Remote Code Execution (RCE) Vulnerability | FirstBlood v2 | Bug Bounty Service

Dear Sir,

Please do cover these crucial topics also. Like...
How to bypass Drupal CMS
How to bypass WAF protection that stops HTML, SQL, and XSS injection payloads? How to find the real origin IP of secured websites behind Cloudflare, Akamai, ModSecurity, AWS CDN, etc. How to bypass WAF using SQLMAP How to find hidden vulnerable parameters and endpoints inside the.js files? How to find hidden admin panels & cPanel and WHM panels. Please cover these important topics. Thanks

Free.Education

You didn't not show how get reverse shells?? Also tell me one things what is "phar" is this command used to execute any malicious payload either RCE payload or XSS payloads in Burpsuite to get our payload executed on server? Does this "phar" command is used for that purpose to gain reverse shell directly??

_ArfatFarooq

Can I ask, where does the application read from the picture? I mean which part does the web application read from inside the picture? Exif data or what? And many thanks for great content

SeedGH

Can u teach me how to download burp pro in mac

__pain__

Hello sir can i have the picture ، can you upload it on mega or some other website and give me the link to download also Thx for the video

ohammadhoseinmohammadi

If any website allows to upload files then we can perform all types web attacks. Main game starts when we see highly secured websites on HackerOne Bugcrowd Intigrity heavily protected by hard WAF CDN IPS etc. Humble advice to all new bug hunters don't waste 😉 your time and efforts on DVWA PORTSWIGGER BWAPP labs because these labs make you believe that you can hunt bugs on real live websites which is not the case in actual situation that's why 99.99% bug hunting students quit this field. If you want to be a REAL website hacker pentester exploitation expert then must practice on real live websites. Thanks 🎉❤

Free.Education