Sign up to save your podcasts
Or
Share James Kettle of PortSwigger on Advancing Web-Attack Research
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
James Kettle of PortSwigger on Advancing Web-Attack Research
Interview Links
- Prior Security Nation episode in which loads of PortSwigger references were dropped:
- https://www.rapid7.com/blog/post/2021/08/18/security-nation-daniel-crowley/
- New research from James about browser-powered desync attacks:
- https://portswigger.net/research/browser-powered-desync-attacks
Rapid Rundown Links
- Semi-secret Fortinet advisory:
- https://twitter.com/Gi7w0rm/status/1578398457227878407
- CVE Details as they come:
- https://www.rapid7.com/blog/post/2022/10/07/cve-2022-40684-remote-authentication-bypass-vulnerability-in-fortinet-firewalls-web-proxies/
- Existence of Fortinet CVE-2022-40684 PoC posted, but not the PoC itself:
- https://twitter.com/Horizon3Attack/status/1579285863108087810
- The Hidden Harms of Silent Patches:
- https://www.rapid7.com/blog/post/2022/06/06/the-hidden-harm-of-silent-patches/
Like the show? Want to keep Jen and Tod in the podcasting business? Feel free to rate and review with your favorite podcast purveyor, like Apple Podcasts.
View all episodes
By Jen Ellis and Tod BeardsleyInterview Links
- Prior Security Nation episode in which loads of PortSwigger references were dropped:
- https://www.rapid7.com/blog/post/2021/08/18/security-nation-daniel-crowley/
- New research from James about browser-powered desync attacks:
- https://portswigger.net/research/browser-powered-desync-attacks
Rapid Rundown Links
- Semi-secret Fortinet advisory:
- https://twitter.com/Gi7w0rm/status/1578398457227878407
- CVE Details as they come:
- https://www.rapid7.com/blog/post/2022/10/07/cve-2022-40684-remote-authentication-bypass-vulnerability-in-fortinet-firewalls-web-proxies/
- Existence of Fortinet CVE-2022-40684 PoC posted, but not the PoC itself:
- https://twitter.com/Horizon3Attack/status/1579285863108087810
- The Hidden Harms of Silent Patches:
- https://www.rapid7.com/blog/post/2022/06/06/the-hidden-harm-of-silent-patches/
Like the show? Want to keep Jen and Tod in the podcasting business? Feel free to rate and review with your favorite podcast purveyor, like Apple Podcasts.