Abstract

Doing a source code review to exploit vulnerabilities like:

1- Type juggling
2- Advance 2nd order SQL Injection
3- Pass-the-hash
4- {{SSTI}} (Server Side Template Injection)
At the end creating a python script to automate the attack

Speaker

Raunak parmar

Raunak Parmar works as a Lead Penetration Tester. Web/Cloud security, source code review, scripting, and development are some of his interests, and familiar with PHP, NodeJs, Python, Ruby, and Java. He is OSWE certified and the author of Vajra & 365-Stealer.

Timing

Starts at Saturday November 09 2019, 10:45 AM. The sessions runs for about 1 hour.

Resources