Exploiting CORS Misconfigurations for Bitcoins and Bounties - AppSec EU 2017

Exploiting CORS Misconfigurations for Bitcoins and Bounties - AppSec EU 2017

OWASP Foundation via YouTube Direct link

PENTESTER LESSONS

16 of 21

16 of 21

PENTESTER LESSONS

Class Central Classrooms beta

YouTube videos curated by Class Central.

Classroom Contents

Exploiting CORS Misconfigurations for Bitcoins and Bounties - AppSec EU 2017

Automatically move to the next video in the Classroom when playback concludes

  1. 1 Intro
  2. 2 A MORAL STORY
  3. 3 OVERVIEW
  4. 4 CORE CONCEPT
  5. 5 WILDCARDS
  6. 6 SOLUTION
  7. 7 ORIGIN REFLECTION
  8. 8 STARTSWITH
  9. 9 ENDSWITH
  10. 10 NULL ORIGIN
  11. 11 exHTTPS
  12. 12 SUBDOMAINS
  13. 13 TUNNELLING
  14. 14 CACHE POISONING: CLIENT-SIDE
  15. 15 CACHE POISONING: SERVER-SIDE
  16. 16 PENTESTER LESSONS
  17. 17 SPEC LESSONS
  18. 18 BROWSER LESSONS • Multiple origins
  19. 19 DEVELOPER LESSONS
  20. 20 TAKE-AWAYS
  21. 21 FURTHER READING

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.