Easy IDOR hunting with Autorize? (GIVEAWAY)
I've said it once and I'll say it again APIs are some of the best applications to hunt on, and now I've worked at a platform I have some data to back me up that IDORs are fantastic first bugs and they are EVERYWHERE! But, when we test a real API vs a lab or CTF there are so many endpoints and resources and stuff to test, so what if we could make IDOR hunting easier? What if we could automate it? Well this is what Autorize is designed to do! This free Burp extension allows us to automatically make a second request to test if our attacker account can do something to affect our victim. It's such a useful tool to have installed I 100% recommend it especially if you're a beginner.
Did you know this episode was sponsored by Intigriti? Sign up with my link http://go.intigriti.com/katie I'm so pleased with everyone's positive response to the Intigriti sponsorship and I'm so pleased you folks are finding bugs and even finding your first bugs! Thank you for being awesome!
This month as a thank you for bearing with me as I get back into video making we're doing a giveaway! To win one of the following prizes please enter via a comment on this video with an answer to: What bug or type of hacking do you want to know more about? And the text: #bountypls
1x Lifetime Membership to https://www.bugbountyhunter.com/
5x 1 month memberships PentesterLab Pro
5x 2 months Try Hack Me Premium
10x InsiderPhD Swag Pack
Видео Easy IDOR hunting with Autorize? (GIVEAWAY) канала InsiderPhD
Did you know this episode was sponsored by Intigriti? Sign up with my link http://go.intigriti.com/katie I'm so pleased with everyone's positive response to the Intigriti sponsorship and I'm so pleased you folks are finding bugs and even finding your first bugs! Thank you for being awesome!
This month as a thank you for bearing with me as I get back into video making we're doing a giveaway! To win one of the following prizes please enter via a comment on this video with an answer to: What bug or type of hacking do you want to know more about? And the text: #bountypls
1x Lifetime Membership to https://www.bugbountyhunter.com/
5x 1 month memberships PentesterLab Pro
5x 2 months Try Hack Me Premium
10x InsiderPhD Swag Pack
Видео Easy IDOR hunting with Autorize? (GIVEAWAY) канала InsiderPhD
Показать
Комментарии отсутствуют
Информация о видео
Другие видео канала
3 Real API Bugs I got a bounty for
If you want to enter the Jason Haddix Bug Bounty Methodology giveaway use this form!
Broken Object Level Authorisation / BOLA / IDORs explained #shorts #api #hacking
I may need to fiddle with some settings but I had to share how cool this is!!!! #shorts
Finding Your First API Bug (NahamCon 2023)
Learn Bug Bounty Hunting with These Resources!
Revealing Secrets with Information Disclosure Bugs
Stored, Blind, Reflected and DOM - Everything Cross--Site Scripting (XSS)
"Easiest" Beginner Bugs? Access Control and IDORs
My Hacking Setup and How to Use It (Firefox/Burp Community)
Why does DNS always break the internet?
How does Bug Bounty work anyway?
Advent of Cyber 2022: Day 17 Filtering for Order Amidst Chaos (Walkthrough)
Advent of Cyber 2022: Day 16 SQLi’s the king, the carolers sing (Walkthrough)
Advent of Cyber 2022: Day 15 Santa is looking for a Sidekick (Walkthrough)
How to Use Bug Bounty to Help Your Career!
My API Testing Automated Toolbox
Escalating Your Bugs With GDPR Impact
Try Hack Me: Advent of Cyber 2021 - Day 3
Katie Explains: Modern Web Development (GIVEAWAY)