Getting Clear Text Passwords From An IdP & More

Explore a conference talk from the Hack In The Box Security Conference that delves into privilege escalation methods in Okta, including techniques to obtain clear text passwords of employees and impersonate super-admins. Learn about the research process behind the discovery of these operational risks, dubbed #PassBleed, and gain insights into a knowledge graph-based trust analysis methodology for automating vulnerability discovery, enhancing research team collaboration, and visualizing priorities. Discover how this approach applies to cybersecurity research, featuring technical details on Matrix math, Python code examples, and JSON data analysis. Benefit from the expertise of Gal Diskin, a seasoned cybersecurity and AI researcher with experience across various security domains and a history of presentations at major security conferences.