Slides From Bitslip Security Presentations
Boise Code Camp 2019: Beyond OWASP - What the top 10 doesn't tell you
Image Magick Exploits: https://imagetragick.com/
Type Juggling Vulnerabilities: https://www.youtube.com/watch?v=ASYuK01H3Po
Length Extension Attacks: https://github.com/iagox86/hash_extender
PHP Phar Archives:
Tech Talk About PHAR Arhive: https://www.youtube.com/watch?v=GePBmsNJw6Y&t=2062s
Tool create jpeg / phar / tar polyglots with injection code for multiple PHP web frameworks: https://github.com/ambionics/phpggc
Server Side Request Forgery Bypasses:
Talk abouty SSRF bypasses: https://www.youtube.com/watch?v=D1S-G8rJrEk&t=1103s