Registration is NOW Open
Marriott Wardman Park
2660 Woodley Rd NW
Washington DC, District of Columbia 20008 USA
Phone: 1-202-328-2000 

Book Now 
*discount rates expire August 19, 2019
Back To Schedule
Thursday, September 12 • 10:30am - 11:15am
Owning the Cloud through SSRF and PDF Generators

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
With how many apps are running in the cloud, hacking these instances becomes easier with a simple vulnerability due to unsanitized user input. In this talk, we’ll discuss a number of different methods that helped us exfil data from different applications using Server-Side Request Forgery (SSRF). Using these methods, we were able to hack some of the major transportation, hospitality, and social media companies and make $50,000 in rewards in 3 months.

Behrouz Sadeghipour

avatar for Ben Sadeghipour

Ben Sadeghipour

Head of Hacker Operations, HackerOne
Ben is the head of Hacker Operations at HackerOne by day, and a hacker by night. He has helped identify and exploit over 700 security vulnerabilities across 100s of web and mobile applications for companies such as Yahoo, Airbnb, Snapchat, The US Department of Defense, Yelp, and more... Read More →

Thursday September 12, 2019 10:30am - 11:15am EDT
Lincoln 5