A surprisingly simple security vulnerability can have massive implications: Files laying around on web servers, accessible for anyone to download.
Git repositories, database dumps, backup files of PHP scripts, configuration files with login credentials or core dumps from application crashes - there are various files that end up on webservers. By guessing common filenames it is very often possible to download secret data from web servers.
Speakers for The HTTP GET attack:
Metadata for The HTTP GET attackTo be recorded: Yes
URLs for The HTTP GET attack
Schedule for The HTTP GET attack
- Sunday, Aug 27th, 2017, 15:30 (CEST) - Sunday, Aug 27th, 2017, 16:30 (CEST) at Speakers Tent