Top 10 Web Hacking Techniques and Windows Shadow Stacks episode artwork

EPISODE · Feb 12, 2025 · 1H 12M

Top 10 Web Hacking Techniques and Windows Shadow Stacks

from Day[0] · host dayzerosec

In this episode, we discuss the US government discloses how many 0ds were reported to vendors in a first-ever report. We also cover PortSwigger's top 10 web hacking techniques of 2024, as well as a deep dive on how kernel mode shadow stacks are implemented on Windows by Connor McGarr.Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/272.html[00:00:00] Introduction[00:01:50] U.S. Government Disclosed 39 Zero-Day Vulnerabilities in 2023, Per First-Ever Report[00:19:54] What Okta Bcrypt incident can teach us about designing better APIs[00:40:08] Top 10 web hacking techniques of 2024[00:55:03] Exploit Development: Investigating Kernel Mode Shadow Stacks on Windows[01:06:11] Accidentally uncovering a seven years old vulnerability in the Linux kernelPodcast episodes are available on the usual podcast platforms: -- Apple Podcasts: https://podcasts.apple.com/us/podcast/id1484046063 -- Spotify: https://open.spotify.com/show/4NKCxk8aPEuEFuHsEQ9Tdt -- Google Podcasts: https://www.google.com/podcasts?feed=aHR0cHM6Ly9hbmNob3IuZm0vcy9hMTIxYTI0L3BvZGNhc3QvcnNz -- Other audio platforms can be found at https://anchor.fm/dayzerosecYou can also join our discord: https://discord.gg/daTxTK9

Episode metadata supplied by the publisher feed · Published Feb 12, 2025

In this episode, we discuss the US government discloses how many 0ds were reported to vendors in a first-ever report. We also cover PortSwigger's top 10 web hacking techniques of 2024, as well as a deep dive on how kernel mode shadow stacks are implemented on Windows by Connor McGarr.Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/272.html[00:00:00] Introduction[00:01:50] U.S. Government Disclosed 39 Zero-Day Vulnerabilities in 2023, Per First-Ever Report[00:19:54] What Okta Bcrypt incident can teach us about designing better APIs[00:40:08] Top 10 web hacking techniques of 2024[00:55:03] Exploit Development: Investigating Kernel Mode Shadow Stacks on Windows[01:06:11] Accidentally uncovering a seven years old vulnerability in the Linux kernelPodcast episodes are available on the usual podcast platforms: -- Apple Podcasts: https://podcasts.apple.com/us/podcast/id1484046063 -- Spotify: https://open.spotify.com/show/4NKCxk8aPEuEFuHsEQ9Tdt -- Google Podcasts: https://www.google.com/podcasts?feed=aHR0cHM6Ly9hbmNob3IuZm0vcy9hMTIxYTI0L3BvZGNhc3QvcnNz -- Other audio platforms can be found at https://anchor.fm/dayzerosecYou can also join our discord: https://discord.gg/daTxTK9

PodParley-generated summary based on available episode metadata and transcript content.

NOW PLAYING

Top 10 Web Hacking Techniques and Windows Shadow Stacks

0:00 1:12:42

No transcript for this episode yet

We transcribe on demand. Request one and we'll notify you when it's ready — usually under 10 minutes.

Frequently Asked Questions

How long is this episode of Day[0]?

This episode is 1 hour and 12 minutes long.

When was this Day[0] episode published?

This episode was published on February 12, 2025.

What is this episode about?

In this episode, we discuss the US government discloses how many 0ds were reported to vendors in a first-ever report. We also cover PortSwigger's top 10 web hacking techniques of 2024, as well as a deep dive on how kernel mode shadow stacks are...

Can I download this Day[0] episode?

Yes, you can download this episode by clicking the download button on the episode player, or subscribe to the podcast in your preferred podcast app for automatic downloads.
URL copied to clipboard!