Don't Trust, Verify! - How I Found a CSRF Bug Hiding in Plain Sight
Security BSides San Francisco via YouTube
Learn AI, Data Science & Business — Earn Certificates That Get You Hired
The Fastest Way to Become a Backend Developer Online
Overview
Google, IBM & Meta Certificates – 40% Off
One plan covers every Professional Certificate on Coursera.
Unlock All Certificates
Learn how to discover hidden vulnerabilities in commonly used security libraries through a detailed case study of finding a long-standing CSRF (Cross-Site Request Forgery) bug in the popular gorilla/csrf Go library. Explore the methodology and techniques used to uncover this vulnerability that was hiding in plain sight, and gain insights into performing your own vulnerability research experiments on widely-used development tools. Understand the importance of not blindly trusting security implementations and develop skills to verify the robustness of the libraries and frameworks you rely on in your projects.
Syllabus
BSidesSF 2025 - Don't Trust, Verify! - How I Found a CSRF Bug Hiding... (Patrick O'Doherty)
Taught by
Security BSides San Francisco