Coursera Flash Sale
40% Off Coursera Plus for 3 Months!
Grab it
Learn how to execute practical web timing attacks in this 39-minute Black Hat conference talk that reveals novel techniques for extracting server secrets. Discover methods for detecting masked misconfigurations, performing blind data-structure injection, and uncovering hidden routes to restricted areas through timing differentials. Master the latest advances that enable reliable detection of sub-millisecond timing differences in just ten seconds, without requiring special configurations or controlled environments. Gain hands-on experience with open-source tools for both automated exploitation and custom attack scripting, plus participate in a CTF challenge to practice newly acquired skills. Follow a refined methodology developed through extensive testing across thousands of websites to transform theoretical timing attack concepts into practical exploitation techniques. Presented by James Kettle, Director of Research at PortSwigger, this talk equips security professionals with actionable knowledge about leveraging this powerful and omnipresent side-channel attack vector.
