Confidence - (19-20.11 2009 Warszawa)
Język: polski | english

Mario Heiderich

Temat: JavaScript From Hell

Język: angielski

Mario Heiderich is a freelance security consultant and trainer living in Cologne and working for a wide array of German and international companies. In his free time Mario likes to spend a lot of quality time with the Firebug console window and accidental user agent crashing.


The presentation focuses on client side attack techniques against websites and other web related applications – featuring an overview showing which techniques are being used to obfuscate client side code today – and why most of the obfuscation techniques are rather pointless. Furthermore common as well as modern or even esoteric obfuscation techniques are being shown and discussed – including the new challenges AVs and WAF vendors might have to face during the next months and years. The whole presentation is rather technical – providing in depth info on client side injection and code obfuscation techniques and thus not for the faint of heart. The talk is for you if you like to dig the DOM, analyze payload and have fun with strange language features and proprietary objects.