Paul's Security Weekly Subscribe

Exploiting Client-Side Node.js with Moses Hernandez – Paul’s Security Weekly #516

June 2, 2017

I know what you're thinking, Node.js is server-side right? Not exactly. It turns out many client-side applications have embedded Node.js. And its not always updated to the latest version. And, its vulnerable to attacks! Moses Hernandez is a Consulting Systems Engineer for Cisco Systems and an Instructor for pen testing courses at the SANS Institute. Moses shows us how to find Node.js on a system, locate the different versions, and exploit to bypass UAC! Full Show Notes: https://wiki.securityweekly.com/Episode516 Subscribe to YouTube Channel: https://www.youtube.com/channel/UCg--XBjJ50a9tUhTKXVPiqg Security Weekly Website: http://securityweekly.com Follow us on Twitter: @securityweekly

Full episode and show notes

Host

Paul Asadoorian

Paul Asadoorian

Founder at Security Weekly

https://securityweekly.com

Related

Security Operations

Spying & Cyber Warfare – SDL – SWN Vault

November 24, 2023

From Russia With Love, come Doug and Russ, doing a segment on spying! Not the 007 spying, but spying when it comes to cyber warfare.

Breaking into Cyber – Perspective from a High School – Tim Cathcart – ESW Vault

November 23, 2023

High School students represent the very beginning of the pipeline for the Cyber industry. What are the attitudes and perspectives of these young people? How can we attract the best and brightest into our industry?

Governance, Risk and Compliance

Interview with Brian Snow – PSW Vault

November 22, 2023

Brian Snow spent his first 20 years at NSA doing and directing research that developed cryptographic components and secure systems. Many cryptographic systems serving the U.S. government and military use his algorithms; they provide capabilities not previously available and span a range from nuclear command and control to tactical radios for the ba...