Fennix

Back to the list of Speakers and Sessions

Fennix ,

Pronouns: he/him

I'm a lifelong hacker and avid selfhoster/homelabber who works a day job pentesting. On the side, I build CTF challenges and occasionally even go outside to see the world.


Discussion: AppSec Q&A

This is a Q&A session. Moderators will take audience questions both remotely and on-site via sli.do.


Q&A Discussion for the AppSec block

Talk: API: Alternate Pathway to Injection

Talks will be streamed on YouTube and Twitch for free.


API Documentation often gives the simplest most bare-bones examples to get something running. This runs into the old adage: Nothing is more permanent than a temporary solution. Come join me and walk through a particularly fun example of cloud API documentation showing you the wrong way.

Included will be a deep dive and demo of a vulnerability caused directly by this kind of mistake which maybe shows that Phreaking is alive and well in 2024.