Rootconf Sessions

Presentations on DevOps and Dev-Oops

Attend Submit a session proposal

Web exploitation - Offensive way to Hunt Bugs

Submitted by Pritam Singh (@prisingh) on Feb 29, 2020

Status: Rejected

Abstract

Application security testing is the act of finding security vulnerabilities proactively and responsibly disclosing it to the security team in an ethical way.
The audience will be going to learn most of the vulnerabilities of OWASP TOP 10 & basic’s of Application Security Testing (AST) with a burp suite tool and
this will be going to help them to look for the security vulnerabilities in our own product and code.

Outline

The agenda will be like:
* Goal and Introduction to burp suite tool
* Common Vulnerabilities in OWASP Top 10
* Demonstration of web vulnerabilities exploitation:
- XSS and different endpoints to exploit it
- Host Header Injection ( redirection, cache poisoning & password reset poisoning )
- URL/Open Redirection
- Parameter Tampering
- Email spoofing/Missing or insufficient SPF record
and many more.

Speaker bio

Pritam is a Associate QE with Red Hat. He is a security researcher, WebApp security tester, and has experience in finding numerous vulnerabilities in responsible disclosure programs.

Comments

{{ gettext('Login to leave a comment') }}

{{ gettext('You need to be a participant to comment.') }}

{{ formTitle }}
{{ gettext('Post a comment...') }}
{{ gettext('New comment') }}

{{ errorMsg }}