Hi [[ session.user.profile.firstName ]]

Get off your AMF and don't REST on JSON

HTTP is being used to transport new request formats such as those from mobile apps, REST, JSON, AMF and GWTk, but few security teams have updated their testing procedures. All of these new formats are potential new playgrounds for attackers and pen testers. You just need to know how to play. In this talk, Dan Kuykendall will demonstrate the process of breaking down these new formats and where to attack them on various vulnerable applications. Most of the attacks are the familiar classics like SQL and Command injection applied in modern applications. Attendees will learn to leverage their existing pen testing skills and techniques and apply them to these new formats.
Recorded Aug 17 2012 48 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Dan Kuykendall
Presentation preview: Get off your AMF and don't REST on JSON

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
Presentations from the BSides Events and Beyond
Presentations from the BSides Events and Beyond

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Get off your AMF and don't REST on JSON
  • Live at: Aug 17 2012 10:00 pm
  • Presented by: Dan Kuykendall
  • From:
Your email has been sent.
or close