Completed
Intro
Class Central Classrooms beta
YouTube playlists curated by Class Central.
Classroom Contents
A New Era of SSRF - Exploiting URL Parser in Trending Programming Languages
Automatically move to the next video in the Classroom when playback concludes
- 1 Intro
- 2 Agenda
- 3 What is SSRF?
- 4 Protocol Smuggling in SSRF
- 5 Quick Fun Example
- 6 Fuzzer Architecture
- 7 URL Parsing issues
- 8 URL Components(RFC 3986)
- 9 Big Picture
- 10 NodeJS Unicode Failure
- 11 GLibc NSS Features
- 12 Abusing IDNA Standard
- 13 Abusing URL Parsers - Case Study
- 14 Protocol Smuggling - Case Study
- 15 Mitigations
- 16 Summary
- 17 Further works
