speaker

James Kettle (@albinowax)

Company: PortSwigger Web Security
Bio: James Kettle is Head of Research at PortSwigger Web Security, where he designs and refines vulnerability detection techniques for Burp Suite's scanner. Recent work has focused on techniques to detect unknown classes of vulnerabilities, and exploiting subtle CORS misconfigurations in bitcoin exchanges. James has extensive experience cultivating novel attack techniques, including server and client side RCE, and abusing the HTTP Host header to poison password reset emails and server side caches.