about various HTTP headers that can improve or weaken the security of a site. And we discuss how serious they are in the context of Google's bug bounty program.

Chapters:
00:00 - Background Info
03:11 - Intro
03:53 - HTTP Security Header Overview
04:38 - Example #1: X-Frame-Options
06:43 - Example #2: Content-Security-Policy (CSP)
08:16 - Example #3: Strict-Transport-Security (HSTS)
10:44 - Example #4: Cross-Origin Resource Sharing (CORS)
13:12 - Example #5: Cookie Security Flags (HttpOnly)
14:25 - Summary
15:23 - Outro

-=[ ❤️ Support ]=-

-=[ 🐕 Social ]=-

  1. LiveOverflow
  2. Live Overflow
  3. liveoverflow
  4. hacking tutorial
  5. how to hack
  6. exploit tutorial
Рекомендации по теме
Missing HTTP Security 0:15:48

Missing HTTP Security Headers - Bug Bounty Tips

HTTP Security Headers 0:02:24

HTTP Security Headers Explained - What are security headers and how do I implement them?

How to change 0:07:45

How to change HTTP security headers using IIS or web configuration file

Fix HSTS Security 0:02:25

Fix HSTS Security Header Missing|HTTP Strict Transport Security HTTPS is not implemented in header

HTTP Security Headers 0:11:30

HTTP Security Headers | Part 01

How to Mitigate 0:03:27

How to Mitigate Multiple Missing Security Headers Vulnerability through a single file .htaccess

HTTP Security Headers 0:02:55

HTTP Security Headers wordpress security

WordPress Tutorial on 0:05:03

WordPress Tutorial on How to Check and Set Missing Header Securities to your Site (Two Methods)

Open - week 2:31:41

Open - week 8 - Introduction to flask security - Part II

How To Fix 0:08:09

How To Fix the “HSTS Missing From HTTPS Server” Error (in 5 Steps)

Web App Pentesting 0:33:39

Web App Pentesting - HTTP Headers & Methods

How to fix 0:01:19

How to fix - Strict Transport Security Header Missing - vulnerability

missing strict-transport-security header 0:03:03

missing strict-transport-security header vulnerability

What is HSTS 0:06:39

What is HSTS (HTTP Strict Transport Security)? HSTS explained simply.

Simple host header 0:00:45

Simple host header injection vulnerability poc | bug bounty |

How to Set 0:01:06

How to Set X-Content-Type-Options HTTP Security Header in WordPress

Host Header Injection 0:06:07

Host Header Injection Attack | Authentication Bypass

How To Implement 0:03:05

How To Implement HTTP Security Headers in your Website or Webserver

How to Verify 0:01:14

How to Verify HTTP Strict Transport Security Header in Website | PHP | HTML | WordPress

Legal | Application 0:01:15

Legal | Application is Missing CSP(Content Security Policy) Header | POC | N/A

How to Add 0:02:05

How to Add HSTS in WordPress | Set HTTP Strict Transport Security Header

How to implement 0:01:21

How to implement Security Headers in WPengine

Set HTTP Security 0:03:38

Set HTTP Security Headers Apache WHM

HTTP Security Headers 0:11:32

HTTP Security Headers | Part 03

Комментарии
Автор

You know what I absolutely love?

The sheer idea, that he can sit at home, with a shirt that wasn't ironed for the google video. I am not saying he didn't try - it's just the audience more focused on the content than the creator.
I don't know how many will share the thought with me, but here it is.

Good stuff.

lukor-tech
Автор

Nothing makes me more happier than seeing this guy.

saadmgdm
Автор

Finally some browser security; this is the stuff that really needs to be taught, it’s practical and real world content. Keep these kind of videos up man.

Root-unonw
Автор

Missing security headers are usually out scope on bug bounties program. Nice presentation is worth demonstrating.

phillawrence
Автор

This seems to really boil down to: "if you can't accurately and specifically articulate how something can be exploited, it's likely not actually vulnerable"

gFamWeb
Автор

here's my typo bounty submission: at 5:55 in the English subtitles there's a typo - it says "doens't" instead of "doesn't"

TheJobCompany
Автор

This is really crucial to understand that absence of a particular header doesn't mean the web application is vulnerable. Instead one should try to figure out how the absence of that header impacts the application in general or maybe chain that impact to find a realistic security flaw.

harshrathod
Автор

I'm new to Cyber Security and have been denying third party application access based on bad results from HTTP header scans, this video has helped me so much thank you!!!

HD_Heresy
Автор

Very thought-provoking video! No one else is talking about this.

elevatecyber
Автор

Love your videos! So much informative!

t
Автор

This is surely one of my favorite Channel on youtube !!!!

guitarlover
Автор

I never knew why i had hsts set up, just did it because it was good practice but never knew how it worked… very informational video, even if it was just for google!

SeMoDrix
Автор

As always the video is so Informative. I'm a beginner and I'm about to start my bug bounty journey. I must say it helped me a lot.

The-solo
Автор

Very informational video, thank you as always for the nice content!! <3

OmegaZ
Автор

Thank you for sharing this informative content. It's interesting to note how the previous Systems Administrator at my workplace was strongly in favor of implementing HTTP Strict Transport Security (HSTS) and advocated for team members to obtain Security+ certification. Unfortunately, his misconfigured setup contributed to some security issues, highlighting that HSTS isn't always a critical requirement for website security. This situation underscores the impact of knowledge gaps and how they can lead to misplaced pressures within teams. Additionally, thank you for sharing the YouTube video—it provided valuable insights, even though it was originally shared on Google. We truly appreciate it.

makezi
Автор

Amazing video. Please keep posting such real life examples of how to assess these reports generated by pen testing automation tools!!

mohitjaswal
Автор

Honestly, in the stratus of people out there being "Security Content Creators" L.O. has always come across as a passionate hacker. Even when advertising something, not trying to sell it.

I appreciate that you aren't a grifter man, because there are plenty in this field.

jesslopez
Автор

Great video! I'm going to watch it again, a lot of good information.

oldGoatMilk
Автор

Great video as always, but I think one thing could be slightly incorrect. Sometimes (at least the last time I checked) authorization headers are automatically submitted by the browser. HTTP Basic Authentication credentials are cached so you don't need to fill out the prompt every time you visit a new page. A CORS misconfiguration in this case could allow data from a user authenticated with basic with to have data stolen. I think the same also applies to client certificate based auth, but I've never tested this one myself.

pentestical
Автор

5:33 This is exactly what I was trying to explain to a client that if a 3rd party npm module is being used in a static client size electron app the vulnerabilities reported by npm have ZERO impact because those only apply if the module is being using to process a user provided input in a route handler in a server app.

sayamqazi