Abstract

Subdomain takeover attacks are a class of security issues where an attacker is able to seize control of an organization's subdomain via cloud services like AWS, Heroku or Azure. They commonly happen when web projects are ended but the subdomain DNS entries are not fully shut down.

This talk will be focused on covering its basics along the following lines:

• DNS, CNAME
• Where do developers make mistake ?
• What is Subdomain Takeover ?
• Workflow and Automation
• Live Demo

Speaker

Aishwarya Kendle & Prateek Thakare

• Final Year CSE Undergrad
• Technology Intern at RBL Bank
• Bugcrowd Top 800
• Part time bug bounty hunter

Timing

Starts at Saturday June 20 2020, 12:05 PM. The sessions runs for about 1 hour.

Resources