Скачать с ютуб How Google Analytics was used to Breach Virtually any Website в хорошем качестве

How Google Analytics was used to Breach Virtually any Website

In this video, we take a deep dive into the inner mechanics of Cross Site Request Forgery (CSRF), CSRF Tokens, and how Surgey Bobrov was able to bypass them with a joint Google Analytics & Django web framework exploit / vulnerability. CSRF is the lesser known of the big three web attacks, consisting of SQL injection, and cross site scripting (XSS). 0:00 - Overview 0:48 - Cookies 3:17- Cross Site Request Forgery (CSRF) 4:29- CSRF Tokens 6:42- Exploit / Vulnerability WE HAVE A DISCORD NOW!   / discord   Django patch - https://www.djangoproject.com/weblog/... Original report - https://hackerone.com/reports/26647 Surgey Bobrov - https://hackerone.com/bobrov?type=user Double Submit Cookie - https://cheatsheetseries.owasp.org/ch... MUSIC CREDITS: LEMMiNO - Cipher    • LEMMiNO - Cipher (BGM)   CC BY-SA 4.0 LEMMiNO - Nocturnal    • LEMMiNO - Nocturnal (BGM)   CC BY-SA 4.0 #Python #Coding #Programming #Software #SoftwareEngineering #ComputerScience #Code #ProgrammingLanguage #SoftwareDevelopment #Development #Developers #Hacking #Hack #CyberSecurity #Exploit #Tracking #Web #WebDev #SoftwareEngineer #Django #WebFramework #Vulnerability #PenTesting #Privacy #Spyware #Malware #CSRF #CrossSiteRequestForgery #SQLInjection #CrossSiteScripting #XSS #WebVulnerabilities #Cyber #CyberAttack #BugBounties #GoogleExploit #GoogleAnalytics #EthicalHacking