Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
EASM mistakes waiting to happen
Search
JR0ch17
January 25, 2022
Technology
0
40
EASM mistakes waiting to happen
JR0ch17
January 25, 2022
Tweet
Share
More Decks by JR0ch17
See All by JR0ch17
Traversing my way in the internal network
jr0ch17
0
140
Getting Started in Bug Bounty
jr0ch17
0
97
Getting Blindly Lucky
jr0ch17
0
70
Qu'est-ce que le bug bounty?
jr0ch17
0
110
Finding 5 bugs in a single parameter
jr0ch17
0
75
Beyond the Borders of Scope
jr0ch17
0
56
Bad API, hAPI Hackers!
jr0ch17
0
1.6k
Other Decks in Technology
See All in Technology
Agentic Workflowという選択肢を考える
tkikuchi1002
1
290
(非公式) AWS Summit Japan と 海浜幕張 の歩き方 2025年版
coosuke
PRO
1
320
生成AIでwebアプリケーションを作ってみた
tajimon
2
120
本当に使える?AutoUpgrade の新機能を実践検証してみた
oracle4engineer
PRO
1
120
Amazon Bedrockで実現する 新たな学習体験
kzkmaeda
1
350
Observability infrastructure behind the trillion-messages scale Kafka platform
lycorptech_jp
PRO
0
120
Create a Rails8 responsive app with Gemini and RubyLLM
palladius
0
140
25分で解説する「最小権限の原則」を実現するための AWS「ポリシー」大全 / 20250625-aws-summit-aws-policy
opelab
6
650
Model Mondays S2E02: Model Context Protocol
nitya
0
170
Amazon ECS & AWS Fargate 運用アーキテクチャ2025 / Amazon ECS and AWS Fargate Ops Architecture 2025
iselegant
13
4.1k
比起獨自升級 我更喜歡 DevOps 文化 <3
line_developers_tw
PRO
0
1.1k
CI/CDとタスク共有で加速するVibe Coding
tnbe21
0
230
Featured
See All Featured
No one is an island. Learnings from fostering a developers community.
thoeni
21
3.3k
It's Worth the Effort
3n
184
28k
The Myth of the Modular Monolith - Day 2 Keynote - Rails World 2024
eileencodes
26
2.8k
The Invisible Side of Design
smashingmag
299
51k
Imperfection Machines: The Place of Print at Facebook
scottboms
267
13k
"I'm Feeling Lucky" - Building Great Search Experiences for Today's Users (#IAC19)
danielanewman
228
22k
Build your cross-platform service in a week with App Engine
jlugia
231
18k
What’s in a name? Adding method to the madness
productmarketing
PRO
22
3.5k
Distributed Sagas: A Protocol for Coordinating Microservices
caitiem20
331
22k
The Cost Of JavaScript in 2023
addyosmani
51
8.4k
The Power of CSS Pseudo Elements
geoffreycrofte
77
5.8k
Scaling GitHub
holman
459
140k
Transcript
EASM mistakes waiting to happen
GET /whoami HTTP/2 Jasmin Landry JR0ch17 Lead, IT & Security
at Montreal Canadiens fan
GET /agenda HTTP/2 EASM Common mistakes Hacker perspective
GET /EASM HTTP/2 What exactly is EASM? What does it
cover? Why is it important?
GET /common_mistakes HTTP/2 Lack of Change Management Not respecting Least
Privilege Misconfigured WAFs Cloud misconfigs (S3 buckets)
GET /hacker_perspective HTTP/2 • Subdomains • IPs • TLS certificates
• Third-party apps Recon EVERYTHING • Monitor for new assets • Monitor any change Continuous Monitoring
GET /thanks HTTP/2 Thank you for listening Questions? More questions?
DMs are open on and
jr0ch17
tkikuchi1002
coosuke
tajimon
oracle4engineer
kzkmaeda
lycorptech_jp
palladius
opelab
nitya
iselegant
line_developers_tw
tnbe21
thoeni
3n
eileencodes
smashingmag
scottboms
danielanewman
jlugia
productmarketing
caitiem20
addyosmani
geoffreycrofte
holman
