Genmysbhracnwdt9kmjx

Ep. 8 - Exploiting Local Dev Environments (2/2)

"Exploiting Local Dev Environments To Steal Production Data"

   Watch Promo

About This Series

Part 1 is a refresher on the following topics*

1. Same Origin Policy (SOP)

2. Cross-Origin Resource Sharing (CORS)

3. DOM Cross-Site Scripting (XSS)

* These topics will be reviewed within the context of Part 2. (If you know these topics very well, it's recommended to at least view the tutorial on 2x speed)

Part 2 (this episode) will cover the following questions:

1. What is the Browser Exploitation Framework (BeEf)? How can BeEf be leveraged to profile internal networks?

2. How can hackers attack an Elasticsearch instance listening on localhost?

3. How can hackers exfiltrate data through a developer environment?

4. How can common security assumptions be exploited?


Class Curriculum


  Episode 8
Available in days
days after you enroll

Your Instructor


Zach Roof
Zach Roof

I started my tech tutorial journey when I was bedridden for 6 months because I couldn't get healthcare insurance. While I might of been in extreme physical pain, I persisted because the instructors that I watched during that time filled me with immense joy. Towards the end of that experience, I vowed that once I gained the appropriate expertise, I'd provide quality tutorial content to the greater tech community.


In the years after my disability, I've held positions as a Frontend Developer, Backend Developer, Application Security Engineer and a DevOps/Security Engineer. My professional path has ranged from large corporate settings to an intimate blockchain startup.


Now, the next progression in my journey is to take all of my experience and provide quality security tutorials to the greater tech community.