AppSec Europe 2018 has ended
                                                                                    ***Content is subject to change.***
Back To Schedule
Friday, July 6 • 1:30pm - 2:15pm
Exploiting Unknown Browsers and Objects LIMITED

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
Limited Capacity seats available

Browsers are embedded everywhere, from popular applications like Steam and Spotify to headless crawlers, IoT devices and games consoles. They execute JavaScript but you don't have a dev console and some don't even allow you to interact with them. Many add custom JavaScript objects and functions but how can you discover all this hidden treasure without any dev tools? My talk introduces a new tool for your arsenal that allows you to inspect and exploit these unknown entities. The Hackability inspector is the missing offensive dev toolkit for security researchers.

avatar for Gareth Heyes

Gareth Heyes

Researcher, PortSwigger
Gareth works as a researcher at PortSwigger and loves breaking sandboxes and anything to do with JavaScript. He has developed various free online tools such as Hackvertor and Shazzer. He also created MentalJS a free JavaScript sandbox that provides a safe DOM environment for sandboxed... Read More →

Friday July 6, 2018 1:30pm - 2:15pm BST
Fleming - 3rd Floor QEII Centre Broad Sanctuary, Westminster, London. SW1P 3EE