Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
OWASP Top 10 Overview
Search
evandentremont
December 17, 2020
Programming
0
44
OWASP Top 10 Overview
evandentremont
December 17, 2020
Tweet
Share
More Decks by evandentremont
See All by evandentremont
1,2,3,4 I Declare Cyber War
evandentremont
2
1k
Fixing Infosec
evandentremont
0
99
BTC: Currency or Commodity?
evandentremont
0
84
Immunizing IoT
evandentremont
0
81
Defeating Next Gen Firewalls
evandentremont
1
70
Next Gen Botnet C&C
evandentremont
0
76
SQLi Injection attacks & mitigation
evandentremont
0
98
Other Decks in Programming
See All in Programming
HTTPプロトコル正しく理解していますか? 〜かわいい猫と共に学ぼう。ฅ^•ω•^ฅ ニャ〜
hekuchan
2
540
ELYZA_Findy AI Engineering Summit登壇資料_AIコーディング時代に「ちゃんと」やること_toB LLMプロダクト開発舞台裏_20251216
elyza
2
690
令和最新版Android Studioで化石デバイス向けアプリを作る
arkw
0
460
メルカリのリーダビリティチームが取り組む、AI時代のスケーラブルな品質文化
cloverrose
2
400
愛される翻訳の秘訣
kishikawakatsumi
3
350
Jetpack XR SDKから紐解くAndroid XR開発と技術選定のヒント / about-androidxr-and-jetpack-xr-sdk
drumath2237
1
200
ゲームの物理 剛体編
fadis
0
380
フルサイクルエンジニアリングをAI Agentで全自動化したい 〜構想と現在地〜
kamina_zzz
0
310
AI Agent Dojo #4: watsonx Orchestrate ADK体験
oniak3ibm
PRO
0
110
從冷知識到漏洞,你不懂的 Web,駭客懂 - Huli @ WebConf Taiwan 2025
aszx87410
2
3.2k
リリース時」テストから「デイリー実行」へ!開発マネージャが取り組んだ、レガシー自動テストのモダン化戦略
goataka
0
150
マスタデータ問題、マイクロサービスでどう解くか
kts
0
150
Featured
See All Featured
Visual Storytelling: How to be a Superhuman Communicator
reverentgeek
2
400
Automating Front-end Workflow
addyosmani
1371
200k
個人開発の失敗を避けるイケてる考え方 / tips for indie hackers
panda_program
122
21k
Responsive Adventures: Dirty Tricks From The Dark Corners of Front-End
smashingmag
254
22k
[RailsConf 2023] Rails as a piece of cake
palkan
58
6.2k
Primal Persuasion: How to Engage the Brain for Learning That Lasts
tmiket
0
190
CoffeeScript is Beautiful & I Never Want to Write Plain JavaScript Again
sstephenson
162
16k
DevOps and Value Stream Thinking: Enabling flow, efficiency and business value
helenjbeal
1
71
Rails Girls Zürich Keynote
gr2m
95
14k
16th Malabo Montpellier Forum Presentation
akademiya2063
PRO
0
32
Groundhog Day: Seeking Process in Gaming for Health
codingconduct
0
67
Easily Structure & Communicate Ideas using Wireframe
afnizarnur
194
17k
Transcript
None
• • •
• • • • • • • • • •
• • • • • • • • • •
• • • • • • • • • •
• • • • • • • • • •
• • • • • • • • • •
• • • • • • • • • •
• • • • • • • • • •
• • • • • • • • • •
• • • • • • • • • •
• • • • • • • • • •
• • • • • • • • • •
None
• • • •
None
• • •
None
None
<?php class file { public $file = “file.txt” public $data
= “some text” function __destruct(){ file_put_contents($this->file, $this->data); } } O:3{:”file”:2:{s:4:”file”;s:12:”file.txt”;s:4:”data”;s:9:”some text”};}
O:3{:”file”:2:{s:4:”file”;s:9:”shell.php”;s:8:”<?php ?>”;s:9:”some text”};} <?php file_put_contents(”shell.php”, “<?php ?>”); ?>
• • • •
None
None
• • • •
• – <script>X</script>, <!--X-->, <div X=”y”>, <X></X>, <style>X</style> • –
<div attr=X>, <div attr=”X”>, <div attr=’X’> • – <script>alert(‘X’), data=’X’, <div onClick=”data=’X’” – selector { property:X;}, <span style=”property:X;”>
None
None
None
• • • •
None
None
• • • • • • •
None
None
None
• • • •
None
• • • • • • •
None
• – • – • –
• – • – • –
• • • • •
None
• • – – •
• • • • • •
None
• • •
None
evandentremont
hekuchan
elyza
arkw
cloverrose
kishikawakatsumi
drumath2237
fadis
kamina_zzz
oniak3ibm
aszx87410
goataka
kts
reverentgeek
addyosmani
panda_program
smashingmag
palkan
tmiket
sstephenson
.png){kind=avatar}
helenjbeal
gr2m
akademiya2063
codingconduct
afnizarnur
