Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

A New Era of SSRF - Exploiting URL Parser in Trending Programming Languages

Black Hat via YouTube

Overview

Explore a groundbreaking exploit technique that unveils a new attack surface for bypassing Server Side Request Forgery (SSRF) protections in this 47-minute Black Hat conference talk. Discover how the inconsistency between URL parsers and URL requesters creates vulnerabilities in popular programming languages such as Python, PHP, Perl, Ruby, Java, JavaScript, Wget, and cURL. Learn about the fuzzing tool used to uncover multiple zero-day vulnerabilities in built-in libraries of these widely-used languages. Gain insights into this general attack approach presented by Orange Tsai, which has significant implications for web security and application development.

Syllabus

A New Era of SSRF - Exploiting URL Parser in Trending Programming Languages!

Taught by

Black Hat

Reviews

Start your review of A New Era of SSRF - Exploiting URL Parser in Trending Programming Languages

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.