YoVDO

A New Era of SSRF - Exploiting URL Parser in Trending Programming Languages

Offered By: Black Hat via YouTube

Tags

Black Hat Courses Programming Languages Courses Cybersecurity Courses Python Courses Java Courses Javascript Courses Ruby Courses PHP Courses Perl Courses Server-Side Request Forgery (SSRF) Courses

Course Description

Overview

Explore a groundbreaking exploit technique that unveils a new attack surface for bypassing Server Side Request Forgery (SSRF) protections in this 47-minute Black Hat conference talk. Discover how the inconsistency between URL parsers and URL requesters creates vulnerabilities in popular programming languages such as Python, PHP, Perl, Ruby, Java, JavaScript, Wget, and cURL. Learn about the fuzzing tool used to uncover multiple zero-day vulnerabilities in built-in libraries of these widely-used languages. Gain insights into this general attack approach presented by Orange Tsai, which has significant implications for web security and application development.

Syllabus

A New Era of SSRF - Exploiting URL Parser in Trending Programming Languages!


Taught by

Black Hat

Related Courses

Artificial Intelligence for Robotics
Stanford University via Udacity Intro to Computer Science
University of Virginia via Udacity Design of Computer Programs
Stanford University via Udacity Web Development
Udacity Programming Languages
University of Virginia via Udacity