Member-only story
DeveloPassion’s Newsletter — Boomerang
Hello everyone! I’m Sébastien Dubois, your host. You’re receiving this email because you signed up for DeveloPassion’s Newsletter. Thank you for being here with me ✨
If you enjoy this newsletter, then become a supporter ❤️
Welcome to the 68th edition
Another week, another newsletter! I hope that you all had a great one 🤩
Welcome to all the new readers ❤️
This week has come and gone so quickly! I didn’t have much time to work on side projects this week. I participated in SecAppDev in Leuven (Belgium), a conference dedicated to IT security.
As some of you know, I ❤️ all things ITSEC, so participating in such a conference was a real blast. I’ve learned quite a few things.
It’s always fun to discover all the ways systems can get hacked… In particular, a really fascinating talk by Abhay Bhargav focused on Server-Side Request Forgery (SSRF) and explored how to turn Webhooks into dangerous boomerangs. In this case, the attacker controlled a Webhook target and replied to the Webhook request with a redirect, leading to data exfiltration and ultimately AWS account compromise (woops 😂).
I’ve also participated in two whole-day workshops that were really fun. It’ll take me a while to publish my…
