Overview
Explore modern web application vulnerabilities in this 42-minute conference talk. Gain insights into emerging bug classes popularized by bug bounty programs. Learn how these vulnerabilities occur in contemporary web applications, discover techniques for identifying them, and understand effective mitigation strategies. Delve into topics such as XML issues, insecure serialization, server-side request forgery, template injection, insecure resource sharing, DNS squatting, and web cache poisoning. Examine cache headers, URL parameters, and their impact on security. Acquire valuable resources and practical knowledge to enhance your web application security practices.
Syllabus
Introduction
XML
Insecure serialization
Serverside request forgery
Template injection
Insecure resource sharing
DNS squatting
Web cache poisoning
Cache headers
URL parameters
How to stop it
Resources
Taught by
NDC Conferences