Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
OWASP Top 10 Overview
Search
evandentremont
December 17, 2020
Programming
0
42
OWASP Top 10 Overview
evandentremont
December 17, 2020
Tweet
Share
More Decks by evandentremont
See All by evandentremont
1,2,3,4 I Declare Cyber War
evandentremont
2
1k
Fixing Infosec
evandentremont
0
98
BTC: Currency or Commodity?
evandentremont
0
83
Immunizing IoT
evandentremont
0
79
Defeating Next Gen Firewalls
evandentremont
1
69
Next Gen Botnet C&C
evandentremont
0
75
SQLi Injection attacks & mitigation
evandentremont
0
96
Other Decks in Programming
See All in Programming
コードとあなたと私の距離 / The Distance Between Code, You, and I
hiro_y
0
200
Pythonに漸進的に型をつける
nealle
1
130
スキーマ駆動で、Zod OpenAPI Honoによる、API開発するために、Hono Takibiというライブラリを作っている
nakita628
0
330
Devoxx BE - Local Development in the AI Era
kdubois
0
140
What's new in Spring Modulith?
olivergierke
1
170
Building, Deploying, and Monitoring Ruby Web Applications with Falcon (Kaigi on Rails 2025)
ioquatix
4
2.5k
Towards Transactional Buffering of CDC Events @ Flink Forward 2025 Barcelona Spain
hpgrahsl
0
120
Domain-centric? Why Hexagonal, Onion, and Clean Architecture Are Answers to the Wrong Question
olivergierke
3
980
AI時代に必須!状況言語化スキル / ai-context-verbalization
minodriven
2
110
Claude CodeによるAI駆動開発の実践 〜そこから見えてきたこれからのプログラミング〜
iriikeita
0
360
CSC509 Lecture 07
javiergs
PRO
0
250
Foundation Modelsを実装日本語学習アプリを作ってみた!
hypebeans
0
130
Featured
See All Featured
Building Adaptive Systems
keathley
44
2.8k
Practical Tips for Bootstrapping Information Extraction Pipelines
honnibal
PRO
23
1.5k
StorybookのUI Testing Handbookを読んだ
zakiyama
31
6.2k
Designing for humans not robots
tammielis
254
26k
A better future with KSS
kneath
239
18k
Bash Introduction
62gerente
615
210k
Let's Do A Bunch of Simple Stuff to Make Websites Faster
chriscoyier
508
140k
Mobile First: as difficult as doing things right
swwweet
225
10k
A Tale of Four Properties
chriscoyier
161
23k
Raft: Consensus for Rubyists
vanstee
140
7.2k
RailsConf & Balkan Ruby 2019: The Past, Present, and Future of Rails at GitHub
eileencodes
140
34k
Faster Mobile Websites
deanohume
310
31k
Transcript
None
• • •
• • • • • • • • • •
• • • • • • • • • •
• • • • • • • • • •
• • • • • • • • • •
• • • • • • • • • •
• • • • • • • • • •
• • • • • • • • • •
• • • • • • • • • •
• • • • • • • • • •
• • • • • • • • • •
• • • • • • • • • •
None
• • • •
None
• • •
None
None
<?php class file { public $file = “file.txt” public $data
= “some text” function __destruct(){ file_put_contents($this->file, $this->data); } } O:3{:”file”:2:{s:4:”file”;s:12:”file.txt”;s:4:”data”;s:9:”some text”};}
O:3{:”file”:2:{s:4:”file”;s:9:”shell.php”;s:8:”<?php ?>”;s:9:”some text”};} <?php file_put_contents(”shell.php”, “<?php ?>”); ?>
• • • •
None
None
• • • •
• – <script>X</script>, <!--X-->, <div X=”y”>, <X></X>, <style>X</style> • –
<div attr=X>, <div attr=”X”>, <div attr=’X’> • – <script>alert(‘X’), data=’X’, <div onClick=”data=’X’” – selector { property:X;}, <span style=”property:X;”>
None
None
None
• • • •
None
None
• • • • • • •
None
None
None
• • • •
None
• • • • • • •
None
• – • – • –
• – • – • –
• • • • •
None
• • – – •
• • • • • •
None
• • •
None