The Jerich Show Episode 38 - Mohammed Aldoub discussed API and Cloud security
The Jerich Show Podcast · thejerichshow
Audio is streamed directly from the publisher (mcdn.podbean.com) as published in their RSS feed. Play Podcasts does not host this file. Rights-holders can request removal through the copyright & takedown page.
Show Notes
Mohammed Aldoub AKA @voulnet is an API and Cloud security expert. While Erich is off nursing a sore neck, Mohammed keeps Javvad quiet and drops some serious API security knowledge.
Links discussed:
Clubhouse https://twitter.com/_DanielSinclair/status/1363738761339826177?s=19
Hacking Starbucks https://samcurry.net/hacking-starbucks/
Cloud pricing specialists https://www.duckbillgroup.com/
API vulnerability https://hackerone.com/reports/810320
Exploiting Drupal8's REST RCE https://www.ambionics.io/blog/drupal8-rce
Stop using JWT for sessions http://cryto.net/~joepie91/blog/2016/06/19/stop-using-jwt-for-sessions-part-2-why-your-solution-doesnt-work/
Mohammed's Github (tools, upcoming training schedule) https://github.com/Voulnet
Follow Mohammed on twitter @voulnet