#NahamCon2022EU: Story of an RCE on Apple Through Hot Jar Swapping by Frans Rosen

Показать описание

#NahamCon2022EU is a virtual offensive security. This year's event was hosted by Farrah Hawa & InsidePhD!

Thank you to our sponsors for making this conference happen!

Frans Rosén is a highly skilled security researcher, tech entrepreneur and a security advisor at Detectify. He is a top ranked participant of bug bounty programs and two times winner of HackerOne's prestigious Most Valuable Hacker award. Frans is passionate about making the internet a safer place, and has stood behind numerous security research articles that has resulted in revised policies at AWS, Slack and Google Chrome. His security writeup continuously receive international coverage in numerous publications such as WIRED, Mashable, Observer, BBC, Ars Technica and Motherboard.

Free $100 DigitalOcean Credit:

Follow me on social media:

NahamSec

Рекомендации по теме

Комментарии

Absolute legendary finding. It was fun watching you go from idea to execution! 👏

ziot

This is the best walk through of a POC I’ve ever seen! I am on the blue side and read PoCs a lot. Not only that, you will probably hear about it very soon in cyber news. There’s a reason I stumbled on this video.

ccs

the reason compressed more than AADAF is because for the former you just need to store two piece of info - "A" and its length. But the latter you need essentially 5 piece of information, in order to reproduce the original data.

tthtlc

This man is great, is the only one I follow on H1

abdeabdc

Nice work, and a really good presentation 👍😀

jesperwall

I tried to keep up but at some point it started to become a bit blur in my head. I love how you explained all your process, this gave me some ideas for my upload testing methodology 🔥 The goat

sharghaas

#NahamCon2022EU: Story of an RCE on Apple Through Hot Jar Swapping by Frans Rosen

#NahamCon2022EU: Story of an RCE on Apple Through Hot Jar Swapping by Frans Rosen

#NahamCon2022EU: Managing a Bug Bounty Program From a Hacker's Perspective by @0xlupin

#NahamCon2022EU: I Hope This Sticks: Analyzing ClipboardEvent Listeners for XSS by spaceraccoon

#NahamCon2022EU: Till REcollapse: Fuzzing the Web for Mysterious Bugs by @0xacb

#NahamCon2022EU: RTFR (Read The Bleeping RFC)' by securinti

#NahamCon2022EU: Attacking Wide Scopes by @Hussein98d

#NahamCon2022EU: Command-Line Data-Wrangling by Tomnomnom

#NahamCon2022EU: Hunting for Amazon Cognito Security Misconfigurations by@yassineaboukir

Telegram Remote Code Execution PoC

Nahamcon 2022 - @insecurenature: Cloud hacking: malware not needed

How to Directory Brute Force Properly

NahamCon EU CTF 2022 - Quick writeups (10 easy challenges)

TCP For Hackers: How Does nmap Work? (with @ChrisGreer​)

Top-Tier Bug Bounty Hunter Mindset - Yassine Aboukir KEYNOTE at BSides Ahmedabad 2022

#NahamCon2022 - Jason Haddix (@jhaddix): The Bug Hunter’s Methodology: Application Analysis v1

NahamCon CTF 2022: Wizard

How to Find More Subdomains (Using Permutations)!

Demystifying Bug Bounties: Insights from a Decade of Experience - Yassine Aboukir

Mindset After 7 years of Bug Bounty | IWCON-S22 Talk by Hussein Daher

Frans Rosén - Breaking and abusing specifications and policies - SecurityFest 2018

NahamCon2022 - seanyeoh & devec0: Continuous Intrusion: Hacking CI Systems

MTH101 (Calculus & Analytical Geometry) Assignment Number 2, Spring 2022. 100% Correct Solution

TCP For Hackers: How Does nmap Work? (with @ChrisGreer)