From the course: A Bug Bounty Toolkit for Security Researchers
Join today to access over 24,900 courses taught by industry experts.
Chaining vulnerabilities together
From the course: A Bug Bounty Toolkit for Security Researchers
Chaining vulnerabilities together
- [Narrator] So, what is vulnerability chaining? Vulnerability chaining is a process of linking multiple vulnerabilities together to escalate an attack, gain further access, or achieve a specific objective. Chaining vulnerability involves combining multiple security weaknesses to create a more powerful attack. Let's explore how this technique is important and how you can use it to uncover hidden security issues. For example, an attacker might exploit a low severity vulnerability such as information disclosure, and use that useful information to bypass authentication and execute arbitrary code on the server. Identifying multiple vulnerabilities is the first step in vulnerability chaining. Don't ignore error messages or low severity issues. Look for different weaknesses within the same application or system that can be combined to create a more significant impact. For instance, you might find a misconfigured server that exposes sensitive files and an insecure API endpoint that allows…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
