https://stream.echo6.co/videos/watch/c41fedf3-8c06-44d1-b497-fd75e3ad9e1e Check out Snyk here: https://snyk.co/ippsec 00:00 - Introduction talking about the application we are testing and identifying NoSQL Injection with $ne 02:30 - Showing the RegEx Operator, which will let us do partial matches and enable us to validate characters one at a time 03:32 - Start of sponsored shoutout to snyk 04:15 - Showing Snyk find some vulnerabilities with Open Source Security 04:40 - Showing Snyk's Code Security 05:54 - Showing and talking about how to patch the vulnerability 07:37 - End of Snyk Shoutout, starting our python script to perform this NoSQL Injection 10:20 - Testing out our test_login logic to identify if we had a successful login or not 11:05 - Showing how we can identify the length of the string we want 13:20 - Creating a loop to automatically identify the length of the string 15:20 - Adding exception handling to the function and talking about the benefits 17:40 - Creating a function to get the username 20:30 - Explaining what our Get_Username function currently does 22:25 - Doing a benchmark on our first iteration of the script and seeing it takes slightly over 3 minutes 24:10 - Adding in a break so it doesn't loop over the full character set every time which gets us to 32 seconds 26:00 - Talking about the major optimization trick we are going to do, validating multiple characters at one time 27:20 - Breaking the enumerating a single character into its own function for exception-handling purposes 29:20 - Start of coding the optimization trick 35:06 - Running our code and seeing we got it down to 12 seconds. Moving on to testing the password. Wed, 15 Apr 2026 11:32:08 GMT https://validator.w3.org/feed/docs/rss2.html PeerTube - https://stream.echo6.co https://stream.echo6.co/client/assets/images/icons/icon-512x512.png https://stream.echo6.co/videos/watch/c41fedf3-8c06-44d1-b497-fd75e3ad9e1e All rights reserved, unless otherwise specified in the terms specified at https://stream.echo6.co/about and potential licenses granted by each content's rightholder.