CORS - Lab #1 CORS vulnerability with basic origin reflection | Long Video 

Don't want to wait for the weekly release schedule to gain access to all the videos and want to be added to a discord server where you can ask questions? Make sure to sign up to my course: bit.ly/30LWAtE ✨✨

Great work! Thanks for explaining how to solve the lab without the "Go to exploit server" functionality.

Girl your explanation is fantastic. Much love, keep going

I love your videos. keep up the good work. Thank you.

the GOAT of explainig

Thanks from Brasil, you are amazing!!

Thanks from iraq❤

thank you madam , please make a video on information disclosure

Since in the fetch method, there is not the full uri given, how does the fetch method know that it has to GET-Request the exploit server? 🤯

you are amazing ^_

Thanks

what if the request is using only post method? how to create the payload??

There was never ...even once anything mentioned related to the admin account in our script...still how come the logs display the admin info??

top

It's very difficult for to send email to an admin when you don't have his email. I tried to do a pentesting on website, I found the admin username but not his email. Is there any other solution @Rana ?

what's the significance of apikeys why is it a secret information? what can you do with it? and wouldn't the session key be more critical because you can steal it and impersonate a user?

@Rana Khalil is it necessary that i must write a script to go through i dont know how to code im trying to get started in bug bounty

لايك وانا مغمض