Episode 60: Our Take on PortSwigger's Top 10 Web Hacking Techniques of 2023
Critical Thinking - Bug Bounty Podcast
Exploring Top Web Hacking Techniques of 2023
The chapter delves into the top 10 web hacking techniques of 2023, highlighting the development of race conditioning testing by James Kettle and the exploitation of Nagel's algorithm combined with HTTP2 for optimizing TCP packets. It discusses a significant bug in HTTP request smuggling into Akamai servers, leading to global cache poisoning and NTLM token theft, resulting in full arbitrary redirects. The speakers also explore SMTP smuggling, its connection to HTTP smuggling, and the methodology applied to different protocols with similar functionalities.
00:00
Transcript
Play full episode
Remember Everything You Learn from Podcasts
Save insights instantly, chat with episodes, and build lasting knowledge - all powered by AI.
