Talks

Upcoming

Server Side Prototype Pollution: Blackbox detection without the DoS

Conferences

OWASP 2023 Global AppSec Dublin, 15 Feb 2023, 16:30 UTC

Nullcon Berlin 2023, 09 Mar 2023

Detecting server side prototype pollution legitimately is quite difficult because it involves changing the state of Object prototypes on the server and that can almost certainly cause DoS. I've created multiple techniques that allow you to detect SSPP without bringing the server to its knees and without needing the source code.

I'll talk about how you can detect server side prototype pollution and the pros and cons of each technique and show you how to detect the type of JavaScript engine being used on some sites all blackbox with specially crafted requests. Finally I'll share an open source Burp extension that will help you detect SSPP using Burp Suite and wrap up with defensive measures you can take, takeaways and leave 5 minutes for questions.

Talks

Upcoming

Server Side Prototype Pollution: Blackbox detection without the DoS

Conferences

Previous

Browser-Powered Desync Attacks: A New Frontier in HTTP Request Smuggling

Hunting evasive vulnerabilities: finding flaws that others miss

HTTP/2: The Sequel is Always Worse

Black Hat Europe Locknote: Conclusions and Key Takeaways

Portable Data exFiltration: XSS for PDFs

Web Cache Entanglement: Novel Pathways to Poisoning

XSS Magic Tricks

HTTP Desync Attacks: Smashing into the Cell Next Door

Turbo Intruder: Embracing the billion-request attack

Practical Web Cache Poisoning: Redefining 'Unexploitable'

Exploiting Unknown Browsers and Objects

DOM based AngularJS Sandbox Escapes

Cracking the Lens: Targeting HTTP's Hidden Attack-Surface

Exploiting CORS Misconfigurations for Bitcoins and Bounties

Backslash Powered Scanner: Automating Human Intuition

JSON Hijacking for the Modern Web

Hunting Asynchronous Vulnerabilities

Server-Side Template Injection