COMMSEC: Compendium Vulnus Subestimata – Underrated Security Bugs


This talk will discuss many of the underrated security bugs that don’t get enough recognition. The collection of bugs is based on discussions with many penetration testers, bug/bounty hunters, security researchers and more.

Each bug will be shown using
– A vulnerable code snippet
– Corresponding exploitation example
– Impact assessment and ideas for use in bug chains

Lets shed some light on some underrated bugs so they can be better understood.

All PoC material will be released for those who wants to practice these bug classes in their home lab.

Location: BALLROOM 2 Date: August 29, 2019 Time: 12:30 pm - 1:00 pm Eldar “Wireghoul” Marcussen