Overview
Syllabus
about me
Blind XXE
Stopping XXE
JSON serialization
Deserialization Attack Gadgets
Custom deserialization attacks
Underlying cause
Stopping insecure deserialization
Templating frameworks
Testing for template injection
Stopping template injection
Common mistakes
Server side requests
SSRF - Server-Side Request Forgery
SSRF - internal services
IP-adresses - Blacklisting is hard...
Broken URL parsing
Protection
Subdomain takeover/hijacking
Cloud services
Example
Subdomain takeover - Impact
Crowd demo
Tricky headers
Complicating the attack
Stopping web cache poisoning
What is this?
GraphQL gotchas
Resources
Taught by
NDC Conferences