Hacking Modern Webapps

Presented at Diana Initiative 2019, Aug. 10, 2019, 2 p.m. (60 minutes)

Web applications power everything, and penetration testers/red team members need to know how to use, and abuse, the new technologies that modern web apps are using. This talk will cover more modern web application features like web application local storage, Cross Origin Resource Sharing, and WebSockets from a penetration tester's perspective.

Presenters:

• Elizabeth Bell
  Liz has been a librarian, soldier, waitress, garbage-sorter, and mystery diner. More recently, she's been a penetration tester, cryptanalyst, and network defense analyst, and has seen the clouds from both sides of the red/blue split. When she isn't guarding networks, she builds Nazi-hunting Twitter robots and picks locks.

Links:

• https://dianainitiative2019.busyconf.com/schedule#activity_5c94e9812f63fe10f2000079

Similar Presentations:

• DEF CON 8 (2000) / Web Application Security
• DEF CON 9 (2001) / Web Application Security
• ToorCon: Seattle (Beta) (2007) / Web 4.0