YoVDO

A Race Against Time - How to Exploit Race Conditions in Web Apps

Offered By: Ekoparty Security Conference via YouTube

Tags

Ekoparty Security Conference Courses Penetration Testing Courses Parallel Programming Courses Race Conditions Courses Web Application Security Courses Vulnerability Assessment Courses

Course Description

Overview

Explore race condition vulnerabilities in web applications through this 32-minute conference talk from Ekoparty 2022. Delve into the increasing prevalence of race condition reports and their significant impact on major platforms. Examine the challenges in detecting and preventing these vulnerabilities, and understand their potential for creating unforeseen states in program code. Learn about real-world attack scenarios, including MFA bypass, anti-brute force mechanism circumvention, and limit overriding. Discover a newly developed penetration testing tool with a distributed approach and a demo web application for hands-on exploration of race condition attacks. Gain insights into the effectiveness of SAST/DAST tools in identifying these vulnerabilities. Benefit from the expertise of Javan Rasokat, a senior application security specialist with extensive experience in secure coding and penetration testing.

Syllabus

Javan Rasokat - A race against time - How to exploit race conditions in web apps - Ekoparty 2022


Taught by

Ekoparty Security Conference

Related Courses

Case Studies in Embedded VR - Silvio Cesare - Ekoparty Security Conference - 2022
Ekoparty Security Conference via YouTube
The Making of an Aerospace Village Badge - Dan Allen - Ekoparty 2021: Patagon Aerospace
Ekoparty Security Conference via YouTube
IIoT, Data Infrastructure, Smart Factory - Sarka Pekarova - Ekoparty 2021: OT - IIOT - IOT Space
Ekoparty Security Conference via YouTube
Gotham City- SSH from Zero to Trust - Lucas Calisi - Ekoparty Security Conference - 2021
Ekoparty Security Conference via YouTube
Sleight of ARM- Demystifying Intel Houdini - Brian Hong - Ekoparty 2021- Hardware Hacking Space
Ekoparty Security Conference via YouTube