Hacking an organization with one of the most stealthy and dangerous web attacks скачать в хорошем качестве

Hacking an organization with one of the most stealthy and dangerous web attacks

DNS exfiltration over HTTP is a stealthy attack that enables you to bypass web application firewalls. Not many security researchers and penetration testers fully understand it. So in this video, we dive deep on what is DNS exfiltration and how it works and how to use it to bypass firewalls and maximize the impact. make sure to subscribe and turn on the notifications bell. {----- Lab -----} https://github.com/leetCipher/bug-bou... {----- Support -----}   / leetcipher   {----- social -----}   / leetcipher   {----- Video chapters -----} 0:00 intro 0:13 lab setup 1:04 lab overview 1:33 fuzzing the vulnerable parameter 3:20 tcp vs udp traffic 4:13 what is dns 4:43 interactsh 5:17 installing interactsh 5:53 how dns servers handle domain queries 6:21 testing our theory 7:00 domain name anatomy 8:05 planning the attack/exfiltration 9:27 implementing the exploit in bash 10:33 running the exploit in burp suite 11:37 implementing the exploit in python 12:29 running the exploit in burp suite 12:57 decoding the payloads using python 13:45 adding even more constraints 14:27 adding a custom base64 encoding to our exploit 15:03 running the exploit in burp suite 15:18 decoding the exfiltrated payloads 16:03 outro #hacking #bugbounty #penetrationtesting