Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
EASM mistakes waiting to happen
Search
Sponsored
·
SiteGround - Reliable hosting with speed, security, and support you can count on.
→
JR0ch17
January 25, 2022
Technology
59
0
Share
EASM mistakes waiting to happen
JR0ch17
January 25, 2022
More Decks by JR0ch17
See All by JR0ch17
Traversing my way in the internal network
jr0ch17
0
190
Getting Started in Bug Bounty
jr0ch17
0
170
Getting Blindly Lucky
jr0ch17
0
100
Qu'est-ce que le bug bounty?
jr0ch17
0
160
Finding 5 bugs in a single parameter
jr0ch17
0
120
Beyond the Borders of Scope
jr0ch17
1
99
Bad API, hAPI Hackers!
jr0ch17
0
1.6k
Other Decks in Technology
See All in Technology
サプライチェーンセキュリティの空白地帯 - 信頼できる”依存性”の未来を考える
rung
PRO
2
520
A Harness for Behaviour: how to get AI to generate code that does what we intend, or "TDD in the age of AI"
xpmatteo
1
520
脅威をエンジニアリングの糧にして:恐怖を乗り越えた先にあったもの / Turn threats into fuel for engineering: what lay beyond overcoming fear
nrslib
1
360
20260528_生成AIを専属DSに_Howの次にすべきことを考える
doradora09
PRO
0
270
layerx-fde-practices
cipepser
6
2.9k
先取りMaven4 ~16年ぶりのメジャーアップデート、その進化とは?~
ogiwarat
0
110
GitHub Copilot CLIでWebアクセシビリティを改善した話
tomokusaba
0
140
速さだけじゃない! VoidZero ツールが移行先に選ばれる理由
mizdra
PRO
6
700
個人AIからチームAIへ:開発における品質と生産性の再設計
moongift
PRO
0
320
Dynamic Workersについて
yusukebe
2
510
TypeScript Compiler APIとPHP-Parserを活用し、TypeScriptとPHPで型を共有する
shuta13
0
270
Diagnosing performance problems without the guesswork
elenatanasoiu
0
130
Featured
See All Featured
GitHub's CSS Performance
jonrohan
1033
470k
Mozcon NYC 2025: Stop Losing SEO Traffic
samtorres
1
240
Java REST API Framework Comparison - PWX 2021
mraible
34
9.3k
The Language of Interfaces
destraynor
162
26k
Save Time (by Creating Custom Rails Generators)
garrettdimon
PRO
32
3.3k
Evolving SEO for Evolving Search Engines
ryanjones
0
210
The Art of Programming - Codeland 2020
erikaheidi
57
14k
Performance Is Good for Brains [We Love Speed 2024]
tammyeverts
12
1.7k
More Than Pixels: Becoming A User Experience Designer
marktimemedia
3
430
Thoughts on Productivity
jonyablonski
76
5.2k
Mobile First: as difficult as doing things right
swwweet
225
10k
How to optimise 3,500 product descriptions for ecommerce in one day using ChatGPT
katarinadahlin
PRO
1
3.6k
Transcript
EASM mistakes waiting to happen
GET /whoami HTTP/2 Jasmin Landry JR0ch17 Lead, IT & Security
at Montreal Canadiens fan
GET /agenda HTTP/2 EASM Common mistakes Hacker perspective
GET /EASM HTTP/2 What exactly is EASM? What does it
cover? Why is it important?
GET /common_mistakes HTTP/2 Lack of Change Management Not respecting Least
Privilege Misconfigured WAFs Cloud misconfigs (S3 buckets)
GET /hacker_perspective HTTP/2 • Subdomains • IPs • TLS certificates
• Third-party apps Recon EVERYTHING • Monitor for new assets • Monitor any change Continuous Monitoring
GET /thanks HTTP/2 Thank you for listening Questions? More questions?
DMs are open on and
SiteGround - Reliable hosting with speed, security, and support you can count on.
jr0ch17
rung
xpmatteo
nrslib
doradora09
cipepser
ogiwarat
tomokusaba
mizdra
moongift
yusukebe
shuta13
elenatanasoiu
jonrohan
samtorres
mraible
destraynor
garrettdimon
ryanjones
erikaheidi
tammyeverts
marktimemedia
jonyablonski
swwweet
katarinadahlin
