from 11. Network Hacking - Post Connection Attacks - MITM Attacks
on Bypassing HTTPS section of this course. some sites like LinkedIn, StackOverflow were not able to capture. same as what I followed based on the video by Zaid. only vulnweb.com that I can see on bettercap even I execute hstshijack/hstshijack. I was stuck there section because I did not see their capture. same procedure I performed with Zaid.
When you load the HTTPS websites are they being downgraded to HTTP or are they staying as HTTPS?
yes they are staying https even my execution has corrected. I just followed what I’ve seen in the video. what should I do ?
how do I bypassing HTTPS ? it has not been downgraded to HTTP. is there any way to execute ?
When Zaid made this course, those websites didn’t have HSTS yet. But now if you use that tool I shared, you can see they have it now. So if you are wise you will learn something else. This is a waste of your time and is not used anywhere in the real big world. MITM is very useful you just have to know when it is useful. And what Zaid teaches you here is really outdated.
Search “ethical hacking” in the courses and you will see a lot of newer courses.
thanks so much Sir Edwin. Since this course that I used by Zaid has outdated would you suggest if still continue this one ? or find a good one?
one of the mentors here provided that kind of course to me via email. so just a bit confusing if I continue or find a new one. for me, it has been valuable if I can execute some topics from thw course
I don’t know what your intention is.
Do you want to work in cybersecurity? or is it a hobby?
If you want to work in cybersecurity, I would take a course that is recognized worldwide and for which you can also take an official exam. Think of Cisco, Microsoft, Offense security, Comptia, etc… By passing an official exam you will be on top of the pile when you apply for a job. What I also really recommend is HackTheBox and Tryhackme.
But if you do it for the hobby you can just continue with this course.
And I just read an article by someone who hacked the Dutch tax authorities.
When asked which certificates/papers he has, this is his answer:
I can get coffee for the system administrators according to my papers.
So the question is:
What do you know and what do you want to do with it.
The purpose why I purchased this membership is to transition into cybersecurity or to be a pentester. It has to hard to change my career from network engineer to cyber security. when I arrived here 3 weeks ago on this platform someone created me a roadmap and path, provided materials here to pursue my goal. which is this course that I used it was recommended by them. I use this because of my passion and interest not only for a hobby. so there’s a situation I’ve been confusing which good video or material should I use to avoid confusion. Thank you.
If you really want to become a pen tester, hands-on experience is the most important.
If you’ve mastered CTF well, you might want to do bug bountys afterwards. That way you really learn how to pentest.