Owning the Message Oriented Middleware - Security Analysis and Attacks

Explore the security aspects of Message Oriented Middleware (MOM) in this audio conference talk by Gursev Singh Kalra. Analyze enterprise messaging security from three perspectives: offensive uses of the Java Messaging Service (JMS) API, vulnerabilities in JMS-compliant message brokers like ActiveMQ, and the application of a new tool called JMSDigger for assessing enterprise messaging applications. Gain insights into authentication bypass techniques, JMS destination dumps, and 0day vulnerabilities through live demonstrations. Learn from Kalra's expertise as a Senior Principal at Foundstone Professional Services and his experience in authoring security whitepapers and tools.