Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

HEIST - HTTP Encrypted Information can be Stolen Through TCP-Windows

Black Hat via YouTube

Start learning Write review
Coursera Ad

Google AI Professional Certificate - Learn AI Skills That Get You Hired

Learn More → Scrimba Ad

Our career paths help you become job ready faster

Learn More →

Overview

Coursera Flash Sale
40% Off Coursera Plus for 3 Months!
Grab it
Explore a groundbreaking set of techniques called HEIST (HTTP Encrypted Information can be Stolen Through TCP-Windows) that enables browser-based attacks against SSL/TLS and other secure channels. Delve into this 50-minute Black Hat conference talk by Tom Van Goethem and Mathy Vanhoef, which introduces a novel side-channel attack capable of leaking the exact size of cross-origin responses. Discover how HEIST exploits vulnerabilities in browsers, HTTP, SSL/TLS, and TCP layers to perform compression-based attacks like CRIME and BREACH without requiring network access. Learn about the potential for extracting sensitive information from popular websites and the increased impact of HEIST when used with HTTP/2. Gain insights into the widespread applicability of these attack techniques and their implications for online security and privacy.

Syllabus

HEIST: HTTP Encrypted Information can be Stolen Through TCP-Windows

Taught by

Black Hat

Reviews

Start your review of HEIST - HTTP Encrypted Information can be Stolen Through TCP-Windows

Start learning

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free
Someone learning on their laptop while sitting on the floor.