YoVDO

HostSplit - Exploitable Antipatterns in Unicode Normalization

Offered By: Black Hat via YouTube

Tags

Black Hat Courses Web Development Courses Cybersecurity Courses

Course Description

Overview

Explore new exploit techniques leveraging Unicode normalization behavior to bypass URL security filters and enable domain impersonation in this 40-minute Black Hat conference talk. Delve into the HostSplit vulnerability, which allows attackers to create URL strings parsed as one hostname but resolved as another, moving beyond visual spoofing in internationalized domain names. Learn about vulnerable and non-vulnerable systems, testing methodologies, and best practices for mitigation. Presented by Jonathan Birch, this talk covers introduction, agenda, HostSplit explanation, vulnerability assessment, testing procedures, and recommended security practices.

Syllabus

Introduction
Agenda
HostSplit
Whats vulnerable
Whats not vulnerable
How to test
Best practices


Taught by

Black Hat

Related Courses

Software as a Service
University of California, Berkeley via Coursera Intro to Computer Science
University of Virginia via Udacity Web Development
Udacity Software Engineering for SaaS
University of California, Berkeley via Coursera CS50's Introduction to Computer Science
Harvard University via edX