Overview
Explore modern web application vulnerabilities beyond the OWASP Top 10 in this 47-minute conference talk from NDC Security 2018. Delve into emerging vulnerability classes gaining popularity through bug bounty programs. Learn about XML External Entity, Serialization, Server-side Request Forgery, Template Injection, Insecure Course, and Subdomain Takeover. Gain insights on how these vulnerabilities occur in modern web applications, methods for detection, and strategies for mitigation. Speaker Erlend Oftedal provides a comprehensive walkthrough, complete with examples and valuable resources to enhance your understanding of cutting-edge web security challenges.
Syllabus
Intro
OS Top 10
XML External Entity
Serialization
Serverside request forgery
Template injection
Insecure course
Subdomain takeover
Example
Resources
Taught by
NDC Conferences