Help Irongeek.com pay for bandwidth and research equipment:
Let’s Go CSRF’n Now! - grap3_ap3 Notacon 10 (Hacking Illustrated Series InfoSec Tutorial Videos)
Let’s Go CSRF’n Now!
In a discussion focused on Cross Site Request Forgery (CSRF), explore the trust
vulnerability and walk through a demonstration of the exploit in action.
Understand how these attacks happen and what they look like from the perspective
of both victim AND attacker.
Walk away with a grasp on the security implications of this weakness as well as
understanding why the attack is possible and what steps should be done to
prevent it. This session is a 45 minute demo with a 15 minute Q&A after. It is
an advanced technical session intended for technicians, engineers, and
developers with interest in web application security.
A vulnerability researcher, penetration tester, and social engineer, I am a
professional breaker. A parent, biker, and security professional, I find my
skillset constantly adapting to the most current techniques. A penetration
tester and vulnerability researcher based in Columbus, Ohio, I have performed
security assessments for clients ranging from financial institutions,
e-commerce, telecommunications, manufacturing, education and government
agencies, as well as international corporations. I focus on epitomizing the
attackers in the wild in hopes of helping organizations and individuals
understand how to avoid being victimized. My talks tend to be engaging, full of
energy, and dynamic to meet the expectations of the audience.