The Road Towards 365 Bugs in Microsoft Office 365
Offered By: Hack In The Box Security Conference via YouTube
Course Description
Overview
Explore the journey of discovering 365 valid bugs in Microsoft Office 365 applications in this 45-minute conference talk from the Hack In The Box Security Conference. Delve into the security vulnerabilities found in the world's productivity cloud, used by millions of companies and billions of users worldwide. Learn about bounty award-winning bugs, including cross-tenant privacy leaks, Power Apps Portals vulnerabilities, SQL injection, CSRF, and SSRF in Dynamics 365, privilege escalation issues in SharePoint Online, XSS vulnerabilities in Outlook, and rate limiting problems. Gain insights into XSS issues discovered across various Microsoft 365 services, including Admin Centre, OneDrive, Word, Excel, PowerPoint, OneNote, Yammer, Microsoft Forms, Kaizala, Stream, Video 365, Azure, and Security & Compliance services. Discover valuable tips and tricks for staying ahead in testing new and upcoming Office 365 features, presented by Ashar Javed, a seasoned security engineer and researcher recognized as a top contributor to Microsoft's Security Response Center.
Syllabus
#HITBCyberWeek D2T2 - The Road Towards 365 Bugs in Microsoft Office 365
Taught by
Hack In The Box Security Conference
Related Courses
OWASP Top 10 - A10:2021 - Server-Side Request Forgery (SSRF)Cybrary Popular Web Attacks - XSS, CSRF, SSRF, SQL Injection, MIME Sniffing, Smuggling and More
Hussein Nasser via YouTube API-Induced SSRF - How Apple Pay Scattered Vulnerabilities Across the Web
Black Hat via YouTube A New Era of SSRF - Exploiting URL Parser in Trending Programming Languages
Black Hat via YouTube SSRF PWNs - New Techniques and Stories
Hack In The Box Security Conference via YouTube