Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
EASM mistakes waiting to happen
Search
JR0ch17
January 25, 2022
Technology
0
46
EASM mistakes waiting to happen
JR0ch17
January 25, 2022
Tweet
Share
More Decks by JR0ch17
See All by JR0ch17
Traversing my way in the internal network
jr0ch17
0
160
Getting Started in Bug Bounty
jr0ch17
0
140
Getting Blindly Lucky
jr0ch17
0
86
Qu'est-ce que le bug bounty?
jr0ch17
0
140
Finding 5 bugs in a single parameter
jr0ch17
0
96
Beyond the Borders of Scope
jr0ch17
1
85
Bad API, hAPI Hackers!
jr0ch17
0
1.6k
Other Decks in Technology
See All in Technology
AWS re:Inventre:cap ~AmazonNova 2 Omniのワークショップを体験してきた~
nrinetcom
PRO
0
120
Scrum Guide Expansion Pack が示す現代プロダクト開発への補完的視点
sonjin
0
280
田舎で20年スクラム(後編):一個人が企業で長期戦アジャイルに挑む意味
chinmo
1
860
チームで安全にClaude Codeを利用するためのプラクティス / team-claude-code-practices
tomoki10
4
1.8k
2025年の医用画像AI/AI×medical_imaging_in_2025_generated_by_AI
tdys13
0
290
小さく、早く、可能性を多産する。生成AIプロジェクト / prAIrie-dog
visional_engineering_and_design
0
310
1万人を変え日本を変える!!多層構造型ふりかえりの大規模組織変革 / 20260108 Kazuki Mori
shift_evolve
PRO
5
610
BidiAgent と Nova 2 Sonic から考える音声 AI について
yama3133
2
140
Next.js 16の新機能 Cache Components について
sutetotanuki
0
210
Claude Codeを使った情報整理術
knishioka
18
11k
あの夜、私たちは「人間」に戻った。 ── 災害ユートピア、贈与、そしてアジャイルの再構築 / 20260108 Hiromitsu Akiba
shift_evolve
PRO
0
340
松尾研LLM講座2025 応用編Day3「軽量化」 講義資料
aratako
15
4.8k
Featured
See All Featured
Let's Do A Bunch of Simple Stuff to Make Websites Faster
chriscoyier
508
140k
Music & Morning Musume
bryan
46
7k
Build your cross-platform service in a week with App Engine
jlugia
234
18k
Bootstrapping a Software Product
garrettdimon
PRO
307
120k
Writing Fast Ruby
sferik
630
62k
The Anti-SEO Checklist Checklist. Pubcon Cyber Week
ryanjones
0
35
Stop Working from a Prison Cell
hatefulcrawdad
273
21k
Money Talks: Using Revenue to Get Sh*t Done
nikkihalliwell
0
130
Fight the Zombie Pattern Library - RWD Summit 2016
marcelosomers
234
17k
Lessons Learnt from Crawling 1000+ Websites
charlesmeaden
PRO
0
990
Leo the Paperboy
mayatellez
0
1.3k
Visual Storytelling: How to be a Superhuman Communicator
reverentgeek
2
400
Transcript
EASM mistakes waiting to happen
GET /whoami HTTP/2 Jasmin Landry JR0ch17 Lead, IT & Security
at Montreal Canadiens fan
GET /agenda HTTP/2 EASM Common mistakes Hacker perspective
GET /EASM HTTP/2 What exactly is EASM? What does it
cover? Why is it important?
GET /common_mistakes HTTP/2 Lack of Change Management Not respecting Least
Privilege Misconfigured WAFs Cloud misconfigs (S3 buckets)
GET /hacker_perspective HTTP/2 • Subdomains • IPs • TLS certificates
• Third-party apps Recon EVERYTHING • Monitor for new assets • Monitor any change Continuous Monitoring
GET /thanks HTTP/2 Thank you for listening Questions? More questions?
DMs are open on and
jr0ch17
nrinetcom
sonjin
chinmo
tomoki10
tdys13
visional_engineering_and_design
shift_evolve
yama3133
sutetotanuki
knishioka
.jpg){kind=avatar}
aratako
chriscoyier
bryan
jlugia
garrettdimon
sferik
ryanjones
hatefulcrawdad
nikkihalliwell
marcelosomers
charlesmeaden
mayatellez
reverentgeek
