Description:
Explore FIESTA, a new tool for testing HTTPS side-channel vulnerabilities, in this 42-minute conference talk from OWASP AppSec EU 2018. Delve into the world of TLS traffic exploitation and learn about past attacks like CRIME, BREACH, and TIME. Discover a previously unused side-channel affecting major internet companies. Examine the tool's configuration, fake web setup, and image loading techniques. Investigate real-world examples involving Google and Facebook, and discuss bug bounty implications. Gain insights into JavaScript-based countermeasures and understand the broader implications for online security.
FIESTA - An HTTPS Side-Channel Party
Add to list
#Conference Talks
#Information Security (InfoSec)
#Cybersecurity
#Ethical Hacking
#Bug Bounty
#Web Security
#Side Channel Attacks
#Vulnerability Testing