YoVDO

A New Era of SSRF - Exploiting URL Parser in Trending Programming Languages

Offered By: Black Hat via YouTube

Tags

Black Hat Courses Programming Languages Courses Cybersecurity Courses Python Courses Java Courses Javascript Courses Ruby Courses PHP Courses Perl Courses Server-Side Request Forgery (SSRF) Courses

Course Description

Overview

Explore a groundbreaking exploit technique that unveils a new attack surface for bypassing Server Side Request Forgery (SSRF) protections in this 47-minute Black Hat conference talk. Discover how the inconsistency between URL parsers and URL requesters creates vulnerabilities in popular programming languages such as Python, PHP, Perl, Ruby, Java, JavaScript, Wget, and cURL. Learn about the fuzzing tool used to uncover multiple zero-day vulnerabilities in built-in libraries of these widely-used languages. Gain insights into this general attack approach presented by Orange Tsai, which has significant implications for web security and application development.

Syllabus

A New Era of SSRF - Exploiting URL Parser in Trending Programming Languages!


Taught by

Black Hat

Related Courses

Introduction to Functional Programming
Delft University of Technology via edX
Introduction to Office 365 Development and APIs
Microsoft via edX
Web Development and Design using Wordpress
California Institute of the Arts via Kadenze
Build a Basic PHP Website Course (How To)
Treehouse
Web Applications for Everybody
Independent