• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
Web application security
 

Web application security

on

  • 981 views

This talk is designed for people interested in the concepts of web application security but maybe have never been involved with it before or on the other side of the coin i.e. developers. Using Open ...

This talk is designed for people interested in the concepts of web application security but maybe have never been involved with it before or on the other side of the coin i.e. developers. Using Open Source frameworks and tools we discuss an approach to a couple of well known vulnerabilities and demonstrate how these can be fixed well (and not so well). The talk also give the audience a "take away" in the form of further exercises that can be done in order to learn more about the security side of web applications and PHP in particular.

Statistics

Views

Total Views
981
Views on SlideShare
977
Embed Views
4

Actions

Likes
0
Downloads
14
Comments
0

2 Embeds 4

http://a0.twimg.com 3
http://paper.li 1

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    Web application security Web application security Presentation Transcript

    • Web Application Security: PHP
      Thomas Mackenzie
    • $ whois spiderlabs.tom
    • Tom Mackenzie
      • Web Application Security
      • @tmacuk
      • http://www.tmacuk.co.uk
      • http://www.upsploit.com
      • Podcast
      PUBOTD
    • About SpiderLabs ®
      Incident Response
      Pentesting
      Application Security
      Research & Development
      Global Security Report
      Security Conferences
    • About SpiderLabs®
      • Formed in 2005 to serve a growing need for deep technical professional services within Trustwave’s client base.
      • SpiderLabs is the advanced security team at Trustwave.
      • SpiderLabs provides thought leadership to the entire Trustwave organisation and our clients.
      In 2009 and 2010, Trustwave’s SpiderLabs responded to over 400 incidents and performed nearly 4,500 penetrations tests for organisations in over 50 different countries.
      Featured Speakers at:
    • Introduction
    • Expectations
      • PHP
      • Code and Security
      • Live Demos
      • Best Practices
      • DIY
      PUBOTD
    • DVWA – Damn Vulnerable Web App
    • About DVWA
      • Ryan Dewhurst - @ethicalhack3r
      • Damn Vulnerable?
      • Security Levels
      • PHP & MySQL / PostgreSQL
      • http://code.google.com/p/dvwa/
      PUBOTD
    • About DVWA
      • How can you help?
      • Open Source
      • Contributors
      • Fork
      • Ideas!
      • Ideas?
      PUBOTD
    • Live Demo
    • Best Practices
    • OWASP
      • Books
      • Cheat Sheets
      • People
      • Events
      • Projects
      PUBOTD
    • Intercepting Proxies
      • Burp Suite / BS Pro
      • ZAP
      • Paros
      PUBOTD
    • Live Demo
    • Links
    • Links
      • http://www.dvwa.co.uk
      • http://www.owasp.org
      • http://portswigger.net/burp/
      • https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project
      • http://www.parosproxy.org/
      • https://www.owasp.org/index.php/OWASP_Testing_Project
      • http://mdsec.net/wahh/
      • http://blog.spiderlabs.com
      • https://www.trustwave.com/apppentest.php
    • SpiderLabs Research Reports
      WHID Report
      Global Security Report
    • Contact
      • tmackenzie@trustwave.com
      • http://www.tmacuk.co.uk