YoVDO

Going Auth The Rails On A Crazy Train

Offered By: Black Hat via YouTube

Tags

Black Hat Courses Cross-Site Scripting (XSS) Courses SQL Injection Courses Cross-Site Request Forgery (CSRF) Courses Authorization Courses

Course Description

Overview

Explore common authentication and authorization pitfalls in Rails applications through this 59-minute Black Hat conference talk. Discover how Rails' convention over configuration approach handles many security concerns, but leaves authentication and authorization largely to developers. Learn about patterns observed in major Rails applications, potential vulnerabilities to watch for, and gain insights into a new dynamic analysis tool designed to help penetration testers navigate Rails authentication and authorization solutions.

Syllabus

Going Auth The Rails On A Crazy Train


Taught by

Black Hat

Related Courses

Attack on Titan M, Reloaded - Vulnerability Research on a Modern Security Chip
Black Hat via YouTube Attacks From a New Front Door in 4G & 5G Mobile Networks
Black Hat via YouTube AAD Joined Machines - The New Lateral Movement
Black Hat via YouTube Better Privacy Through Offense - How to Build a Privacy Red Team
Black Hat via YouTube Whip the Whisperer - Simulating Side Channel Leakage
Black Hat via YouTube