YoVDO

TruffleHog Chrome Extension - Open CORS in SAAS API's Lead to Leaky Keys

Offered By: HackerOne via YouTube

Tags

H@cktivitycon Courses Web Development Courses Cybersecurity Courses API Security Courses Chrome Extensions Courses Cross-Origin Resource Sharing (CORS) Courses

Course Description

Overview

Discover how to uncover hidden API keys using the open-source TruffleHog Chrome extension in this 25-minute talk by HackerOne. Learn about the potential security risks associated with open CORS in SaaS APIs and how they can lead to exposed keys. Follow along as Dylan demonstrates the tool's functionality, shares real-world examples of discovered keys, and provides a step-by-step guide on effectively utilizing the extension for your own security assessments.

Syllabus

TruffleHog Chrome Extension : Open CORS in SAAS API's Lead to Leaky Keys | @TruffleSecurity


Taught by

HackerOne

Related Courses

Azure for Developers: Implementing and Developing Functions
LinkedIn Learning Web Security: Same-Origin Policies
LinkedIn Learning Configuring CORS in ASP.NET and ASP.NET Core
Pluralsight Securing and Protecting Your Data in Amazon Simple Storage Service (Amazon S3) (Traditional Chinese)
Amazon Web Services via AWS Skill Builder Securing and Protecting Your Data in Amazon Simple Storage Service (Amazon S3) (Korean)
Amazon Web Services via AWS Skill Builder