Brute Force Enumeration of Username & Password - PortSwigger Web Security Academy Series

Подписаться 12 тыс.

Просмотров 1,5 тыс.

50% 1

I thought it would be fun to do beginner-friendly walk-throughs / solutions of all the labs for the Apprentice track in the PortSwigger Web Security Academy.
In this walkthrough we will use Burp Suite's Intruder to brute-force enumerate the username and password for the web portal admin.
Enjoy!
#portswigger #burpsuite #owasptop10 #owasp #websecurity #webapplicationsecurity #bugbounty #hacking #hacker #cybersecurity #informationsecurity #infosec #kali #kalilinux #parrotos #pentester #pentesting #redteam #blueteam #cyber #cyberdefense #ctf #capturetheflag

Опубликовано:

23 окт 2024

Ссылка:

Скачать:

Готовим ссылку...

Добавить в:

Мой плейлист

Посмотреть позже

Комментарии : 23

@waynesrealworld5801 10 месяцев назад

Okay, there are 241 views, where is the love for this guy and content you will not find elsewhere? Come on and join me in saying something that needs to be said, thank you, Daniel!

@daniellowrie 10 месяцев назад

Thank you, Wayne for always showing up and supporting the channel and my content in general!

@waynesrealworld5801 8 месяцев назад

You are welcome and glad to do it. Take care out there and keep up great work that makes me better too

@terraflops 7 месяцев назад

this video forces you to use Burp, up to now the browser was okay. Great video as always and thanks for explaining stuff (some of it i forgot).

@daniellowrie 7 месяцев назад

No worries! I forget stuff all the time too, but we persevere 😁

@CaltonTech 11 месяцев назад

I always like the content Daniel gives

@daniellowrie 11 месяцев назад

I'm really happy to hear that you're enjoying my content!

@shreyashetty937 9 месяцев назад

loved this video, love how u consider people like me who are just starting out and learning this for first time 😄

@daniellowrie 9 месяцев назад

I try to make sure that I cover stuff for folks that are just starting out, so I'm glad to hear that you enjoyed the video! 👍💯

@soberdetectorists 8 месяцев назад

Thankyou, you explained this so well, and you made it look super easy, cant wait to try this now. Going to watch some morevof your videos now. 👍

@daniellowrie 8 месяцев назад

You're very welcome! Glad to hear you enjoyed it and thank you for watching 😃👍

@dustinhxc 11 месяцев назад

💯💯💯 Love Brute Force, Haha yeah except for the waiting… 😅

@daniellowrie 11 месяцев назад

Thanks, Dustin! I used to always run out of patience and give up on a brute-force thinking, "It's been like 20 minutes, must not be the correct attack vector!" then I'd read a walk-through and sure enough I just didn't wait long enough. 🤦 I the case of web brute-force like in this episode, I'd normally just use ZAP Fuzzer. It's SUPER FAST, but this is a PortSwigger series, so I figured Burp CE was most appropriate 👍

@dustinhxc 11 месяцев назад

@@daniellowrie Oh yes, I’ve done that most of the time haha! 😅 Good to know though. I used Zap for Taggerts Web App course! I’ll have to think of that for my tools setup for brute force type situations! Thanks!

@daniellowrie 11 месяцев назад

@@dustinhxc ZAP is smokin' fast!

@AniketAmdekar 11 месяцев назад

I can imagine Daniel with a Battering Ram too .... when do we get that video

@daniellowrie 11 месяцев назад

This comment litteraly makes me want to build a battering ram 😁 BATTERING RAM IS LIFE!!!

@twenty-fifth420 11 месяцев назад

You know been thinking alot about ‘brute force’ password and user security since the start of AI and the seeming rise of GPU/CPU hardware centralization. So much so, I have decided to make up ‘passphrases’ instead of always relying on keepass generator lol 😂.

@daniellowrie 11 месяцев назад

Bruh. What's the deal with passwords? Am I right? 😆🤣