Explore a groundbreaking exploit technique that unveils a new attack surface for bypassing Server Side Request Forgery (SSRF) protections in this 47-minute Black Hat conference talk. Discover how the inconsistency between URL parsers and URL requesters creates vulnerabilities in popular programming languages such as Python, PHP, Perl, Ruby, Java, JavaScript, Wget, and cURL. Learn about the fuzzing tool used to uncover multiple zero-day vulnerabilities in built-in libraries of these widely-used languages. Gain insights into this general attack approach presented by Orange Tsai, which has significant implications for web security and application development.
A New Era of SSRF - Exploiting URL Parser in Trending Programming Languages
Overview
Syllabus
A New Era of SSRF - Exploiting URL Parser in Trending Programming Languages!
Taught by
Black Hat
Related Courses
Related articles
-
10 Best Free Programming Courses
-
10 Best Python Courses for 2024: Charming the Snake
-
15 Best Java Courses for 2024: Write Once, Run Everywhere
-
100+ Free Courses to Learn JavaScript, React, Node
-
10 Best JavaScript Courses for 2024: Create Interactive Websites
-
8 Best Free Ruby & Ruby on Rails Courses for 2024
-
PHP Skill Guide: The 3 Best PHP Online Courses and Certifications
-
8 Best Perl 5 Courses for 2024: Powerful Text Processing
