Submitted by Riyaz Walikar (@riyazw) on Sunday, 21 April 2019
Technical level: Beginner
The key takeways for attendees from this talk would be:
- Introduction to the talk
- Why is XSS bad anyways?
- I’ve Got No BeEF With You
- Demo of a real world account and browser compromise
- Going beyond it’s supposed application
- JS fuzzing engines
- Browser crashes and the $$$
- Server Side JS attacks
- The perils of insecure templating
- Server Side JS injection
- Remote Code Execution
- Client Side JS Attacks
- What’s that in my DOM?
- Case Study of
- Data Theft via a insecure Express app on a Desktop Client
- Breaking filters and Web Application Firewalls
- JS weirdness
- Twisted XSS payloads
- Case Study 1
- Case Study 2
- Session Hijacking using ActionScript and Flash
- Weaponising ActionScript for account takeovers
- Mutation XSS
- Abusing browsers’ code normalisation against them
- Stega whaa?
- Working with Alpha Channels in images
- Hidden in PlainSight
- Attacking NodeJS servers on exposed iOT devices
- What could go wrong you say!
- Closing notes
- The End / Q&A
- Enthusiastic Audience
Riyaz Walikar currently heads the Offensive Security Team at Appsecco and is responsible for the assessment and delivery of Web and Mobile Application Security Testing engagements. He is a OSCP certified Web Application Pentester, security evangelist and researcher. He has been active in the security community for the better part of the last 10 years. He has been actively involved with the Bangalore OWASP and null chapter for the last 7 years and is one of the OWASP Bangalore chapter leads.
He is actively involved with Vulnerability Research in popular Web Applications and Network aware services and has disclosed several security issues in popular software like Apache Archiva, Openfire, Joomla!, EJabberd and has had luck with finding vulnerabilities with popular web applications like Facebook, Twitter, Google, Cisco, Symantec, Mozilla, PayPal, Ebay, Apigee, Yahoo, Adobe, Tumblr, Pinterest etc. for which he is on the Hall of Fame for most of these services. He has also been a speaker and trainer at several security conferences.