Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Exploiting Race Condition Vulnerabilities in Web Applications

Hack In The Box Security Conference via YouTube

Overview

Explore race condition vulnerabilities in web applications through this comprehensive conference talk from the Hack In The Box Security Conference. Dive into the increasing prevalence of race condition reports and their significant impact on major platforms. Understand the challenges in detecting these vulnerabilities and their potential for exploitation. Learn about various attack scenarios, including MFA bypass, anti-brute force mechanism circumvention, and limit overriding. Examine a custom-developed penetration testing tool and a vulnerable demo application to witness real-world attack scenarios. Gain insights into the limitations of current SAST/DAST tools in preventing and testing for race condition vulnerabilities. Master the concepts of Race Condition and TOCTOU vulnerabilities, their attractiveness to attackers, and their often-overlooked nature in penetration testing. Discover how easily these vulnerabilities can exist in various web programming languages and frameworks. Acquire practical skills for identifying and testing race conditions during penetration testing, guided by the expertise of Javan Rasokat, a senior application security specialist with extensive experience in secure coding and vulnerability research.

Syllabus

#HITB2022SIN #COMMSEC Exploiting Race Condition Vulnerabilities In Web Applications - Javan Rasokat

Taught by

Hack In The Box Security Conference

Reviews

Start your review of Exploiting Race Condition Vulnerabilities in Web Applications

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.