Cross-Site Request Forgery (CSRF) Explained And Demonstrated By A Pro Hacker!

Показать описание

// Membership //

// Courses //

// Books //

// Social Links //

// Disclaimer //
Hacking without permission is illegal. This channel is strictly educational for learning about cyber-security in the areas of ethical hacking and penetration testing so that we can protect ourselves against the real hackers.

Рекомендации по теме

Комментарии

Did you watch till the end for the next level demonstration? ;)

LoiLiangYang

You can enhance your videos by demonstrating how to prevent each attack. This is nice stuff.

kasuntharinda

Awesome demonstration. I love the expression "That's it! Game over!" I'm currently studying for my Security+ and when I run into practice test questions of which I want a stronger grasp, I often run into your videos that explain these things very well. Thanks for your content.

donnypodcast

It's not hard of course to defend against this attack. Cryptographically sign a csrf token and problem solved. Attacker wants to generate there own csrf token and send it to the server, it will get rejected because the hash won't match because of the secret key that I salt the token with.

dragonore

Sorry but how does the hacker get an access to web server according to the instructions you have given above

edsonmubezi

I was just watching your another video!

hareshjadhav

Currently, I'm working on a bounty program. Your videos have been very helpful...

scarytruths

I’m only studying for S+ but I still enjoy your videos even tho I barely understand lol

michaelbryant

Duck duck go are better than Google???? For safety search which is best ??

moinshaikh

I thought you were @networkchuck for a minute, in the mask😂

iot_galaxy

I was with you till 4:20 on the timeline but lost it from there till 4:47. Not sure what happened there precisely.

gaganbansal

I have wathc your all the videos, except members only videos, how do i become a member

thereviewshowbyviraj

you are the best keep doing what you are doing

kaanvardar

Something about the "view my pictures" that he said cracks me up, lol. It's like the hacker pretends to be a webcam girl and sends the link to the victim(who's a horn ball) to get him to click it.

oentrepreneur

So for example if you want this to work you need to have his banking site session or the browser that has his session id, am I right?

דניאלבראילובסקי