A Race Against Time - How to Exploit Race Conditions in Web Apps
Offered By: Ekoparty Security Conference via YouTube
Course Description
Overview
Explore race condition vulnerabilities in web applications through this 32-minute conference talk from Ekoparty 2022. Delve into the increasing prevalence of race condition reports and their significant impact on major platforms. Examine the challenges in detecting and preventing these vulnerabilities, and understand their potential for creating unforeseen states in program code. Learn about real-world attack scenarios, including MFA bypass, anti-brute force mechanism circumvention, and limit overriding. Discover a newly developed penetration testing tool with a distributed approach and a demo web application for hands-on exploration of race condition attacks. Gain insights into the effectiveness of SAST/DAST tools in identifying these vulnerabilities. Benefit from the expertise of Javan Rasokat, a senior application security specialist with extensive experience in secure coding and penetration testing.
Syllabus
Javan Rasokat - A race against time - How to exploit race conditions in web apps - Ekoparty 2022
Taught by
Ekoparty Security Conference
Related Courses
Case Studies in Embedded VR - Silvio Cesare - Ekoparty Security Conference - 2022Ekoparty Security Conference via YouTube The Making of an Aerospace Village Badge - Dan Allen - Ekoparty 2021: Patagon Aerospace
Ekoparty Security Conference via YouTube IIoT, Data Infrastructure, Smart Factory - Sarka Pekarova - Ekoparty 2021: OT - IIOT - IOT Space
Ekoparty Security Conference via YouTube Gotham City- SSH from Zero to Trust - Lucas Calisi - Ekoparty Security Conference - 2021
Ekoparty Security Conference via YouTube Sleight of ARM- Demystifying Intel Houdini - Brian Hong - Ekoparty 2021- Hardware Hacking Space
Ekoparty Security Conference via YouTube