AI, Data Science & Cloud Certificates from Google, IBM & Meta — 40% Off
One plan covers every Professional Certificate on Coursera. 40% off Coursera Plus Annual.
Unlock All Certificates
Learn how to execute practical web timing attacks in this 39-minute Black Hat conference talk that reveals novel techniques for extracting server secrets. Discover methods for detecting masked misconfigurations, performing blind data-structure injection, and uncovering hidden routes to restricted areas through timing differentials. Master the latest advances that enable reliable detection of sub-millisecond timing differences in just ten seconds, without requiring special configurations or controlled environments. Gain hands-on experience with open-source tools for both automated exploitation and custom attack scripting, plus participate in a CTF challenge to practice newly acquired skills. Follow a refined methodology developed through extensive testing across thousands of websites to transform theoretical timing attack concepts into practical exploitation techniques. Presented by James Kettle, Director of Research at PortSwigger, this talk equips security professionals with actionable knowledge about leveraging this powerful and omnipresent side-channel attack vector.
