Server-Side Request Forgery (SSRF) Explained 

hey Ben, we surely already love your content, but, for those like me, who are new to the industry, trying to learn and move forward, we need the technical, very basic content, this will help us understand more in depth how things goes. thank you again for the great content you are delivering, and for the amount of dedication you are putting in

Content + real vulnerability example would be great 🔥

Never thought I could learn SSRF in a more comprehensive way by under 15 minutes! Thanks man!

While I may not have commented before, I've been an avid admirer of your work. As an aspiring pentester, I find your technical content to be precisely what I seek. While your other content is commendable, it's ultimately the expertise you bring that I look up to for learning. Your contributions are truly appreciated.

OFC it would be truly helpful to see more content like this

As CEO of a startup please keep this stuff coming. It took a lot to convince the dev team that exploits weren’t just down to weak passwords so I arranged an in house demo. Jaws dropped. This stuff builds so much awareness. Thank you!

Fully in with technical vids, especially when you chain these with Real life vulns you have found 👌

Content + real+technical aspect of pen testing and bug hunting .Thanks

Yes, this is great. From a web developer perspective. I'm trying to under how my server side applications could be hacked and this is great content. Please, continue.

100% both. I like the nuance you teach here. For example login page and SSRF. This is fantastic content.

Hey I absolutely love this, I would love to learn from more technical videos like this.

More content is needed like this along with real life examples that you experienced during bug bounty or other testing application

Man, keep both coming.!! maybe pick a day to post technical and assign another day for the mentorship aspects or something... Either way ... BOTH ARE EQUALLY IMPORTANT FOR SUCCESS!! ...Also i would love a video on how to transfer from labs /ctf into hacking real world apps. As the fundamentals are the same or close but also very different in alot of ways.

Thank you very much, I hope you'll continue doing these kind of videos 😊

Yes, more content like this please 😁

fantastic :o , i would like to see a full and advanced recon video from you :)

Waiting for this type of content ; please Continue Ben :)

Thanks for helpful content! It would be great if u could do more specific showcases about blind SSRF. For example there is a case that I only receive the DNS queries back to the collab. I guess because of outbound restriction but it seems like the server was trying to reach to that domain. Any way in this case that you can prove the ssrf is there with just DNS? Or do you have any suggestion on setting up things in internal network to prove the vulnerability is there? Was a long comment but hope u could imagine the case 😂 thanks

Yea would love this type of content plz part 2

yes please, give us more content of this kind.

Just what we need Ben 😊 thank you 👏🏻

Love this!

Super down with more technical content!

Hi man, I would like to hear you how to do bug bounties exactly and maybe if you can show on live all the necessary steps to do it

we need more part of this

Would love to see more technical content! TIA

Perfect type of content 😃👍

Please, if possible, cover these advanced topics like How to bypass Drupal CMS or other secured CMS? How to bypass HARD WAF protection that stops HTML, SQL, and XSS injection payloads? Payload single-double-triple encoding using Cyber-Chef? How to find the real origin IP of secured websites behind Cloudflare, Akamai, ModSecurity, AWS CDN, etc.,? How to bypass Hard WAF using SQLMAP or Burpsuite? How to find hidden vulnerable parameters and endpoints inside the .js and .jason files? How to find hidden admin pages, cPanel pages, and WHM pages ? Please cover these important topics. Thanks

You are great bro

stay consistent big bro

Haya! I have quite a lot of experience in pentesting webapps, but i do not have any experience in hosting an instance of a webserver, securing it or being able to load an insecure server, but in a secure way cause we don't want a creepy scanner rooting it and being malicious when i want to test it :P So my question, could you make a lill tutorial in how to, for example, use a docker or maybe host a site in different means through a Digital Ocean instance? :P Would be fun to learn a little bit about it and then being able to pentest towards it. By learning this, one can use your knowledge to host a file hosting instance to make an RFI etc, which is a bit difficult without an outwards facing host ^^ Stay safe and happy late Easter!

We really want this explain bugs for beginners and give us some advice about the bug i really wish u make playlist for this !! thank u alot

Great Content; More Please 🤑

I would like to see one of the vulnerabilities you have found and walk through the info gathering stage all the way to the post exploit while explaining the mindset/methodology

East or West, naham is the best.

both content is fine and some free tutorials

Yes more content like this pls

part 2? more content like this!

Is Bola and idor the same type of vulnerability with different names

Epic, Part 2 please.

Hi NahamSec, I'm a regular viewer of your content.can you make video on business logic in dept!! waiting for it

I love this content make more please

I’d love more technical videos

Preach!

More please!

more content like this please

What to do if we don't have burp collaboraor ?

Part 2 please 😍

more content like THIS!

part 2 or complete playlist on the web Vuln

Ben One Suggestio | Make a precise playlist of OWASP TOP 10 2021 | Like a 10 min video / on each critical vulnerability

💙

More content like this 🙂🙏❤️🔥

More part 2. Need more technical vids

More parts on this topic ..

Drop video with all of the topic you mentioned in the video.

Creat a playlist content like the types of vulnerabilities and bugs that are common or rate easy to hard like xss or account takover

Vulnerability content or owasp top 10 pls

MORE CONTENT !!!

More real bugbouty tech work

more vcontent like this cover all top 10 owasp vulnerability please...

Part 2 please....

please post content like this...thank you

It was awesome Next xxe plz

Part 2!

more and more plz

More, more more real world how to once we have done recon. We need to know the steps on how to find bugs.

more content on web attacks

More pls =)

I think you should pivot to doing Unboxing Videos. If that's not in the cards then please keep the technical videos coming!

part 7 we want

I would like to see basic contents like this.

more content like thiss

we need location traking tutorial

Part two

More content

yup yup more tutorials for hacking and IT stuff how to do ore bypass

😊

PART 2 BRO DEFO

Want more vdo

Both....

web hacking content more please

I love you naham

PART-2

part 2

I reported my browser 😂

Part2

theory is all good but when it comes to practical i'm hopeless.

Part 2 ,,4,5,6,7,8,9,-----,99999

location hack

I make hacking videos

Bad explanation with a lot or wrong info

Part 2

part 2

Part 2