HACKING OAuth 2.0 FOR BEGINNERS!

preview_player
Показать описание
I'm a pentester and a bug bounty hunter who's learning everyday and sharing useful resources as I move along. Subscribe to my channel because I'll be sharing my knowledge in new videos regularly.

SIGN UP ON Intigriti:

BUY ME A COFFEE:

TIME STAMPS:

00:00:45 - What is OAuth 2.0?

00:01:05 - Uses of OAuth 2.0

00:01:30 - Entities in OAuth 2.0

00:02:09 - Types of Flows of OAuth 2.0

00:02:30 - Authorization Code Grant Flow

00:04:11 - Implicit Grant Flow

00:05:11 - Practical Exploitation

00:05:36 - Reusing Access Tokens

00:07:05 - redirect_uri Not Validated

00:08:52 - CSRF

SOCIAL MEDIA:

OAuth 2.0 LAB:

OAuth 2.0 RESOURCES:

  1. Farah Hawa
  2. bug bounty
  3. bug bounty hunting
  4. oauth
  5. oauth2
  6. oauth 2.0
Рекомендации по теме
HACKING OAuth 2.0 0:10:26

HACKING OAuth 2.0 FOR BEGINNERS!

OAuth 2 Explained 0:04:32

OAuth 2 Explained In Simple Terms

OAuth 2.0 Hacking 0:45:38

OAuth 2.0 Hacking for Beginners with Farah Hawa

OAuth 2.0 explained 0:10:03

OAuth 2.0 explained with examples

Hacking OAuth 2 0:49:40

Hacking OAuth 2 0 For Fun And Profit

How to Hack 0:18:22

How to Hack OAuth • Aaron Parecki • GOTO 2020

OAuth 2.0 for 0:33:58

OAuth 2.0 for Hackers (Part 2): How to Hack With Insecure OAuth 2 Endpoints

2 OAUTH 2 0:09:49

2 OAUTH 2 0 Basic Exploitation

Implementation Pitfalls Of 0:44:12

Implementation Pitfalls Of OAuth 2 0 Samit Anwer

How to Hack 0:25:10

How to Hack OAuth

Vulnerabilities of mobile 0:34:53

Vulnerabilities of mobile OAuth 2 0 by Nikita Stupin, Mail ru

OAuth 2.0 for 0:33:08

OAuth 2.0 for Hackers (Part 1): Easy Guide to Understanding the Basics

How to Hack 0:30:54

How to Hack OAuth - Aaron Parecki

Matt Cotterell Hacking 0:35:51

Matt Cotterell Hacking OpenID Connect and OAuth 2.0

LevelUp 0x02 - 0:49:40

LevelUp 0x02 - Hacking OAuth 2.0 For Fun And Profit

29 OAuth 2.0 0:13:20

29 OAuth 2.0 CSRF Mastery: Unleashing Login Exploits for Ethical Hackers

OAuth 2.0 and 1:02:17

OAuth 2.0 and OpenID Connect (in plain English)

What is OAuth2? 0:19:56

What is OAuth2? How does OAuth2 work? | Naveen AutomationLabs

What is OAUTH 0:20:23

What is OAUTH 2.0 ? How to find OAUTH vulnerabilities | Bug Bounty Course in Hindi🔥🔥

Signing Into One 0:23:56

Signing Into One Billion Mobile App Accounts Effortlessly with OAuth2 0

Signing Into One 0:23:56

Signing Into One Billion Mobile App Accounts Effortlessly with OAuth2.0

1 Introduction to 0:04:22

1 Introduction to OAUTH 2 0

Securing Apps with 1:13:54

Securing Apps with OAuth2.0

OAuth 2 0 0:36:53

OAuth 2 0 and OpenID Connect for Single Page Applications Philippe De Ryck

Комментарии
Автор

amazing, this could be probably one of the biggest information that i have ever been given..the way how you explain is an amazing..we need such playlist more and more in upcoming days

Vinayak-qp
Автор

Shez doing a great job on youtube cuz to get sponsors within just <10 vids is awesome! Also shez playing an important role for women empowerment in infosec

rayancrasta
Автор

Yaw Farah This Is Just Awesome, Brief And Useful That's Why I Love What You Are Doing, Keep It Up And Stay Safe .

soufianeamed
Автор

Have been having issues comprehending Oauth, this video is a problem solver thanks farah ❤️

muizzraheem
Автор

Aweeome . Just awesome . For noobs like me who are just starting in bug bounty . This is the place where we can learn basics in depth. Thanks .
Please keep posting more such practical videos .

devvishack
Автор

You are good with knowledge and theoretical stuff, your videos gets me into reals basics of topics

yosoffmalik
Автор

People were getting jealous of Bugcrowd sponsoring ...now Intigriti has sponsored ...and soon Hackerone will ...to hell with them 😂😂...keep up the good work 👍🔥

the_linux_guy
Автор

How old are you? Don't think you are out of school yet. But, amazing grasp of the subject. Kudos!!

vaibhav
Автор

Farah you are doing great! Very informative video. You taught so many things in just 10minutes.

shubhamghosh
Автор

Isn't OAuth is for authorization part only? the 'Sign in with' buttons use OpenID Connect protocol not OAuth. Although nowadays people use these terms interchangeably .

sudiptapandit
Автор

Excellent, and very good command over Knowledge

swapnilpotbhare
Автор

Hi Farah, Do you take session on the bypass techniques for Saml, Oauth, oidc..I am very much interested.

ravichhetri
Автор

Make an video on best course for beginners in ethical hacking

adminhackstar
Автор

Awesome.. loved the way you teach the concepts and the labs!! Keep it up!

sohamprince
Автор

Your videos are amazing. Simply to understand and very explicative.

albertobarbieri
Автор

can you make a video on your journey of how you became a hacker

i want to learn to do all of this stuff but really don't know where to start with .please make a video on it.
and if you can refer to any video on youtube .i mean for learning.

chinmay
Автор

Beautifully explained hope to get more knowledge from you girl.More power to you

m.waheedanwar
Автор

Hi Farah can you please tell the impact of the csrf one and reuse of token and also there severity category?
Btw nice video

vasuyadav
Автор

Great job. Thanks man. Now I am clear.

raselmir
Автор

Can you make a video on your cyber security journey ??

Video is good👍👍

jayeshprajapati