Server-Side Prototype Pollution: Detection and Exploitation Techniques - OWASP AppSec Dublin

Server-Side Prototype Pollution: Detection and Exploitation Techniques - OWASP AppSec Dublin

OWASP Foundation via YouTube Direct link

Generic prototype pollution detection in Blitz

13 of 19

13 of 19

Generic prototype pollution detection in Blitz

Class Central Classrooms beta

YouTube videos curated by Class Central.

Classroom Contents

Server-Side Prototype Pollution: Detection and Exploitation Techniques - OWASP AppSec Dublin

Automatically move to the next video in the Classroom when playback concludes

  1. 1 Intro
  2. 2 Prototype chain
  3. 3 Merge operation
  4. 4 Recursive merge function
  5. 5 Encoding property takes the server down
  6. 6 Change the maximum allowed parameters
  7. 7 Allow multiple question marks in param
  8. 8 Convert a parameter into an object
  9. 9 Change the charset of a JSON response
  10. 10 Investigating the charset technique
  11. 11 Change the padding of a JSON response
  12. 12 Change the status code
  13. 13 Generic prototype pollution detection in Blitz
  14. 14 A generic prototype pollution technique
  15. 15 Asynchronous payloads problem
  16. 16 Leaking code
  17. 17 Detecting JavaScript engines
  18. 18 Open source tool
  19. 19 Preventing prototype pollution

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.