YoVDO

Dangling Packages Leading to RCE

Offered By: nullcon via YouTube

Tags

nullcon Courses Cybersecurity Courses Remote Code Execution (RCE) Courses JSON Courses Remote Code Execution Courses

Course Description

Overview

Explore dependency confusion attacks in this 30-minute webinar from nullcon. Discover how developers inadvertently leave non-standard node and Python packages in project JSON files, creating vulnerabilities that attackers can exploit. Learn how malicious actors can claim and publish these packages, leading to remote code execution when victims install them using standard procedures. Witness real-world proof of concepts and practical demonstrations of these attack vectors. Presented by Prasoon Gupta, an Application Security Engineer and Bug Bounty Hunter, this talk provides valuable insights into securing your development process against RCE threats stemming from dangling packages.

Syllabus

Dangling Packages leading to RCE | Prasoon Gupta | Nullcon Webinar 2021


Taught by

nullcon

Related Courses

Bug Bounty In Hindi
YouTube CVE Series: Confluence RCE (CVE-2022-26134)
Cybrary Achieving Linux Kernel Code Execution Through a Malicious USB Device
Black Hat via YouTube Towards Discovering Remote Code Execution Vulnerabilities in Apple FaceTime
Black Hat via YouTube Browser Hacking With ANGLE
Hack In The Box Security Conference via YouTube