HostSplit - Exploitable Antipatterns in Unicode Normalization
Offered By: Black Hat via YouTube
Course Description
Overview
Explore new exploit techniques leveraging Unicode normalization behavior to bypass URL security filters and enable domain impersonation in this 40-minute Black Hat conference talk. Delve into the HostSplit vulnerability, which allows attackers to create URL strings parsed as one hostname but resolved as another, moving beyond visual spoofing in internationalized domain names. Learn about vulnerable and non-vulnerable systems, testing methodologies, and best practices for mitigation. Presented by Jonathan Birch, this talk covers introduction, agenda, HostSplit explanation, vulnerability assessment, testing procedures, and recommended security practices.
Syllabus
Introduction
Agenda
HostSplit
Whats vulnerable
Whats not vulnerable
How to test
Best practices
Taught by
Black Hat
Related Courses
Computer SecurityStanford University via Coursera Cryptography II
Stanford University via Coursera Malicious Software and its Underground Economy: Two Sides to Every Story
University of London International Programmes via Coursera Building an Information Risk Management Toolkit
University of Washington via Coursera Introduction to Cybersecurity
National Cybersecurity Institute at Excelsior College via Canvas Network