Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
OWASP Top 10 Overview
Search
evandentremont
December 17, 2020
Programming
0
42
OWASP Top 10 Overview
evandentremont
December 17, 2020
Tweet
Share
More Decks by evandentremont
See All by evandentremont
1,2,3,4 I Declare Cyber War
evandentremont
2
1k
Fixing Infosec
evandentremont
0
98
BTC: Currency or Commodity?
evandentremont
0
83
Immunizing IoT
evandentremont
0
79
Defeating Next Gen Firewalls
evandentremont
1
69
Next Gen Botnet C&C
evandentremont
0
75
SQLi Injection attacks & mitigation
evandentremont
0
96
Other Decks in Programming
See All in Programming
Introduce Hono CLI
yusukebe
6
3.1k
AkarengaLT vol.38
hashimoto_kei
1
130
Things You Thought You Didn’t Need To Care About That Have a Big Impact On Your Job
hollycummins
0
260
登壇は dynamic! な営みである / speech is dynamic
da1chi
0
360
NixOS + Kubernetesで構築する自宅サーバーのすべて
ichi_h3
0
1.2k
Server Side Kotlin Meetup vol.16: 内部動作を理解して ハイパフォーマンスなサーバサイド Kotlin アプリケーションを書こう
ternbusty
3
260
スキーマ駆動で、Zod OpenAPI Honoによる、API開発するために、Hono Takibiというライブラリを作っている
nakita628
0
320
bootcamp2025_バックエンド研修_WebAPIサーバ作成.pdf
geniee_inc
0
140
理論と実務のギャップを超える
eycjur
0
180
EMこそClaude Codeでコード調査しよう
shibayu36
0
440
Migration to Signals, Resource API, and NgRx Signal Store
manfredsteyer
PRO
0
120
alien-signals と自作 OSS で実現する フレームワーク非依存な ロジック共通化の探求 / Exploring Framework-Agnostic Logic Sharing with alien-signals and Custom OSS
aoseyuu
2
700
Featured
See All Featured
For a Future-Friendly Web
brad_frost
180
10k
What's in a price? How to price your products and services
michaelherold
246
12k
The Cult of Friendly URLs
andyhume
79
6.6k
The Success of Rails: Ensuring Growth for the Next 100 Years
eileencodes
46
7.7k
Thoughts on Productivity
jonyablonski
70
4.9k
Why You Should Never Use an ORM
jnunemaker
PRO
59
9.6k
"I'm Feeling Lucky" - Building Great Search Experiences for Today's Users (#IAC19)
danielanewman
230
22k
How GitHub (no longer) Works
holman
315
140k
Unsuck your backbone
ammeep
671
58k
StorybookのUI Testing Handbookを読んだ
zakiyama
31
6.2k
Rails Girls Zürich Keynote
gr2m
95
14k
The Myth of the Modular Monolith - Day 2 Keynote - Rails World 2024
eileencodes
26
3.1k
Transcript
None
• • •
• • • • • • • • • •
• • • • • • • • • •
• • • • • • • • • •
• • • • • • • • • •
• • • • • • • • • •
• • • • • • • • • •
• • • • • • • • • •
• • • • • • • • • •
• • • • • • • • • •
• • • • • • • • • •
• • • • • • • • • •
None
• • • •
None
• • •
None
None
<?php class file { public $file = “file.txt” public $data
= “some text” function __destruct(){ file_put_contents($this->file, $this->data); } } O:3{:”file”:2:{s:4:”file”;s:12:”file.txt”;s:4:”data”;s:9:”some text”};}
O:3{:”file”:2:{s:4:”file”;s:9:”shell.php”;s:8:”<?php ?>”;s:9:”some text”};} <?php file_put_contents(”shell.php”, “<?php ?>”); ?>
• • • •
None
None
• • • •
• – <script>X</script>, <!--X-->, <div X=”y”>, <X></X>, <style>X</style> • –
<div attr=X>, <div attr=”X”>, <div attr=’X’> • – <script>alert(‘X’), data=’X’, <div onClick=”data=’X’” – selector { property:X;}, <span style=”property:X;”>
None
None
None
• • • •
None
None
• • • • • • •
None
None
None
• • • •
None
• • • • • • •
None
• – • – • –
• – • – • –
• • • • •
None
• • – – •
• • • • • •
None
• • •
None
evandentremont
yusukebe
hashimoto_kei
hollycummins
da1chi
ichi_h3
ternbusty
nakita628
geniee_inc
eycjur
shibayu36
manfredsteyer
aoseyuu
brad_frost
michaelherold
andyhume
eileencodes
jonyablonski
jnunemaker
danielanewman
holman
ammeep
zakiyama
gr2m
