Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
OWASP Top 10 Overview
Search
evandentremont
December 17, 2020
Programming
0
42
OWASP Top 10 Overview
evandentremont
December 17, 2020
Tweet
Share
More Decks by evandentremont
See All by evandentremont
1,2,3,4 I Declare Cyber War
evandentremont
2
1k
Fixing Infosec
evandentremont
0
98
BTC: Currency or Commodity?
evandentremont
0
83
Immunizing IoT
evandentremont
0
79
Defeating Next Gen Firewalls
evandentremont
1
69
Next Gen Botnet C&C
evandentremont
0
75
SQLi Injection attacks & mitigation
evandentremont
0
97
Other Decks in Programming
See All in Programming
モビリティSaaSにおけるデータ利活用の発展
nealle
0
580
Honoを技術選定したAI要件定義プラットフォームAcsimでの意思決定
codenote
0
250
イベントストーミングのはじめかた / Getting Started with Event Storming
nrslib
1
680
JJUG CCC 2025 Fall: Virtual Thread Deep Dive
ternbusty
3
480
TypeScriptで設計する 堅牢さとUXを両立した非同期ワークフローの実現
moeka__c
5
2k
CloudNative Days Winter 2025: 一週間で作る低レイヤコンテナランタイム
ternbusty
7
1.7k
Phronetic Team with AI - Agile Japan 2025 closing
hiranabe
2
670
Reactive Thinking with Signals and the new Resource API
manfredsteyer
PRO
0
110
FlutterKaigi 2025 システム裏側
yumnumm
0
1.2k
CloudflareのSandbox SDKを試してみた
syumai
0
180
詳細の決定を遅らせつつ実装を早くする
shimabox
2
1.3k
Flutterアプリ運用の現場で役立った監視Tips 5選
ostk0069
1
500
Featured
See All Featured
Designing for Performance
lara
610
69k
Designing for humans not robots
tammielis
254
26k
Agile that works and the tools we love
rasmusluckow
331
21k
Six Lessons from altMBA
skipperchong
29
4.1k
RailsConf & Balkan Ruby 2019: The Past, Present, and Future of Rails at GitHub
eileencodes
140
34k
Distributed Sagas: A Protocol for Coordinating Microservices
caitiem20
333
22k
Done Done
chrislema
186
16k
Templates, Plugins, & Blocks: Oh My! Creating the theme that thinks of everything
marktimemedia
31
2.6k
Optimizing for Happiness
mojombo
379
70k
Build your cross-platform service in a week with App Engine
jlugia
234
18k
Intergalactic Javascript Robots from Outer Space
tanoku
273
27k
The Cult of Friendly URLs
andyhume
79
6.7k
Transcript
None
• • •
• • • • • • • • • •
• • • • • • • • • •
• • • • • • • • • •
• • • • • • • • • •
• • • • • • • • • •
• • • • • • • • • •
• • • • • • • • • •
• • • • • • • • • •
• • • • • • • • • •
• • • • • • • • • •
• • • • • • • • • •
None
• • • •
None
• • •
None
None
<?php class file { public $file = “file.txt” public $data
= “some text” function __destruct(){ file_put_contents($this->file, $this->data); } } O:3{:”file”:2:{s:4:”file”;s:12:”file.txt”;s:4:”data”;s:9:”some text”};}
O:3{:”file”:2:{s:4:”file”;s:9:”shell.php”;s:8:”<?php ?>”;s:9:”some text”};} <?php file_put_contents(”shell.php”, “<?php ?>”); ?>
• • • •
None
None
• • • •
• – <script>X</script>, <!--X-->, <div X=”y”>, <X></X>, <style>X</style> • –
<div attr=X>, <div attr=”X”>, <div attr=’X’> • – <script>alert(‘X’), data=’X’, <div onClick=”data=’X’” – selector { property:X;}, <span style=”property:X;”>
None
None
None
• • • •
None
None
• • • • • • •
None
None
None
• • • •
None
• • • • • • •
None
• – • – • –
• – • – • –
• • • • •
None
• • – – •
• • • • • •
None
• • •
None
evandentremont
nealle
codenote
nrslib
ternbusty
moeka__c
hiranabe
manfredsteyer
.jpg){kind=avatar}
yumnumm
syumai
shimabox
.jpeg){kind=avatar}
ostk0069
lara
tammielis
rasmusluckow
skipperchong
eileencodes
caitiem20
chrislema
marktimemedia
mojombo
jlugia
tanoku
andyhume
