Upgrade to Pro — share decks privately, control downloads, hide ads and more …

OWASP Top 10 Overview

evandentremont
December 17, 2020
Programming
0
28

OWASP Top 10 Overview

evandentremont

December 17, 2020
Tweet

More Decks by evandentremont

See All by evandentremont
1,2,3,4 I Declare Cyber War
evandentremont
2
770
Fixing Infosec
evandentremont
0
79
BTC: Currency or Commodity?
evandentremont
0
63
Immunizing IoT
evandentremont
0
53
Defeating Next Gen Firewalls
evandentremont
1
36
Next Gen Botnet C&C
evandentremont
0
56
SQLi Injection attacks & mitigation
evandentremont
0
41

Other Decks in Programming

See All in Programming
Git Rebase
bkuhlmann
10
1.2k
まだ日本国内で利用できないAppActionsにトライしてみた / MoT TechTalk #15
mot_techtalk
0
130
Findy - エンジニア向け会社紹介 / Findy Letter for Engineers
findyinc
2
42k
(新米)エンジニアリングマネージャーのしごと #RSGT2023
murabayashi
9
5.9k
Enumを自動で網羅的にテストしてみた
estie
0
1.3k
Form実装基本を学び直してみた
hyugatsukui
0
250
なぜRubyコミュニティにコミットするのか?
luccafort
0
320
コンピュータビジョンセミナー2 / computer_vision_seminar_libSGM
fixstars
0
320
Cloudflare Workersと状態管理
chimame
3
490
レガシーフレームワークからの移行
ug
0
120
[2023년 1월 세미나] 데이터 분석가 되면 어떤 일을 하나요?
datarian
0
610
Amazon QuickSightのアップデート -re:Invent 2022の復習&2022年ハイライト-
shogo452
0
240

Featured

See All Featured
Creatively Recalculating Your Daily Design Routine
revolveconf
207
11k
Gamification - CAS2011
davidbonilla
75
4.1k
Raft: Consensus for Rubyists
vanstee
130
5.7k
Designing for Performance
lara
600
65k
Imperfection Machines: The Place of Print at Facebook
scottboms
254
12k
The Art of Programming - Codeland 2020
erikaheidi
36
11k
BBQ
matthewcrist
75
8.1k
Templates, Plugins, & Blocks: Oh My! Creating the theme that thinks of everything
marktimemedia
15
1.2k
Infographics Made Easy
chrislema
235
17k
Why Our Code Smells
bkeepers
PRO
326
55k
The Web Native Designer (August 2011)
paulrobertlloyd
76
2.2k
Building an army of robots
kneath
301
40k

Transcript

  1. None

  2. • • •

  3. • • • • • • • • • •

  4. • • • • • • • • • •

  5. • • • • • • • • • •

  6. • • • • • • • • • •

  7. • • • • • • • • • •

  8. • • • • • • • • • •

  9. • • • • • • • • • •

    • • • • • • • • • •

  10. • • • • • • • • • •

    • • • • • • • • • •

  11. • • • • • • • • • •

  12. None

  13. • • • •

  14. None

  15. • • •

  16. None
  17. None

  18. <?php class file { public $file = “file.txt” public $data

    = “some text” function __destruct(){ file_put_contents($this->file, $this->data); } } O:3{:”file”:2:{s:4:”file”;s:12:”file.txt”;s:4:”data”;s:9:”some text”};}

  19. O:3{:”file”:2:{s:4:”file”;s:9:”shell.php”;s:8:”<?php ?>”;s:9:”some text”};} <?php file_put_contents(”shell.php”, “<?php ?>”); ?>

  20. • • • •

  21. None
  22. None

  23. • • • •

  24. • – <script>X</script>, <!--X-->, <div X=”y”>, <X></X>, <style>X</style> • –

    <div attr=X>, <div attr=”X”>, <div attr=’X’> • – <script>alert(‘X’), data=’X’, <div onClick=”data=’X’” – selector { property:X;}, <span style=”property:X;”>
  25. None
  26. None
  27. None

  28. • • • •

  29. None
  30. None

  31. • • • • • • •

  32. None
  33. None
  34. None

  35. • • • •

  36. None

  37. • • • • • • •

  38. None

  39. • – • – • –

  40. • – • – • –

  41. • • • • •

  42. None

  43. • • – – •

  44. • • • • • •

  45. None

  46. • • •

  47. None