Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Everybody Wants SOME - Advance Same Origin Method Execution

Hack In The Box Security Conference via YouTube

Start learning Write review
Coursera Ad

Google, IBM & Meta Certificates — 40% Off for a Limited Time

Learn More → Simplilearn Ad

Build GenAI Apps from Scratch — UCSB PaCE Certificate Program

Learn More →

Overview

Google, IBM & Meta Certificates — All 10,000+ Courses at 40% Off
One annual plan covers every course and certificate on Coursera. 40% off for a limited time.
Get Full Access
Explore the advanced aspects of Same Origin Method Execution (SOME), a powerful web attack technique, in this 55-minute conference talk from the Hack In The Box Security Conference. Delve into how SOME exploits callback endpoints to perform unintended actions on websites, bypassing common security measures. Examine real-world case studies of SOME attacks against major platforms like WordPress, Google, PayPal, and Microsoft. Learn how SOME can enable XSS attacks in previously secure environments. Understand the differences between SOME and JSONP, and discover a new approach to user interaction in SOME attacks. Gain insights from Ben Hayak, an experienced Information Security Engineer and researcher, on how seemingly innocuous callback endpoints can become backdoors in even the most protected domains, potentially causing severe damage to web applications.

Syllabus

#HITB2017AMS D2T1 - Everybody Wants SOME: Advance Same Origin Method Execution - Ben Hayak

Taught by

Hack In The Box Security Conference

Reviews

Start your review of Everybody Wants SOME - Advance Same Origin Method Execution

Start learning

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free
Someone learning on their laptop while sitting on the floor.