Overview
Explore techniques for detecting prototype pollution vulnerabilities at scale in this 38-minute conference talk from NahamCon2021. Learn how to leverage the chromedp package in Go to automate client-side security testing for prototype pollution issues. Discover practical approaches to implement large-scale scanning for this common web application vulnerability, overcoming the challenges of identifying client-side security flaws programmatically. Gain insights into writing efficient Go code to interact with web browsers and analyze JavaScript execution for potential prototype pollution vectors.
Syllabus
NahamCon2021 - Using Chromedp to Hunt for Prototype Pollution - @TomNomNomDotCom
Taught by
NahamSec