Upgrade to Pro — share decks privately, control downloads, hide ads and more …

OWASP Top 10 Overview

evandentremont
December 17, 2020
Programming
0
35

OWASP Top 10 Overview

evandentremont

December 17, 2020
Tweet

More Decks by evandentremont

See All by evandentremont
1,2,3,4 I Declare Cyber War
evandentremont
2
930
Fixing Infosec
evandentremont
0
93
BTC: Currency or Commodity?
evandentremont
0
80
Immunizing IoT
evandentremont
0
66
Defeating Next Gen Firewalls
evandentremont
1
64
Next Gen Botnet C&C
evandentremont
0
69
SQLi Injection attacks & mitigation
evandentremont
0
82

Other Decks in Programming

See All in Programming
受け取る人から提供する人になるということ
little_rubyist
0
230
距離関数を極める! / SESSIONS 2024
gam0022
0
280
Outline View in SwiftUI
1024jp
1
320
OSSで起業してもうすぐ10年 / Open Source Conference 2024 Shimane
furukawayasuto
0
100
Hotwire or React? ~アフタートーク・本編に含めなかった話~ / Hotwire or React? after talk
harunatsujita
1
120
Contemporary Test Cases
maaretp
0
130
アジャイルを支えるテストアーキテクチャ設計/Test Architecting for Agile
goyoki
9
3.3k
AWS IaCの注目アップデート 2024年10月版
konokenj
3
3.3k
Webの技術スタックで マルチプラットフォームアプリ開発を可能にするElixirDesktopの紹介
thehaigo
2
1k
macOS でできる リアルタイム動画像処理
biacco42
9
2.4k
リアーキテクチャxDDD 1年間の取り組みと進化
hsawaji
1
220
レガシーシステムにどう立ち向かうか 複雑さと理想と現実/vs-legacy
suzukihoge
14
2.2k

Featured

See All Featured
The Language of Interfaces
destraynor
154
24k
Stop Working from a Prison Cell
hatefulcrawdad
267
20k
VelocityConf: Rendering Performance Case Studies
addyosmani
325
24k
Writing Fast Ruby
sferik
627
61k
[RailsConf 2023] Rails as a piece of cake
palkan
52
4.9k
Build The Right Thing And Hit Your Dates
maggiecrowley
33
2.4k
Let's Do A Bunch of Simple Stuff to Make Websites Faster
chriscoyier
506
140k
Intergalactic Javascript Robots from Outer Space
tanoku
269
27k
Building Flexible Design Systems
yeseniaperezcruz
327
38k
Cheating the UX When There Is Nothing More to Optimize - PixelPioneers
stephaniewalter
280
13k
Automating Front-end Workflow
addyosmani
1366
200k
Building Applications with DynamoDB
mza
90
6.1k

Transcript

  1. None

  2. • • •

  3. • • • • • • • • • •

  4. • • • • • • • • • •

  5. • • • • • • • • • •

  6. • • • • • • • • • •

  7. • • • • • • • • • •

  8. • • • • • • • • • •

  9. • • • • • • • • • •

    • • • • • • • • • •

  10. • • • • • • • • • •

    • • • • • • • • • •

  11. • • • • • • • • • •

  12. None

  13. • • • •

  14. None

  15. • • •

  16. None
  17. None

  18. <?php class file { public $file = “file.txt” public $data

    = “some text” function __destruct(){ file_put_contents($this->file, $this->data); } } O:3{:”file”:2:{s:4:”file”;s:12:”file.txt”;s:4:”data”;s:9:”some text”};}

  19. O:3{:”file”:2:{s:4:”file”;s:9:”shell.php”;s:8:”<?php ?>”;s:9:”some text”};} <?php file_put_contents(”shell.php”, “<?php ?>”); ?>

  20. • • • •

  21. None
  22. None

  23. • • • •

  24. • – <script>X</script>, <!--X-->, <div X=”y”>, <X></X>, <style>X</style> • –

    <div attr=X>, <div attr=”X”>, <div attr=’X’> • – <script>alert(‘X’), data=’X’, <div onClick=”data=’X’” – selector { property:X;}, <span style=”property:X;”>
  25. None
  26. None
  27. None

  28. • • • •

  29. None
  30. None

  31. • • • • • • •

  32. None
  33. None
  34. None

  35. • • • •

  36. None

  37. • • • • • • •

  38. None

  39. • – • – • –

  40. • – • – • –

  41. • • • • •

  42. None

  43. • • – – •

  44. • • • • • •

  45. None

  46. • • •

  47. None