Hacking & Pentesting MCP Servers | BSides London | Part1 скачать в хорошем качестве

Hacking & Pentesting MCP Servers | BSides London | Part1 2 месяца назад

Не удается загрузить Youtube-плеер. Проверьте блокировку Youtube в вашей сети.
Повторяем попытку...

Скачать видео с ютуб по ссылке или смотреть без блокировок на сайте: Hacking & Pentesting MCP Servers | BSides London | Part1 в качестве 4k

У нас вы можете посмотреть бесплатно Hacking & Pentesting MCP Servers | BSides London | Part1 или скачать в максимальном доступном качестве, видео которое было загружено на ютуб. Для загрузки выберите вариант из формы ниже:

Информация по загрузке:

Скачать mp3 с ютуба отдельным файлом. Бесплатный рингтон Hacking & Pentesting MCP Servers | BSides London | Part1 в формате MP3:

Если кнопки скачивания не загрузились НАЖМИТЕ ЗДЕСЬ или обновите страницу
Если возникают проблемы со скачиванием видео, пожалуйста напишите в поддержку по адресу внизу страницы.
Спасибо за использование сервиса ClipSaver.ru

Hacking & Pentesting MCP Servers | BSides London | Part1

AI agents are moving fast into production. And most of them are dangerously exposed. At BSides London, ‪@RiyazWalikar‬ (Chief Hacker at ‪@Appsecco‬ , Co-founder at ‪@kloudle‬ ran a 4-hour hands-on workshop on hacking and pentesting MCP (Model Context Protocol) servers—the backend systems that power AI agents. This session goes beyond theory. You’ll see: What AI agents really are (and how they differ from simple chatbots) How MCP servers extend agent capabilities using tools, APIs, and databases The real attack surface of MCP servers: 10 specific places an attacker can cause trouble Real-world vulnerability patterns, including a zero-click prompt injection case study (Microsoft 365 Copilot) How to intercept MCP traffic using Burp Suite and local listeners In this workshop, we cover Building Agents: Using n8n and integrating local MCP servers Vulnerabilities: Command injection in Python subprocess (shell=True risks) and prompt injection attacks Frameworks: Introducing the SafeMCP security framework for threat assessment Tools: Claude Desktop, Python 3.8+, and Burp Suite Pro/Community If you are a Pentester, AI Red Teamer, or Developer, this video will help you understand where AI agents break. Subscribe for more content on AI agent security and offensive research. ⏳ CHAPTERS 00:00:00 - Introduction & Workshop Overview 00:01:57 - Who is Riyaz Walikar? 00:04:22 - Prerequisites: Burp, Claude Desktop, & n8n 00:06:54 - Discussion: Defining AI Agents vs. Automation 00:11:29 - Anatomy of an AI Agent (Model, Tools, Memory) 00:12:03 - Live Check: LLM Training Cut-off Dates 00:16:20 - Understanding Model Context Protocol (MCP) 00:19:29 - The MCP Attack Surface: 10 Injection Points 00:21:39 - Lab 1: Building an AI Agent in n8n 00:30:37 - Testing Agent Tools (Wikipedia Example) 00:33:10 - Lab 2: Connecting a Remote MCP Server 00:37:40 - How to Pentest Backend Agent Traffic 00:43:51 - Code Review: Finding Command Injection in Python 00:47:52 - Case Study: Zero-Click Prompt Injection (M365 Copilot) 00:49:55 - Where to Start Your MCP Pentest 🔗 RESOURCES Appsecco Website: https://appsecco.com Appsecco GitHub: https://github.com/appsecco Appsecco LinkedIn: / appsecco #MCPSecurity #AIRedTeaming #PromptInjection #AIAgents #BSidesLondon #PenetrationTesting #CloudSecurity #Appsecco #EthicalHacking #GenAISecurity

Comments