🛝 Slides for this webcast -
www.blackhillsinfosec.com/wp-...
🔗 Register for future webcasts on our BHIS Stadium Hub -
blackhillsinfosec.zoom.us/ze/...
Web and Mobile Vulns We Exploited on Pentests w/ Sean Verity
In this free one-hour Black Hills Information Security (BHIS) webcast, Sean Verity - Security Analyst, will share a mixed bag of high-impact web and mobile vulnerabilities that we found during assessments last year.
We walk through a blind XSS that opened a door to steal password hashes, a couple of leaky password reset features that led to account take over, some IDORs, and more.
Our testers also found a handy mobile feature that lets us export cookies and files from phones, using a web browser -
no jailbreak or rooting necessary.
Sean will be sharing testing take-aways so that you can be a returning champion throughout your pentests this year.
Chat with your fellow attendees in the Black Hills Infosec Discord server here: / discord -- in the #webcast-live-chat channel.
#infosec #pentesting #pentest #redteam
14 фев 2024
