Комментарии:
This was both refreshing and humbling.
Didn’t know such easy-to-learn tools to get into the AppSec space even existed or were this accessible.
Would be great to see videos on your Career, how you knew Security was for you, & what you do to keep up to date with the latest trends in this Space.
We need some kind of script that scans real url and find how to hack it
ОтветитьHave to give it a dislike as you don't say it's a paid promotion/sponsored video till the end, basically an advertisement.
Makes you look dodgy/questionable/untrustworthy
Have seen a couple (read 2 or 3) your other videos and they were interesting, but this make me question your integrity.
Now add backwards compatibility to the mix!
I see how this could work in a CI/CD context on new apps though.
what application launcher are you using? :)
ОтветитьCould you use this in a King of the Hill to hold off the others?
ОтветитьThanks John , You make me realize how vulnerable the apps we have developed . We were only focusing on the end-user requirement .
ОтветитьTool is cool and all, but mention "includes paid promotion"
ОтветитьYou hit ignore on most of them.
ОтветитьI'd love to see Snyk target Mutilidae or Juice Shop or one of those
ОтветитьBro, I am in depression after seeing your couple of videos.. So much I have to learn..I was thinking I know something about hacking, now it seems I know nothing😞
Ответить@John not to discredit Snyk and similar tools that I'm sure do more than check your dependency management (e.g. trying RCEs using libraries that are used like what they call ImageTragick), running `npm audit` and `npm audit fix` would capture what is in this video.
ОтветитьI saw the thumbnail and thought "I need to see Ed Sheeran fixing vulnerabilities".
ОтветитьI'm literally making a web app vulnerability scanner right now for my a level NEA project wow 😂
Ответить<3
ОтветитьDope!
ОтветитьHey from where can i learn python scripting? like to automate tasks and make tools. can you suggest some good resources?
ОтветитьI cannot believe you have never heard of them. We have been using them for like 2 years
ОтветитьDiggin the shirt, I have one myself :D
Ответитьsick!
ОтветитьDon’t sub or like non music but love the video
Ответитьyea synk is also incorporated into chromes dev tools.. if u run lighthouse tests it gens that report and refers u to snyk too good
ОтветитьSuper cool ! Great video as always bro
ОтветитьDon’t forget to register your copy of Sublime Text 😄
ОтветитьGreat ad, John! Thanks for putting this together. I hope they paid you BIG $$$ for that 1/2 hour ad.
ОтветитьFor next vid, please fix your mic settings. Listening through headset. Audio is clipping badly. Turn that gain down a bit 😉
ОтветитьI would have prefer you to disclose the sponsorship at beginning of the video not at 20 seconds from the end.
Otherwise great demo and a lot of potential from using snyk for CTF!
lol "The BESTest todo app "evar"
Ответитьippsec vs john Hammond pls
ОтветитьNice!
ОтветитьThank you for everything you do 😊
ОтветитьThis is definitely a legit tool!! I hope to see more iterations of this in the future as the importance of "shifting left" becomes the norm.
ОтветитьKOTH Nuke button
ОтветитьSir is there any giveaway
ОтветитьI enjoy your videos but your mic is either too close to your mouth or the signal is a bit hot causing distortion. :)
ОтветитьWow Snyk is awesome! What a great idea for security programs for startups and projects and even better it’s open-source !
ОтветитьAmazing video again john. I have a question in order to understand all that kind of web attacks is it better to know the technology like building a node app or php app and see why the vulnerability existed in first place? Like No sql injection etc.
ОтветитьSNYK is OP ❤️
ОтветитьVery interesting topic. I have to say tho, the audio is a bit clippy
ОтветитьThanks to this guy I put my hands on keyboard, Learning all nights a bit of hacking. Thanks John.
ОтветитьThanks for bringing up super cool videos frequently. i'm always excited to watch them out
ОтветитьHello 👋
ОтветитьIt premieres at 3am for me I have to watch it when I wake up.
Ответить