I still use burp 1.7, it has a spidering functionality, I guess it is better than the passive crawling one. keep up the great content!
@Hacksplained
3 жыл бұрын
Thanks, will do!
@barangs1353
4 жыл бұрын
Good explanation but the way you are talking is too slow for me :D sorry about that I have to watch your videos with 1.75 for god sake!
@Hacksplained
4 жыл бұрын
That's fair. At least you can turn up the speed. I just hope that my slow speaking makes the content more accessible to a lot of non-native speakers. Good feedback though :)
@-fqnz
Жыл бұрын
Manually click all the items LoL...
@AlineBora
4 жыл бұрын
How do I open the folder in Target tab? I don't have any there as you've shown. I'm starting to learn this now, please help
@Hacksplained
4 жыл бұрын
Hi :) Could you please specify the minute:second of the video in which you need help?
@arjunsharma3248
4 жыл бұрын
But with this method, we will not be able to have a complete site map, such as if we are looking for all the subdomains !!
@Hacksplained
4 жыл бұрын
This is correct. For a good overview of all subdomains, I would recommend using different tooling such as github.com/OWASP/Amass
@inspirationeveryday1175
4 жыл бұрын
@@Hacksplained you are a hero ...😂 please 😗 i have some questions: 1- What cert did you get 2- Is kali Linux necessary for doing PenTesting ... or i can use my win10 machine .. Thank you
@Hacksplained
4 жыл бұрын
@@inspirationeveryday1175 1. If you are referring to security certifications. I am GPEN certified, but certs are not necessary to start hacking. 2. No, Kali Linux is not necessary. You can use any Windows or Linux out there. However, keep your systems updated (just a little good practice advice).
@inspirationeveryday1175
4 жыл бұрын
@@Hacksplained thank you man ..✌✌ i learn about Gpen and that is so cool... So can i find a job with Gpen ? and please my last question is when you teach for this certificate the teacher you use on class Linux or windows alot ? THANK YOU ✌✌✌
@Hacksplained
4 жыл бұрын
@@inspirationeveryday1175 Certifications like the GPEN are definitely well received at companies where you are applying for a job. But like I have said before, it is no necessary to have any certs to apply for an IT security job. Linux or Windows does not matter, both work as long as you are giving your best to master them.
@aMODiEswede
3 жыл бұрын
Its really sad tbh, you can't really find hidden directories with passive crawl. Thanks for the video
@Hacksplained
3 жыл бұрын
You can use a free extension like param miner for that! Just go to the extender tab and install it! for hidden params. for hidden dirs, I'd recommend FFUF and a wordlist from github.com/swisskyrepo/PayloadsAllTheThings
@aMODiEswede
3 жыл бұрын
@@Hacksplained Great !!. Thank you so much, I will give it a go
@Hacksplained
3 жыл бұрын
@@aMODiEswede great, good luck buddy :)
@jsmoothstudio9327
3 жыл бұрын
@@Hacksplained what is FFUF?
@Hacksplained
3 жыл бұрын
@@jsmoothstudio9327 a fast web fuzzer written in go! github.com/ffuf/ffuf
@mouhannadal-hmedi1501
3 жыл бұрын
Nice , thank's
@Hacksplained
3 жыл бұрын
You're welcome 👍🏼
@wolfkenfang8832
4 жыл бұрын
Might be me, but it doesn't work on my kali vm. Only plausible reason I can find is that burpsuite can't process js?
@Hacksplained
4 жыл бұрын
Can you tell me what exactly is not working?
@wolfkenfang8832
4 жыл бұрын
@@Hacksplained basically the start from the video. No matter where I click, I dont get any input in the site map in burpsuite. I intercept traffic, but get nothing in the sitemap. (Total noob here, so I hope I clarified it a bit)
@Hacksplained
4 жыл бұрын
@@wolfkenfang8832 Ahh got it. Well, make sure to check out the earlier videos in this playlist. Pretty sure you are missing those. In there, you learn how to intercept your first traffic.
@wolfkenfang8832
4 жыл бұрын
@@Hacksplained which I did, that part is working perfectly. It's just this video that's not working for me ^.^ I'll keep looking for a workaround.
@Hacksplained
4 жыл бұрын
@@wolfkenfang8832 Do you see anything in the Proxy - History tab? If not, then I would assume that your proxy connection within the browser is not set to the one configured in Burp.
Пікірлер: 34