Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
EASM mistakes waiting to happen
Search
JR0ch17
January 25, 2022
Technology
60
0
Share
Embed
Copy iframe code
Copy JS code
Copy link
Start on current slide
EASM mistakes waiting to happen
JR0ch17
January 25, 2022
More Decks by JR0ch17
See All by JR0ch17
Traversing my way in the internal network
jr0ch17
0
190
Getting Started in Bug Bounty
jr0ch17
0
170
Getting Blindly Lucky
jr0ch17
0
110
Qu'est-ce que le bug bounty?
jr0ch17
0
160
Finding 5 bugs in a single parameter
jr0ch17
0
120
Beyond the Borders of Scope
jr0ch17
1
110
Bad API, hAPI Hackers!
jr0ch17
0
1.6k
Other Decks in Technology
See All in Technology
SONiC Scale-Up Working Group から探る Scale-UpやUltraEthernet機能の実装方法
ebiken
PRO
2
410
気軽に使える"情報のハブ"としてのNotion活用 〜フロー情報の集積点 と、 Claude Code × Notion AI〜
syucream
1
150
自分が詳しくない領域でAIを使う #プロヒス2026
konifar
13
5.3k
Bucharest Tech Week 2026 - Guardians of the Cloud-Native Galaxy
edeandrea
PRO
0
120
Oracle AI Database@Azure:サービス概要のご紹介
oracle4engineer
PRO
6
2k
FPGAの開発コンペでZephyrを使ってみた
iotengineer22
0
140
2026 TECHFRESH 畢業分享會 - AI-Native 重塑軟體工程與虛擬講師
line_developers_tw
PRO
0
1.3k
Kiro Ambassador を目指す話
k_adachi_01
0
110
AWS Security Agent といっしょに脅威モデリングをやってみよう
amarelo_n24
1
180
Lightning近況報告
kozy4324
0
190
Kubernetesにおける学習基盤とLLMOpsの概要
ry
1
320
白金鉱業Meetup_Vol.24_「AIエージェントは分けるほど良い」は本当か? / Is it true that “the more you divide AI agents, the better”?
brainpadpr
1
410
Featured
See All Featured
Intergalactic Javascript Robots from Outer Space
tanoku
273
27k
Why Our Code Smells
bkeepers
PRO
340
58k
Self-Hosted WebAssembly Runtime for Runtime-Neutral Checkpoint/Restore in Edge–Cloud Continuum
chikuwait
0
600
The Art of Delivering Value - GDevCon NA Keynote
reverentgeek
16
2k
Chasing Engaging Ingredients in Design
codingconduct
0
220
ピンチをチャンスに:未来をつくるプロダクトロードマップ #pmconf2020
aki_iinuma
128
56k
Agile Leadership in an Agile Organization
kimpetersen
PRO
0
170
Prompt Engineering for Job Search
mfonobong
0
350
コードの90%をAIが書く世界で何が待っているのか / What awaits us in a world where 90% of the code is written by AI
rkaga
62
44k
Automating Front-end Workflow
addyosmani
1370
210k
Cheating the UX When There Is Nothing More to Optimize - PixelPioneers
stephaniewalter
287
14k
StorybookのUI Testing Handbookを読んだ
zakiyama
31
6.8k
Transcript
EASM mistakes waiting to happen
GET /whoami HTTP/2 Jasmin Landry JR0ch17 Lead, IT & Security
at Montreal Canadiens fan
GET /agenda HTTP/2 EASM Common mistakes Hacker perspective
GET /EASM HTTP/2 What exactly is EASM? What does it
cover? Why is it important?
GET /common_mistakes HTTP/2 Lack of Change Management Not respecting Least
Privilege Misconfigured WAFs Cloud misconfigs (S3 buckets)
GET /hacker_perspective HTTP/2 • Subdomains • IPs • TLS certificates
• Third-party apps Recon EVERYTHING • Monitor for new assets • Monitor any change Continuous Monitoring
GET /thanks HTTP/2 Thank you for listening Questions? More questions?
DMs are open on and
jr0ch17
ebiken
syucream
konifar
edeandrea
oracle4engineer
iotengineer22
line_developers_tw
k_adachi_01
amarelo_n24
kozy4324
ry
brainpadpr
tanoku
bkeepers
chikuwait
reverentgeek
codingconduct
aki_iinuma
kimpetersen
mfonobong
rkaga
addyosmani
stephaniewalter
zakiyama
