AppSec Europe 2018: Exploiting Unknown Browsers and Objects

***Content is subject to change.***

View analytic

Exploiting Unknown Browsers and Objects LIMITED

Feedback form is now closed.

Limited Capacity seats available

Browsers are embedded everywhere, from popular applications like Steam and Spotify to headless crawlers, IoT devices and games consoles. They execute JavaScript but you don't have a dev console and some don't even allow you to interact with them. Many add custom JavaScript objects and functions but how can you discover all this hidden treasure without any dev tools? My talk introduces a new tool for your arsenal that allows you to inspect and exploit these unknown entities. The Hackability inspector is the missing offensive dev toolkit for security researchers.

Speakers

Gareth Heyes

Researcher, PortSwigger

Gareth works as a researcher at PortSwigger and loves breaking sandboxes and anything to do with JavaScript. He has developed various free online tools such as Hackvertor and Shazzer. He also created MentalJS a free JavaScript sandbox that provides a safe DOM environment for sandboxed... Read More →

Friday July 6, 2018 1:30pm - 2:15pm
Fleming - 3rd Floor QEII Centre Broad Sanctuary, Westminster, London. SW1P 3EE

Hacker

Host Organization OWASP Foundation

AppSec Europe 2018

Gareth Heyes

Attendees (44)

Recently Active Attendees

AppSec Europe 2018

Sign up or log in to save this to your schedule and see who's attending!

Gareth Heyes

Attendees (44)

Recently Active Attendees