Bypass Surgery - Abusing Content Delivery Networks

Bypass Surgery - Abusing Content Delivery Networks

Black Hat via YouTube Direct link

Intro

1 of 23

1 of 23

Intro

Class Central Classrooms beta

YouTube videos curated by Class Central.

Classroom Contents

Bypass Surgery - Abusing Content Delivery Networks

Automatically move to the next video in the Classroom when playback concludes

  1. 1 Intro
  2. 2 Matthew Bryant (mandatory)
  3. 3 Content Delivery Networks
  4. 4 What happened?
  5. 5 A Divided Penetration Testing Scope
  6. 6 SRV Record Enumeration
  7. 7 subbrute - Internal Network Assessment
  8. 8 NOERROR?
  9. 9 Server Trust
  10. 10 Search for Cross Domain Proxy
  11. 11 SSRF tools
  12. 12 Access to the Web Server's localhost
  13. 13 Access to Internal Network Hardware
  14. 14 SSRF Questions
  15. 15 What's an origin?
  16. 16 Differences between JavaScript and Flash
  17. 17 Example Crossdomain.xml File
  18. 18 The Check
  19. 19 FlowPlayer Bypass #1 - The Bypass
  20. 20 Full Exploit Flow
  21. 21 Bypassing HTTP Content Security Policy
  22. 22 Remediation
  23. 23 Future Security Research

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.