Web and Mobile Vulns We Exploited on

🛝 Slides for this webcast – 
https://www.blackhillsinfosec.com/wp-...

🔗 Register for future webcasts on our BHIS Stadium Hub -
https://blackhillsinfosec.zoom.us/ze/...

Web and Mobile Vulns We Exploited on Pentests w/ Sean Verity

In this free one-hour Black Hills Information Security (BHIS) webcast, Sean Verity - Security Analyst, will share a mixed bag of high-impact web and mobile vulnerabilities that we found during assessments last year.

We walk through a blind XSS that opened a door to steal password hashes, a couple of leaky password reset features that led to account take over, some IDORs, and more.
Our testers also found a handy mobile feature that lets us export cookies and files from phones, using a web browser –
no jailbreak or rooting necessary.

Sean will be sharing testing take-aways so that you can be a returning champion throughout your pentests this year.

Chat with your fellow attendees in the Black Hills Infosec Discord server here:   / discord   -- in the #webcast-live-chat channel.

#infosec #pentesting #pentest #redteam