Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Got Cookies? Cookie Based Authentication Vulner...

Harsh Bothra
February 27, 2021
Technology
0
820

Got Cookies? Cookie Based Authentication Vulnerabilities

Cookies are often found in the wild and can be seen in many web applications. This is an interesting attack vector if explored properly and can lead to multiple security risks. This talk is around various possible vulnerabilities when a Cookie Based Authentication is provided.

Harsh Bothra

February 27, 2021
Tweet

More Decks by Harsh Bothra

See All by Harsh Bothra
Demystifying_Application_Security.pdf
harshbothra
0
91
Tale of Chaining Bugs for Account Takeover
harshbothra
2
2.6k
Trending Vulnerabilities with Insights to OWASP TOP 10
harshbothra
0
460
Exploiting Misconfigured Jira Instances for $$$
harshbothra
0
1k
Bug Hunting Tactics & Wins for 2021
harshbothra
3
1k
Bug Hunting Tactics
harshbothra
3
1.4k
Application Testing Methodology & Scope Based Recon
harshbothra
2
2k
Having Fun with RegEx
harshbothra
2
1.6k
Broken Cryptography & Account Takeovers
harshbothra
1
2.8k

Other Decks in Technology

See All in Technology
リンクアンドモチベーション ソフトウェアエンジニア向け紹介資料 / Introduction to Link and Motivation for Software Engineers
lmi
4
300k
生成AIが変えるデータ分析の全体像
ishikawa_satoru
0
140
CysharpのOSS群から見るModern C#の現在地
neuecc
2
3.4k
AWS Lambda のトラブルシュートをしていて思うこと
kazzpapa3
2
180
プロダクト活用度で見えた真実 ホリゾンタルSaaSでの顧客解像度の高め方
tadaken3
0
100
Introduction to Works of ML Engineer in LY Corporation
lycorp_recruit_jp
0
120
DynamoDB でスロットリングが発生したとき_大盛りver/when_throttling_occurs_in_dynamodb_long
emiki
1
190
10XにおけるData Contractの導入について: Data Contract事例共有会
10xinc
6
640
【若手エンジニア応援LT会】ソフトウェアを学んできた私がインフラエンジニアを目指した理由
kazushi_ohata
0
150
The Role of Developer Relations in AI Product Success.
giftojabu1
0
130
ISUCONに強くなるかもしれない日々の過ごしかた/Findy ISUCON 2024-11-14
fujiwara3
8
870
SREによる隣接領域への越境とその先の信頼性
shonansurvivors
2
520

Featured

See All Featured
"I'm Feeling Lucky" - Building Great Search Experiences for Today's Users (#IAC19)
danielanewman
226
22k
Cheating the UX When There Is Nothing More to Optimize - PixelPioneers
stephaniewalter
280
13k
What’s in a name? Adding method to the madness
productmarketing
PRO
22
3.1k
Build The Right Thing And Hit Your Dates
maggiecrowley
33
2.4k
Reflections from 52 weeks, 52 projects
jeffersonlam
346
20k
Sharpening the Axe: The Primacy of Toolmaking
bcantrill
38
1.8k
Designing the Hi-DPI Web
ddemaree
280
34k
[RailsConf 2023] Rails as a piece of cake
palkan
52
4.9k
How to Ace a Technical Interview
jacobian
276
23k
The Language of Interfaces
destraynor
154
24k
Save Time (by Creating Custom Rails Generators)
garrettdimon
PRO
27
840
A Philosophy of Restraint
colly
203
16k

Transcript

  1. Got Cookies? Cookie Based Authentication Vulnerabilities By: Harsh Bothra @harshbothra_

  2. Introduction @harshbothra_ Core Pentester @Cobalt.io Lazy Bug Hunter @Synack @Bugcrowd

    Bugcrowd TOP 150 Hackers & MVP Q1 – Q2 Author: Multiple Hacking Books Security Blogs @Medium Speaker @Multiple Security Conferences Poet | Writer | Learner

  3. AGENDA @harshbothra_ Introduction to Cookies Vulnerabilities in Cookie based Authentication

    Real Life Case Studies Tips & Tricks Wrap – Up

  4. Introduction to Cookies @harshbothra_

  5. Vulnerabilities in Cookie Based Authentication @harshbothra_

  6. @harshbothra_

  7. Real – Life Case Studies @harshbothra_

  8. Get in Touch at Website – https://harshbothra.tech Twitter - @harshbothra_

    Instagram - @harshbothra_ Medium - @hbothra22 LinkedIn - @harshbothra Facebook - @hrshbothra Email – [email protected] @harshbothra_

  9. THANK YOU!!!