On 13th March I did a webinar for Checkmarx showing in around 30 minutes what is and how you can exploit the web vector Reflected File Download.
You can still watch the recorded version at RFD: Still Threatening the Biggest Names on the Web.
Had a lot of fun doing it because it was my first webinar 🙂 ‘Til next time!
The team who loves hacking and learning new things have published more stuff:
CSRT latest work and news:
More to come really soon… 🙂 Having fun hacking!
Also, there are no known safe versions of the Flowplayer SWF. If you're hosting it, I can XSRF you. Kill it now. https://t.co/h0TnyAKTsC
— Kevin Riggle (@kevinriggle) August 6, 2015
[News] Exploits start against flaw that could hamstring huge swaths of Internet – http://t.co/u15KiTgFm0
— bugcrowd (@Bugcrowd) August 3, 2015