BSides Basingstoke Presentation - From Zero to SSRF to RCE and back again
Posted on 15 July 2022
I was invited to BSides Basingstoke where I presented a talk guiding the audience through my own practical security research experience developing CVE-2020-5014.
I walk through the process of information gathering, vulnerability scanning and exploit development. Swapping between slides and the command line to perform the exploit live. I then explain the process of reporting a vulnerability and my experience as a blue team responding to these kinds of reports.