The Evil Alt-Ego - Abusing HTTP Alternative Services
Offered By: Black Hat via YouTube
Course Description
Overview
Explore the potential security vulnerabilities and exploits associated with the HTTP Alternative Services header (Alt-Svc, RFC 7838) in this 33-minute Black Hat conference talk. Delve into how this header, originally introduced in 2013 to improve load balancing, protocol optimizations, and client segmentation, can be manipulated for malicious purposes. Learn about the unintended consequences and potential risks of this well-intentioned feature as presented by David Starobinski, Trishita Tiwari, and Ari Trachtenberg. Gain insights into the security implications of Alt-Svc and understand how it can be abused by attackers to compromise web security.
Syllabus
The Evil Alt-Ego: (ab)using HTTP Alternative Services
Taught by
Black Hat
Related Courses
Computer SecurityStanford University via Coursera Cryptography II
Stanford University via Coursera Malicious Software and its Underground Economy: Two Sides to Every Story
University of London International Programmes via Coursera Building an Information Risk Management Toolkit
University of Washington via Coursera Introduction to Cybersecurity
National Cybersecurity Institute at Excelsior College via Canvas Network