filmov
tv
DEF CON 23 - Jason Haddix - How to Shot Web: Web and mobile hacking in 2015
Показать описание
2014 was a year of unprecedented participation in crowdsourced and static bug bounty programs, and 2015 looks like a trendmaker. Join Jason as he explores successful tactics and tools used by himself and the best bug hunters. Practical methodologies, tools, and tips make you better at hacking websites and mobile apps to claim those bounties. Convert edge-case vulnerabilities to practical pwnage even on presumably heavily tested sites. These are tips and tricks that the every-tester can take home and use. Jason will focus on philosophy, discovery, mapping, tactical fuzzing (XSS, SQLi, LFI, ++), CSRF, web services, and mobile vulnerabilities. In many cases we will explore these attacks down to the parameter, teaching the tester common places to look when searching for certain bugs. In addition he will cover common evasions to filters and as many time saving techniques he can fit in.
Speaker Bio:
Jason is the Director of Technical Operations at Bugcrowd. Jason trains and works with internal application security engineers to triage and validate hardcore vulnerabilities in mobile, web, and IoT applications/devices. He also works with Bugcrowd to improve the security industries relations with the researchers. Jason’s interests and areas of expertise include, mobile penetration testing, black box web application auditing, network/infrastructural security assessments, binary reverse engineering, and static analysis.
Speaker Bio:
Jason is the Director of Technical Operations at Bugcrowd. Jason trains and works with internal application security engineers to triage and validate hardcore vulnerabilities in mobile, web, and IoT applications/devices. He also works with Bugcrowd to improve the security industries relations with the researchers. Jason’s interests and areas of expertise include, mobile penetration testing, black box web application auditing, network/infrastructural security assessments, binary reverse engineering, and static analysis.
0:48:23
DEF CON 23 - Jason Haddix - How to Shot Web: Web and mobile hacking in 2015
0:39:24
DEF CON 32 - Inside the FBI’s Secret Encrypted Phone Company ‘Anom’ - Joseph Cox
0:16:25
I Went To DEFCON!
0:17:54
DEF CON 23 - Packet Capture Village - Ming Chow - Tools and Techniques Used at the Wall of Sheep
0:06:16
Hacking challenge at DEFCON
0:51:23
DEF CON 23 - Richard Thieme - Hacking the Human Body and Brain
0:47:34
DEF CON 23 - Robinson and Mitchell - Knocking my neighbors kids cruddy drone offline
0:20:06
DEF CON 21 - Jason Staggs - How to Hack Your Mini Cooper
0:50:57
DEF CON 23 - Cory Doctorow - Fighting Back in the War on General Purpose Computers
1:45:26
DEF CON 23 - Panel - WhyMI so Sexy: WMI Attacks - Real Time Defense and Advanced Forensics
0:52:24
DEF CON 24 SE Village - Robert Anderson - US Interrogation Techniques and SE
0:45:26
DEF CON 22 - Jesse Michael and Mickey Shkatov - USB for all!
0:44:41
DEF CON 23 - Aaron Grattafiori - Linux Containers: Future or Fantasy? - 101 Track
0:29:26
DEF CON 23 - Nadeem Douba - BurpKit: Using WebKit to Own the Web
0:41:39
DEF CON 23 - Wesley McGrew - I Hunt Penetration Testers: More Weaknesses in Tools and Procedures
0:51:45
DEF CON 23 - Social Engineering Village - Ian Harris - Understanding Social Engineering Attacks
0:42:55
DEF CON 32 - Counter Deception: Defending Yourself in a World Full of Lies - Tom Cross, Greg Conti
0:23:04
DEF CON 25 Conference - Jason Staggs - Breaking Wind: Adventures Hacking Wind Farm Control Networks
0:44:49
DEF CON 23 - Packet Capture Village - Theodora Titonis - How Machine Learning Finds Malware
0:44:20
DEF CON 24 - Weston Hecker - Hacking Hotel Keys and POS systems
0:46:26
DEF CON 23 - Grant Bugher - Obtaining and Detecting Domain Persistence
0:47:42
DEF CON 23 - Sean Pierce - Abusing Native Shims for Post Exploitation
1:53:53
The Bug Hunter's Methodology Full 2-hour Training by Jason Haddix
0:00:19
Michael vs Jason 🔥 #michaelmyers #jason #halloween
Комментарии