Episode 135: Akamai's Ryan Barnett on WAFs, Unicode Confusables, and Triage Stories
Critical Thinking - Bug Bounty Podcast
00:00
Navigating Unicode Vulnerabilities in Web Security
This chapter explores the complexities of Unicode encoding and its implications for web application security, focusing on vulnerabilities like Mojibake and character normalization issues. The speakers discuss real-world examples, including the NIMDA worm, to illustrate the challenges faced by developers and security professionals in managing character encoding. Additionally, the chapter addresses techniques for testing web applications against Unicode-related exploits and the importance of security tools in identifying these vulnerabilities.
Transcript
Play full episode
