It's also worth that the author doesn't go too much into detail of the how, and focuses more on the what
> With my first account, I started using YouTube, trying every feature, pressing every button I could find, and whenever I saw an HTTP request with a video ID in it, I changed it to the target Private video
Was this done with some tooling or scripts, or purely by eyeing devtools? I could see that step for example being very similar to "parse WireShark logs", for example.
I agree that the level of detail included makes it fairly readable without being to scary to non-experts.
Pretty much every single web vulnerability researcher uses it, to the point of absurdity. Squint hard enough and screwdrivers have a familiar shape, so you of course you look for a big enough hammer.
> With my first account, I started using YouTube, trying every feature, pressing every button I could find, and whenever I saw an HTTP request with a video ID in it, I changed it to the target Private video
Was this done with some tooling or scripts, or purely by eyeing devtools? I could see that step for example being very similar to "parse WireShark logs", for example.
I agree that the level of detail included makes it fairly readable without being to scary to non-experts.