YoVDO

Hook, Line and Sinker - Pillaging API Webhooks

Offered By: Security BSides San Francisco via YouTube

Tags

Security BSides Courses Cybersecurity Courses Cloud Security Courses Webhooks Courses

Course Description

Overview

Dive into the world of API webhook security with this 33-minute conference talk from Security BSides San Francisco. Explore the concept of "Webhook Boomerang flaws" and learn how these unique attack vectors can be exploited to perform Server-Side Request Forgery (SSRF) against webhooks. Discover how these attacks can lead to cloud-credential compromise, even in the presence of security protections like Metadata Headers. Gain valuable insights into the vulnerabilities of modern web services and understand the potential risks associated with webhook implementations.

Syllabus

BSidesSF 2022 - Hook, Line and Sinker - Pillaging API Webhooks (Abhay Bhargav)


Taught by

Security BSides San Francisco

Related Courses

ASP.NET Core: Communication Management
LinkedIn Learning
Create Serverless Applications
Microsoft via Coursera
Dialogflow Tutorial EspaƱol
YouTube
Chatbots de Cero a Ninja con Dialogflow
YouTube
Integrating Ansible with Slack
Pluralsight