Chapters
Transcript
Episode notes
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33
Introduction
00:00 • 3min
The Reality of C-Surfing
02:52 • 2min
The Caveat to JavaScript Bridges
04:29 • 2min
Carff: A Cross-App Request for a Tree
06:05 • 2min
Joel Solo Interviews at DEF CON
07:42 • 2min
How to Use Curl to Test a SQL Map
09:29 • 2min
How to Market a Chrome Extension for One Cent Per User
11:16 • 2min
Chrome Extensions for Service Workers
12:55 • 2min
How to Remove XSS Auditor From Chrome
15:01 • 2min
JS Weasel: A Cool Product to Try Out
16:49 • 4min
How to Use Office-Gated JavaScript to Hack Your App
20:32 • 2min
How to Make Money With a Bug Bounty
22:03 • 2min
The Importance of Internal Brain Patterns in JavaScript
23:43 • 2min
The Most Rojan Thing I've Ever Heard
25:24 • 2min
C Surfs: A Vulnerability That's Not the Case
27:27 • 3min
The Importance of C Surfs
30:29 • 3min
How to Use a Two Minute Window to Get a Cookie Reset
33:31 • 3min
How to Bypass GitHub's a Lot Flow
36:27 • 4min
Rails: A Quirk to Know About
40:11 • 2min
Rails and Head Requests in Rails
42:03 • 2min
Exploitation Techniques for Mobile C Surf
43:47 • 2min
How to Fix a CSERF Bug
45:50 • 2min
CSRF: How to Check Your Cookies
48:18 • 2min
Ruby on Rails: A Weird Rails Configuration
50:33 • 3min
How to Find Vulnerabilities in an Application
53:59 • 3min
The Limits of CSRF Vulnerability
56:43 • 3min
How to Change Your Post Request to Get Request
59:32 • 2min
How to Send a Request With the Null in the Origin With Nowadays Same Site Stuff
01:01:59 • 3min
How to Bypass the C Surf Check and Get the Bug Fixed
01:04:30 • 2min
C Surf: How to Get an Account on an Obvious Domain
01:06:04 • 5min
How to Use TikTok to Scan QR Codes Within an App
01:10:36 • 2min
The JavaScript Bridge and the Attack Scenario
01:12:23 • 3min
How to Be a Bald and Eyebrowless Nohamsec
01:15:24 • 3min