BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//pretalx//cfp.securitybsides.org.uk//bsides-london-2024//speaker//
 CA3DFX
BEGIN:VTIMEZONE
TZID:GMT
BEGIN:STANDARD
DTSTART:20001029T030000
RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=10
TZNAME:GMT
TZOFFSETFROM:+0100
TZOFFSETTO:+0000
END:STANDARD
BEGIN:DAYLIGHT
DTSTART:20000326T020000
RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=3
TZNAME:BST
TZOFFSETFROM:+0000
TZOFFSETTO:+0100
END:DAYLIGHT
END:VTIMEZONE
BEGIN:VEVENT
UID:pretalx-bsides-london-2024-LV7GFV@cfp.securitybsides.org.uk
DTSTART;TZID=GMT:20241214T125500
DTEND;TZID=GMT:20241214T134000
DESCRIPTION:In modern web architectures\, SSRF vulnerabilities have become 
 increasingly difficult to exploit due to sophisticated defense mechanisms.
  This presentation introduces SSRF² - a novel technique that challenges f
 undamental assumptions about trust boundaries by using the same SSRF primi
 tive twice across different security contexts. Through real-world discover
 ies\, we demonstrate how a seemingly limited SSRF primitive\, when used tw
 ice\, can bypass an entire security stack designed to prevent internal acc
 ess. What makes this technique particularly powerful is its ability to tra
 nsform restricted blind SSRF vulnerabilities into critical security breach
 es without complex chains or extensive reconnaissance.
DTSTAMP:20260315T103259Z
LOCATION:Clappy Monkey Track
SUMMARY:SSRF² | Breaking Trust Zones Through Self-Reference - Guy  Arazi
URL:https://cfp.securitybsides.org.uk/bsides-london-2024/talk/LV7GFV/
END:VEVENT
END:VCALENDAR