YoVDO

Hook, Line and Sinker - Pillaging API Webhooks

Offered By: Security BSides San Francisco via YouTube

Tags

Security BSides Courses Cybersecurity Courses Cloud Security Courses Webhooks Courses

Course Description

Overview

Dive into the world of API webhook security with this 33-minute conference talk from Security BSides San Francisco. Explore the concept of "Webhook Boomerang flaws" and learn how these unique attack vectors can be exploited to perform Server-Side Request Forgery (SSRF) against webhooks. Discover how these attacks can lead to cloud-credential compromise, even in the presence of security protections like Metadata Headers. Gain valuable insights into the vulnerabilities of modern web services and understand the potential risks associated with webhook implementations.

Syllabus

BSidesSF 2022 - Hook, Line and Sinker - Pillaging API Webhooks (Abhay Bhargav)


Taught by

Security BSides San Francisco

Related Courses

Computer Security
Stanford University via Coursera Cryptography II
Stanford University via Coursera Malicious Software and its Underground Economy: Two Sides to Every Story
University of London International Programmes via Coursera Building an Information Risk Management Toolkit
University of Washington via Coursera Introduction to Cybersecurity
National Cybersecurity Institute at Excelsior College via Canvas Network