Completed
Open Graph hijacking
Class Central Classrooms beta
YouTube videos curated by Class Central.
Classroom Contents
Practical Web Cache Poisoning - Redefining 'Unexploitable'
Automatically move to the next video in the Classroom when playback concludes
- 1 Intro
- 2 Param Miner
- 3 Outline
- 4 Caching Threat Landscape
- 5 Cache poisoning objective
- 6 Cache keys
- 7 Cache key collisions
- 8 Cache Poisoning Methodology
- 9 Trusting headers
- 10 Unkeyed input detection
- 11 Explore and Inject
- 12 Seizing the Cache
- 13 Selective poisoning
- 14 DOM Poisoning
- 15 Mystery Interaction
- 16 Mozilla SHIELD
- 17 Chaining Unkeyed Inputs
- 18 Hidden Route Poisoning
- 19 Resource Hijacking
- 20 Open Graph hijacking
- 21 Cross-Cloud Poisoning: Cloudflare
- 22 Beyond fake hosts
- 23 External cache poison (1/3)
- 24 Internal cache poison (2/3)
- 25 Drupal Open redirect (3/3)
- 26 Combining ingredients
- 27 Defense
- 28 Takeaways