Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Down the Rabbit Hole - A Journey Towards a Weakness in Chrome and a New Hacking Technique

Hack in Paris via YouTube

Overview

Embark on a captivating 36-minute conference talk from Hack in Paris that unveils a groundbreaking journey into web security vulnerabilities. Follow Gil Cohen, an experienced application security expert, as he delves into how a simple CRLF injection vulnerability led to the discovery of a new weakness in Chrome and other browsers, as well as a novel XSS-like hacking technique. Explore the concept of Frontend server hijacking, or "Frontjacking," which combines CRLF injection, poorly configured servers, and shared hosting to bypass existing security defenses such as CSP, HttpOnly cookie attributes, WAFs, CORS, and HTTPS. Gain insights into this innovative attack method that allows execution of reflected XSS and phishing-related payloads, potentially revolutionizing the field of web application security.

Syllabus

Down the rabbit hole: a journey towards a weakness in chrome & a new hacking technique by Gil COHEN

Taught by

Hack in Paris

Reviews

Start your review of Down the Rabbit Hole - A Journey Towards a Weakness in Chrome and a New Hacking Technique

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.