Abstract

Doing a source code review to exploit vulnerabilities like:

1- Type juggling
2- Advance 2nd order SQL Injection
3- Pass-the-hash
4- {{SSTI}} (Server Side Template Injection)
At the end creating a python script to automate the attack

Speaker

Raunak parmar

Raunak Parmar is an information security professional whose areas of interest include web penetration testing, Azure/AWS security, source code review, scripting, and development.

He has 2+ years of experience in information security. Raunak likes to research new attack methodologies and create open-source tools that can be used during Cloud Security assessments. He has worked extensively on Azure and AWS.

He is the author of Vajra an offensive cloud security tool. He has spoken at multiple conferences like Blackhat, Defcon, and Nullcon.

Timing

Starts at Saturday November 09 2019, 10:45 AM. The sessions runs for about 1 hour.

Resources