Exploiting Web Messaging Implementations

Embark on a journey exploring the intricacies of web messaging vulnerabilities in this insightful conference talk by Barak Tawily, CTO of enso.security. Delve into the speaker's personal experience identifying post messages vulnerabilities, conducting in-depth research, and developing a powerful tool for researchers to uncover similar issues. Gain a comprehensive understanding of cross-document messaging fundamentals and learn about common mistakes made by developers in this area. Witness live demonstrations of open-source tools and discover real-world vulnerabilities that have since been addressed by vendors. This 58-minute presentation, managed by the OWASP® Foundation, offers valuable insights for security professionals and developers alike, enhancing their ability to identify and mitigate web messaging implementation flaws.