๐
Date & time
Thu, Nov 27, 7:00 PM (GMT-03:00)
https://h1.community/events/details/hackerone-brazil-hackerone-club-presents-bypaxss-the-brute-art-of-bypass/
Thu, Nov 27, 7:00 PM (GMT-03:00)
About this event
Evading security mechanisms like filters and WAFs is hacking on another level. In this talk we will see how WAFs from major vendors were consistently bypassed, along with the techniques involved to exploit the most common vulnerability of the web: the Cross-Site Scripting (XSS).
After a quick recap of basic XSS exploitation and how to prove it for bug reporting, the audience will see the "easy wins", clear examples of simple yet effective bypasses, the mistakes made by those who try to mitigate web attacks and the very principles and tricks used to fool most filters out there.
Finally a new tool to create unique payloads for filter and WAF evasions will be shown to highlight the same techniques discussed throught the talk.
Rodolfo Assis Aka @BRuteLogic
Independent cybersecurity researcher with 15+ years of experience in web application security. Creator of KNOXSS, the industry-leading automated XSS detection tool used by hundreds of security professionals worldwide.
Has helped fix over 1,000 XSS vulnerabilities including discoveries in major companies like Oracle, Samsung, Uber, Apple, Amazon, and Microsoft. Recognized as a Top 200 Global Cybersecurity Influencer by CheckPoint/Perimeter 81.
International speaker at conferences including DEFCON and Ekoparty. Author of the Brute XSS Cheat Sheet series. Philosophy: XSS is much more than
https://h1.community/events/details/hackerone-brazil-hackerone-club-presents-bypaxss-the-brute-art-of-bypass/
HackerOne Community
BypaXSS - The Brute Art of Bypass
Virtual Event - None
