Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Automatic Exploitation of TLS Certificate Validation Vulnerabilities

DEFCONConference via YouTube

Overview

Explore TLS certificate validation vulnerabilities and their exploitation in this DEF CON 31 conference talk that examines the security challenges in TLS implementations. Dive into the complexities of TLS as the standard protocol for securing network connections, focusing on how certificate validation can be compromised despite its promise of confidentiality, integrity, and authentication. Learn about common pitfalls in TLS libraries and frameworks, including insecure default settings and implementation oversights that developers frequently encounter. Witness practical demonstrations using certmitm, a new TLS man-in-the-middle tool that automatically identifies and exploits certificate validation vulnerabilities. Follow along with real-world exploitation examples targeting iOS and Windows 11 systems while gaining deep insights into the mechanisms of insecure TLS certificate validation.

Syllabus

DEF CON 31 - certmitm Automatic Exploitation of TLS Certificate Validation Vulns - Aapo Oksman

Taught by

DEFCONConference

Reviews

Start your review of Automatic Exploitation of TLS Certificate Validation Vulnerabilities

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.