DEF CON 32 - Hacking Corporate Banking for Fun and Profit - niks, Charles Waterhouse
About this talk
I conducted thorough research on a corporate banking software widely utilized by numerous banks globally. This research was conducted during a bug bounty program for a leading bank in middle east, which employs this software. By examining their marketing brochures, we identified the third party company responsible for its development and after looking at their client we found out, their software is utilized by 60-70% of banks worldwide. In this talk i will explain how did i recon corporate banking application from extracting interesting endpoints and methods. Further used them to find attack surface. Furthermore, I will delve into the methods used to uncover critical vulnerabilities within their application, including SQL injections, bypassing access control mechanisms etc.
Stay Updated
Get notified about new features and conference additions.
