Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
OWASP Top 10 Overview
Search
evandentremont
December 17, 2020
Programming
0
40
OWASP Top 10 Overview
evandentremont
December 17, 2020
Tweet
Share
More Decks by evandentremont
See All by evandentremont
1,2,3,4 I Declare Cyber War
evandentremont
2
980
Fixing Infosec
evandentremont
0
96
BTC: Currency or Commodity?
evandentremont
0
82
Immunizing IoT
evandentremont
0
72
Defeating Next Gen Firewalls
evandentremont
1
65
Next Gen Botnet C&C
evandentremont
0
72
SQLi Injection attacks & mitigation
evandentremont
0
91
Other Decks in Programming
See All in Programming
地方に住むエンジニアの残酷な現実とキャリア論
ichimichi
1
350
Create a website using Spatial Web
akkeylab
0
290
TypeScript LSP の今までとこれから
quramy
1
510
無関心の谷
kanayannet
0
180
ReadMoreTextView
fornewid
1
450
AIネイティブなプロダクトをGolangで挑む取り組み
nmatsumoto4
0
120
Rails産でないDBを Railsに引っ越すHACK - Omotesando.rb #110
lnit
1
160
Kotlin エンジニアへ送る:Swift 案件に参加させられる日に備えて~似てるけど色々違う Swift の仕様 / from Kotlin to Swift
lovee
1
240
機械学習って何? 5分で解説頑張ってみる
kuroneko2828
0
220
コードの90%をAIが書く世界で何が待っているのか / What awaits us in a world where 90% of the code is written by AI
rkaga
41
27k
赤裸々に公開。 TSKaigiのオフシーズン
takezoux2
0
140
第9回 情シス転職ミートアップ 株式会社IVRy(アイブリー)の紹介
ivry_presentationmaterials
1
180
Featured
See All Featured
RailsConf 2023
tenderlove
30
1.1k
Building Better People: How to give real-time feedback that sticks.
wjessup
367
19k
Rebuilding a faster, lazier Slack
samanthasiow
81
9k
GraphQLとの向き合い方2022年版
quramy
46
14k
Refactoring Trust on Your Teams (GOTO; Chicago 2020)
rmw
34
3k
Connecting the Dots Between Site Speed, User Experience & Your Business [WebExpo 2025]
tammyeverts
4
190
Why Our Code Smells
bkeepers
PRO
337
57k
Designing Experiences People Love
moore
142
24k
We Have a Design System, Now What?
morganepeng
52
7.6k
Bash Introduction
62gerente
614
210k
Product Roadmaps are Hard
iamctodd
PRO
53
11k
Cheating the UX When There Is Nothing More to Optimize - PixelPioneers
stephaniewalter
281
13k
Transcript
None
• • •
• • • • • • • • • •
• • • • • • • • • •
• • • • • • • • • •
• • • • • • • • • •
• • • • • • • • • •
• • • • • • • • • •
• • • • • • • • • •
• • • • • • • • • •
• • • • • • • • • •
• • • • • • • • • •
• • • • • • • • • •
None
• • • •
None
• • •
None
None
<?php class file { public $file = “file.txt” public $data
= “some text” function __destruct(){ file_put_contents($this->file, $this->data); } } O:3{:”file”:2:{s:4:”file”;s:12:”file.txt”;s:4:”data”;s:9:”some text”};}
O:3{:”file”:2:{s:4:”file”;s:9:”shell.php”;s:8:”<?php ?>”;s:9:”some text”};} <?php file_put_contents(”shell.php”, “<?php ?>”); ?>
• • • •
None
None
• • • •
• – <script>X</script>, <!--X-->, <div X=”y”>, <X></X>, <style>X</style> • –
<div attr=X>, <div attr=”X”>, <div attr=’X’> • – <script>alert(‘X’), data=’X’, <div onClick=”data=’X’” – selector { property:X;}, <span style=”property:X;”>
None
None
None
• • • •
None
None
• • • • • • •
None
None
None
• • • •
None
• • • • • • •
None
• – • – • –
• – • – • –
• • • • •
None
• • – – •
• • • • • •
None
• • •
None
evandentremont
ichimichi
akkeylab
quramy
kanayannet
fornewid
nmatsumoto4
lnit
lovee
kuroneko2828
rkaga
takezoux2
ivry_presentationmaterials
tenderlove
wjessup
samanthasiow
rmw
tammyeverts
bkeepers
moore
morganepeng
62gerente
iamctodd
stephaniewalter
