Everything You Wanted to Know About Client-Side CSRF But Were Afraid to Ask
Offered By: OWASP Foundation via YouTube
Course Description
Overview
Explore the intricacies of Client-side Cross-Site Request Forgery (CSRF) in this comprehensive 54-minute conference talk by Soheil Khodayari, presented by the OWASP Foundation. Delve into the problem statement, static analysis techniques, and detection challenges associated with client-side CSRF. Learn about the JAW data collection method, Hybrid Property Graphs (HPGs) as building blocks, and their role in symbolic models and semantic types propagation. Examine vulnerability analysis techniques, evaluation of forgeable requests, and gain insights into JAW's scalability and performance. Enhance your understanding of CSRF security concerns and mitigation strategies in web applications.
Syllabus
Intro
Cross-Site Request Forgery (CSRF)
Client-side CSRF: Problem Statement
Static Analysis (to the Rescue)
Static Analysis (Cont'd)
Client-side CSRF: Exemplifying Detection Challenges
Other General Challenges for CSRF
JAW: Data Collection
Hybrid Property Graphs (HPGs): Building Blocks
HPGs: Symbolic Models and Semantic Types Propagation
Vulnerability Analysis
Evaluation: Forgeable Requests
JAW: Scalability and Performance
Taught by
OWASP Foundation
Related Courses
Secure Software Development: Verification and More Specialized TopicsLinux Foundation via edX Developing Secure Software
LinkedIn Learning Ethical Hacking: Mobile Devices and Platforms
LinkedIn Learning Tüm Aşamalarıyla İnşaat Eğitimi - AUTOCAD/STA4/EXCEL/PROJECT
Udemy Mobile Security: Reverse Engineer Android Apps From Scratch
Udemy