Interested in supporting me and gaining early access to the Web Security Academy videos when they're recorded? Consider buying my course: academy.ranakhalil.com/p/web-security-academy-video-series! ✨ ✨
Your video material is actually way better than the instructions provided in the academy itself. The guys at the academy would be crazy not to approach you to incorporate your material into their platform.
Your material answers all the questions I have when doing the lab's when I think of "what if..." and it really helps complete the whole picture. Will probably sign up soon when I have some time and money!
Very comprehensive and insightful. Never had anyone explain SQL injection in such a manner. Was very easy to follow through. Thank you. Great work! Awaiting more content.👍
Thank you so much, amazing work. Actually it's the most up-to-date work, covering everything from a white/grey/black box perspective. Again, thank you! You are awesome :D
I am here after watching the Broken access vulnerability topic with David Bombal. The way of your teaching is outstanding and thanks for sharing such a valuable knowledge.
Reviewing some of these things to fresh up my memory in order to create my own content on the subject (but in italian), and well, excellently explained, thank you very much!
Your teaching methodolgy is really amazing. I have no previous tech experience a complete newbie with some basic knowledge and I completey understand what is being explained. Thank you so much for putting in so much of time and efforts and keep up the good work ma'm.
I've been studying for the GSEC for work, and it's really taken away time from all of my offensive security studying, but I'm finally sitting down for some free time to study and checking out your tutorials. They've all looked great from the handful I've watched while on in the background while working, but I'm looking forward to really digging in and using them to get ready for the Burpsuite Cert after my GSEC test in December. Thanks for all of the hard work!
Ha! Saw my old comment here and figured I'd update. I got the GSEC checked out, and now I'm back learning all of this all over again since I'm studying for the GWAPT. Thanks again for all of the great videos!
Huge fan! Been following you since the days of your medium writeups. Thank you for your content, you have undoubtedly upgraded my infosec career. Keep doing what you are doing. Hope you continue with videos on this subject matter.
I've enjoyed your previous write-ups but this video is sooo stellar!! I've always struggled with getting a good handle on SQLi in the past and mostly just left it up to the automated tools but this guide has given me a much better approach and methodology to apply to injection scenarios. I really appreciate your efforts and look forward to future videos!
Thank you! The next 16 videos cover SQLi hands on exercises. By the end of this module, not only will you be become a pro at exploiting SQLi vulnerabilities manually but you'll also learn how to automate the exploitation in python ;)
@@RanaKhalil101 I started thinking about the flow of a python script for this as you were explaining the boolean-based injection. I'm still a python novice however so appreciate learning new methods. 😁
Thank you so much for your amazing course, your effort and your time! I really like the consistency in the slides format & flow of explanation for each topic and how you organise the playlists for each topic with short and long versions 😊
This presentation is realy realy useful for beginners or students , it explains every details of the topic and and has example of queries and payloads for real-life stuations . Please keep going to do it for young collegues and students. Thank you for your effort.
Buenas tardes Rana, te he conocido gracias a un video que realizaste con David Bombal, y me pareció fantástico y tu super simpatica. Soy una persona normal y corriente, y he tenido recientemente una mala experiencia con una empresa realizando trading, bueno ya te puedes imaginar. Jamás pensé que llegara a ser tan incrédulo. Me gusta mucho como te explicas y lo puedo comprender todo hasta ahora. Nunca es tarde para aprender. Voy a ver que tal empiezo con tus tutoriales y si me llenan como hasta ahora, aportaré al canal de la manera que pueda para que sigamos aprendiendo de tus habilidades. Un saludo.
Really appreciate your efforts and time you put into making these tutorials , these are really helpful and qualitative .also expecting Such more tutorials based on the course ahead . again thank you for sharing your knowledge you're giving back to the community in the amazing way.🙌
Thank you Rana for your tutorials. Your explanations are clear and concise and I easily grasp these concepts with ease. I have a question about Boolean-Based Blind SQLi. Is it possible that to optimise the finite brute force of each character, the attacker makes use of binary search to find the character, say instead of (…., 1, 1) = ‘s’, the attacker injects (…., 1, 1) < ‘s’, that’d work right?
very interesting, as i've been dealing with such a problem myself (was hacked by ransomware on a university server...) what i don't understand is how you loop over a long hash checking every character: this is classical brute force and should take thousands of years... :)
I liked this video even before starting. I love the givers !! Sply rahana I follow you in twitter. Tha ks for sharing your knowledge. Keep going great ! Love you voice too ❤️