::: left till the conference

New ways to alert: Prototype Pollution

40 min
Web Village

In this talk, we’ll look at a new threat in web application security — JavaScript prototype pollution. First, we’ll get a deep dive into workings of JavaScript objects and classes. On this basis, we’ll explore what JavaScript prototype pollution is and how it can be found in the client side. After this, we’ll look at ways to exploit prototype pollution once you’ve found it. We’ll share our bug bounty experience, cool stories about bypassing fixes and finding edge cases.

Nikita Stupin

Security researcher 

Sergey “BlackFan” Bobrov
Other Reports
Web Village
Hacker adventures on dating websites
Main Stage
Thank you for using URL shorteners: I know everything about your clients now
Hardware Zone
Exploring the types of Flash memory