Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
OWASP Top 10 Overview
Search
evandentremont
December 17, 2020
Programming
45
0
Share
OWASP Top 10 Overview
evandentremont
December 17, 2020
More Decks by evandentremont
See All by evandentremont
1,2,3,4 I Declare Cyber War
evandentremont
2
1k
Fixing Infosec
evandentremont
0
110
BTC: Currency or Commodity?
evandentremont
0
88
Immunizing IoT
evandentremont
0
90
Defeating Next Gen Firewalls
evandentremont
1
77
Next Gen Botnet C&C
evandentremont
0
84
SQLi Injection attacks & mitigation
evandentremont
0
110
Other Decks in Programming
See All in Programming
ソフトウェア設計の結合バランス #phperkaigi
kajitack
0
490
Building on Bluesky's AT Protocol with Ruby
mackuba
0
100
書き換えて学ぶTemporal #fukts
pirosikick
2
350
Road to RubyKaigi: Play Hard(ware)
makicamel
1
540
tRPCの概要と少しだけパフォーマンス
misoton665
2
260
〜バイブコーディングを超えて〜 チームで実験し続けたAI駆動開発
tigertora7571
0
190
10 Tips of AWS ~Gen AI on AWS~
licux
5
540
How We Benchmarked Quarkus: Patterns and anti-patterns
hollycummins
1
180
Vibe NLP for Applied NLP
inesmontani
PRO
0
590
「Linuxサーバー構築標準教科書」を読んでみた #ツナギメオフライン.7
akase244
0
1.4k
いつか誰かが、と思っていた フロントエンド刷新5年間の実践知
kiichisugihara
1
250
From Formal Specification to Property Based Test
ohbarye
0
710
Featured
See All Featured
Let's Do A Bunch of Simple Stuff to Make Websites Faster
chriscoyier
508
140k
Stop Working from a Prison Cell
hatefulcrawdad
274
21k
It's Worth the Effort
3n
188
29k
Public Speaking Without Barfing On Your Shoes - THAT 2023
reverentgeek
1
380
Typedesign – Prime Four
hannesfritz
42
3k
Everyday Curiosity
cassininazir
0
200
Visualization
eitanlees
150
17k
Dealing with People You Can't Stand - Big Design 2015
cassininazir
367
27k
Groundhog Day: Seeking Process in Gaming for Health
codingconduct
0
170
Stewardship and Sustainability of Urban and Community Forests
pwiseman
0
190
Un-Boring Meetings
codingconduct
0
280
Performance Is Good for Brains [We Love Speed 2024]
tammyeverts
12
1.6k
Transcript
None
• • •
• • • • • • • • • •
• • • • • • • • • •
• • • • • • • • • •
• • • • • • • • • •
• • • • • • • • • •
• • • • • • • • • •
• • • • • • • • • •
• • • • • • • • • •
• • • • • • • • • •
• • • • • • • • • •
• • • • • • • • • •
None
• • • •
None
• • •
None
None
<?php class file { public $file = “file.txt” public $data
= “some text” function __destruct(){ file_put_contents($this->file, $this->data); } } O:3{:”file”:2:{s:4:”file”;s:12:”file.txt”;s:4:”data”;s:9:”some text”};}
O:3{:”file”:2:{s:4:”file”;s:9:”shell.php”;s:8:”<?php ?>”;s:9:”some text”};} <?php file_put_contents(”shell.php”, “<?php ?>”); ?>
• • • •
None
None
• • • •
• – <script>X</script>, <!--X-->, <div X=”y”>, <X></X>, <style>X</style> • –
<div attr=X>, <div attr=”X”>, <div attr=’X’> • – <script>alert(‘X’), data=’X’, <div onClick=”data=’X’” – selector { property:X;}, <span style=”property:X;”>
None
None
None
• • • •
None
None
• • • • • • •
None
None
None
• • • •
None
• • • • • • •
None
• – • – • –
• – • – • –
• • • • •
None
• • – – •
• • • • • •
None
• • •
None
evandentremont
kajitack
mackuba
pirosikick
makicamel
misoton665
tigertora7571
licux
hollycummins
inesmontani
akase244
kiichisugihara
ohbarye
chriscoyier
hatefulcrawdad
3n
reverentgeek
hannesfritz
cassininazir
eitanlees
codingconduct
pwiseman
tammyeverts
