Artwork

コンテンツは Josh Amishav によって提供されます。エピソード、グラフィック、ポッドキャストの説明を含むすべてのポッドキャスト コンテンツは、Josh Amishav またはそのポッドキャスト プラットフォーム パートナーによって直接アップロードされ、提供されます。誰かがあなたの著作権で保護された作品をあなたの許可なく使用していると思われる場合は、ここで概説されているプロセスに従うことができますhttps://ja.player.fm/legal
Player FM -ポッドキャストアプリ
Player FMアプリでオフラインにしPlayer FMう!

55 - Charlie Belmer & NoSQL Injection

34:18
 
シェア
 

アーカイブされたシリーズ ("無効なフィード" status)

When? This feed was archived on July 06, 2023 12:08 (9M ago). Last successful fetch was on October 18, 2022 11:08 (1+ y ago)

Why? 無効なフィード status. サーバーは持続期間に有効なポッドキャストのフィードを取得することができませんでした。

What now? You might be able to find a more up-to-date version using the search function. This series will no longer be checked for updates. If you believe this to be in error, please check if the publisher's feed link below is valid and contact support to request the feed be restored or if you have any other concerns about this.

Manage episode 291800196 series 2780300
コンテンツは Josh Amishav によって提供されます。エピソード、グラフィック、ポッドキャストの説明を含むすべてのポッドキャスト コンテンツは、Josh Amishav またはそのポッドキャスト プラットフォーム パートナーによって直接アップロードされ、提供されます。誰かがあなたの著作権で保護された作品をあなたの許可なく使用していると思われる場合は、ここで概説されているプロセスに従うことができますhttps://ja.player.fm/legal

This week Jeff Foley hangs all to talk about asset discovery using amass, recon methodologies, hashcat style brute forcing vs. wordlists, extending functionality via the embedded Lua engine and more. My 3 main takeaways were 1) how to find assets that don’t share a domain name using JARM 2) how they made scanning faster by essentially lowering the DNS brute forcing query rate and 3) what the future has in store for the project

For more information, including the show notes check out https://breachsense.io/podcast

This week Jim Manico joins the show to talk about Cross Site Scripting, CSPs, strict dynamic, trusted types, SameSite cookies, NIST SP 800-63, password shucking and more. My 3 main takeaways were 1) how to do input validation correctly 2) why using nonces in your CSP is safer than creating an allowed list policy and 3) the right way to handle passwords

For more information, including the show notes check out https://breachsense.io/podcast

This week Jim Manico joins the show to talk about Cross Site Scripting, CSPs, strict dynamic, trusted types, SameSite cookies, NIST SP 800-63, password shucking and more. My 3 main takeaways were 1) how to do input validation correctly 2) why using nonces in your CSP is safer than creating an allowed list policy and 3) the right way to handle passwords

For more information, including the show notes check out https://breachsense.io/podcast

This week Jim Manico joins the show to talk about Cross Site Scripting, CSPs, strict dynamic, trusted types, SameSite cookies, NIST SP 800-63, password shucking and more. My 3 main takeaways were 1) how to do input validation correctly 2) why using nonces in your CSP is safer than creating an allowed list policy and 3) the right way to handle passwords

For more information, including the show notes check out https://breachsense.io/podcast This week Jim Manico joins the show to talk about Cross Site Scripting, CSPs, strict dynamic, trusted types, SameSite cookies, NIST SP 800-63, password shucking and more. My 3 main takeaways were 1) how to do input validation correctly 2) why using nonces in your CSP is safer than creating an allowed list policy and 3) the right way to handle passwords

This week Charlie Belmer joins the show to chat about NoSQLi, web proxies, cloud security, tips to get started in InfoSec and more. My 3 main takeaways were 1) how SQLi differs from NoSQLi 2) why privacy still matters and 3) How cookieless tracking works and some of the frightening techniques used

For more information, including the show notes check out https://breachsense.io/podcast

  continue reading

80 つのエピソード

Artwork
iconシェア
 

アーカイブされたシリーズ ("無効なフィード" status)

When? This feed was archived on July 06, 2023 12:08 (9M ago). Last successful fetch was on October 18, 2022 11:08 (1+ y ago)

Why? 無効なフィード status. サーバーは持続期間に有効なポッドキャストのフィードを取得することができませんでした。

What now? You might be able to find a more up-to-date version using the search function. This series will no longer be checked for updates. If you believe this to be in error, please check if the publisher's feed link below is valid and contact support to request the feed be restored or if you have any other concerns about this.

Manage episode 291800196 series 2780300
コンテンツは Josh Amishav によって提供されます。エピソード、グラフィック、ポッドキャストの説明を含むすべてのポッドキャスト コンテンツは、Josh Amishav またはそのポッドキャスト プラットフォーム パートナーによって直接アップロードされ、提供されます。誰かがあなたの著作権で保護された作品をあなたの許可なく使用していると思われる場合は、ここで概説されているプロセスに従うことができますhttps://ja.player.fm/legal

This week Jeff Foley hangs all to talk about asset discovery using amass, recon methodologies, hashcat style brute forcing vs. wordlists, extending functionality via the embedded Lua engine and more. My 3 main takeaways were 1) how to find assets that don’t share a domain name using JARM 2) how they made scanning faster by essentially lowering the DNS brute forcing query rate and 3) what the future has in store for the project

For more information, including the show notes check out https://breachsense.io/podcast

This week Jim Manico joins the show to talk about Cross Site Scripting, CSPs, strict dynamic, trusted types, SameSite cookies, NIST SP 800-63, password shucking and more. My 3 main takeaways were 1) how to do input validation correctly 2) why using nonces in your CSP is safer than creating an allowed list policy and 3) the right way to handle passwords

For more information, including the show notes check out https://breachsense.io/podcast

This week Jim Manico joins the show to talk about Cross Site Scripting, CSPs, strict dynamic, trusted types, SameSite cookies, NIST SP 800-63, password shucking and more. My 3 main takeaways were 1) how to do input validation correctly 2) why using nonces in your CSP is safer than creating an allowed list policy and 3) the right way to handle passwords

For more information, including the show notes check out https://breachsense.io/podcast

This week Jim Manico joins the show to talk about Cross Site Scripting, CSPs, strict dynamic, trusted types, SameSite cookies, NIST SP 800-63, password shucking and more. My 3 main takeaways were 1) how to do input validation correctly 2) why using nonces in your CSP is safer than creating an allowed list policy and 3) the right way to handle passwords

For more information, including the show notes check out https://breachsense.io/podcast This week Jim Manico joins the show to talk about Cross Site Scripting, CSPs, strict dynamic, trusted types, SameSite cookies, NIST SP 800-63, password shucking and more. My 3 main takeaways were 1) how to do input validation correctly 2) why using nonces in your CSP is safer than creating an allowed list policy and 3) the right way to handle passwords

This week Charlie Belmer joins the show to chat about NoSQLi, web proxies, cloud security, tips to get started in InfoSec and more. My 3 main takeaways were 1) how SQLi differs from NoSQLi 2) why privacy still matters and 3) How cookieless tracking works and some of the frightening techniques used

For more information, including the show notes check out https://breachsense.io/podcast

  continue reading

80 つのエピソード

すべてのエピソード

×
 
Loading …

プレーヤーFMへようこそ!

Player FMは今からすぐに楽しめるために高品質のポッドキャストをウェブでスキャンしています。 これは最高のポッドキャストアプリで、Android、iPhone、そしてWebで動作します。 全ての端末で購読を同期するためにサインアップしてください。

 

クイックリファレンスガイド