Exploiting PHP Type Juggling Vulnerabilities - Security Simplified

This video is sponsored by Intigriti. Intigriti is a bug bounty platform that pays you for reporting security vulnerabilities. Sign up to hack here: https://go.intigriti.com/vickie Sometimes, features of programming languages that are designed to make things easier can lead to vulnerabilities. Today, let’s look at one of these examples. Let’s dive into PHP’s “type juggling” feature, and how they lead to authentication bypass vulnerabilities.

Join Today
Intro to CSRF (Cross-Site Request Forgery) - Security Simplified
▶︎

Intro to CSRF (Cross-Site Request Forgery) - Security Simplified

Type Juggling and Coercion in PHP
▶︎

Type Juggling and Coercion in PHP

How to Read SIEM Logs to Detect Hackers
▶︎

How to Read SIEM Logs to Detect Hackers

PHP Type Juggling - Why === is Important - Bug Bounty Tips
▶︎

PHP Type Juggling - Why === is Important - Bug Bounty Tips

PHP Type Juggling Vulnerabilities, Netsparker - Paul's Security Weekly #572
▶︎

PHP Type Juggling Vulnerabilities, Netsparker - Paul's Security Weekly #572

Why Hackers Love PHP
▶︎

Why Hackers Love PHP

Type Juggling Magic: Why PHP thinks 0 and "password" are the same [Capture The Flag Fundamentals]
▶︎

Type Juggling Magic: Why PHP thinks 0 and "password" are the same [Capture The Flag Fundamentals]

Understanding Insecure Deserialization Vulnerabilities: Security Simplified
▶︎

Understanding Insecure Deserialization Vulnerabilities: Security Simplified

How to conduct a basic security code review | Security Simplified
▶︎

How to conduct a basic security code review | Security Simplified

PHP 8.1.0-dev BACKDOOR Hack (Easy RCE)
▶︎

PHP 8.1.0-dev BACKDOOR Hack (Easy RCE)

Hacking banks with race conditions
▶︎

Hacking banks with race conditions

Zoom - turning on someone's camera using SQL injection vulnerability - Bug Bounty Reports Explained
▶︎

Zoom - turning on someone's camera using SQL injection vulnerability - Bug Bounty Reports Explained

Type Juggling in PHP Switch - Juggling Facts [HackTheBoo CTF 2022]
▶︎

Type Juggling in PHP Switch - Juggling Facts [HackTheBoo CTF 2022]

Attacking Sites Using CSRF - Security Simplified
▶︎

Attacking Sites Using CSRF - Security Simplified

How To Learn Hacking - A Practical Demo
▶︎

How To Learn Hacking - A Practical Demo

How to use ffuf - Hacker Toolbox
▶︎

How to use ffuf - Hacker Toolbox

Stealing Web Session Cookies to Bypass MFA (Credential Access)
▶︎

Stealing Web Session Cookies to Bypass MFA (Credential Access)

Laravel CVE / PHP Deserialization - "Larablog" HTB Business CTF
▶︎

Laravel CVE / PHP Deserialization - "Larablog" HTB Business CTF

PHP Type Juggling, LFI and Command Injection - Solution to April '23 Challenge
▶︎

PHP Type Juggling, LFI and Command Injection - Solution to April '23 Challenge

Cross-Site Scripting (XSS) Explained
▶︎

Cross-Site Scripting (XSS) Explained