The Forbidden Image - Security Impact of SVG on the WWW - Mario Heiderich - Hack in Paris
Offered By: Hack in Paris via YouTube
Course Description
Overview
Explore the security implications of Scalable Vector Graphics (SVG) on the World Wide Web in this 23-minute conference talk from Hack in Paris. Delve into the powerful features of SVG, including its vector-based structure, XML format, and additional modules like animations and scripting APIs. Examine the potential risks associated with SVG implementation, learn about attacker abuse techniques, and discover methods for executing malicious code. Gain insights into the impact of HTML5 on SVG usage and understand the importance of SVG variants like SVG Tiny and in-line SVG for security professionals. Witness examples of malicious SVGs and explore a novel filtering tool for sanitizing SVG images without compromising content integrity.
Syllabus
Intro
What is SVG
History of SVG
Basic SVG
SVG family
SVG features
Tiger
SVG in scripting
How to deploy SVG
Security boundaries
Taught by
Hack in Paris
Related Courses
NetflOSINT- Taking an Often-Overlooked Data Source and Operationalizing It - Joe Gray - Hack in ParisHack in Paris via YouTube All Roads Lead to OpenVPN Pwning Industrial Remote Access Clients - Sharon Brizinov - Hack in Paris - 2021
Hack in Paris via YouTube Exploits in Wetware - R. Sell - Hack in Paris - 2019
Hack in Paris via YouTube All Your GPS Trackers Belong to Us - C. Kasmi, P. Barre - Hack in Paris - 2019
Hack in Paris via YouTube In NTDLL I Trust - Process Reimaging and Endpoint Security Solution Bypass - E. Carroll - Hack in Paris - 2019
Hack in Paris via YouTube