SlideShare a Scribd company logo

Web Application Penetration

Download as PPTX, PDF
R
Reza Rashidi

This document summarizes topics related to web application security. It discusses what security and computer security are, defines web application security, and introduces the OWASP Top 10 list of vulnerabilities. The list includes injection, broken authentication, sensitive data exposure, XML external entities, broken access control, security misconfiguration, cross-site scripting, insecure deserialization, use of vulnerable components, and insufficient logging and monitoring. The document also covers some vulnerabilities specific to React applications, such as XSS issues via dangerouslySetInnerHTML and attacker-controlled props.

Technology
1 of 56
Web Application Penetration 1 Pr. Saeed Alam
Mohammad Saber 2 Reza Duty Rd313.ir
3 Topics • What is Security • What is computer security • Web application security • OWASP • OWASP Top ten vulnerability • React Vulnerability
4 What is Security ?
5 What is Security Security is freedom from, or resilience against, potential harm (or other unwanted coercive change) caused by others
6 What is Computer Security ?
7 What is Computer Security Computer security, cybersecurity or information technology security (IT security) is the protection of computer systems from theft or damage to their hardware, software or electronic data, as well as from disruption or misdirection of the services they provide.
8 Web Application Security
9 Web application security Web application security is a branch of information security that deals specifically with security of websites, web applications and web services. At a high level, web application security draws on the principles of application security but applies them specifically to internet and web systems.
10 Web application security
11 OWASP
12 OWASP
13 OWASP Top Ten Vulnerability 1-injection
14 OWASP Top Ten Vulnerability 1-Injection
15 OWASP Top Ten Vulnerability 1-Injection
16 OWASP Top Ten Vulnerability 1-Injection
17 OWASP Top Ten Vulnerability 2-Broken Authentication
18 OWASP Top Ten Vulnerability 2-Broken Authentication
19 OWASP Top Ten Vulnerability 2-Broken Authentication
20 OWASP Top Ten Vulnerability 2-Broken Authentication
21 OWASP Top Ten Vulnerability 3-Sensitive Data Exposure
22 OWASP Top Ten Vulnerability 3-Sensitive Data Exposure
23 OWASP Top Ten Vulnerability 3-Sensitive Data Exposure
24 OWASP Top Ten Vulnerability 4-XML External Entities
25 OWASP Top Ten Vulnerability 4-XML External Entities
26 OWASP Top Ten Vulnerability 4-XML External Entities
27 OWASP Top Ten Vulnerability 4-XML External Entities
28 OWASP Top Ten Vulnerability 5-Broken Access Control
29 OWASP Top Ten Vulnerability 5-Broken Access Control
30 OWASP Top Ten Vulnerability 5-Broken Access Control
31 OWASP Top Ten Vulnerability 5-Broken Access Control
32 OWASP Top Ten Vulnerability 6-Security Misconfiguration
33 OWASP Top Ten Vulnerability 6-Security Misconfiguration
34 OWASP Top Ten Vulnerability 6-Security Misconfiguration
35 OWASP Top Ten Vulnerability 7-Cross Site Scripting(XSS)
36 OWASP Top Ten Vulnerability 7-Cross Site Scripting(XSS)
37 OWASP Top Ten Vulnerability 7-Cross Site Scripting(XSS)
38 OWASP Top Ten Vulnerability 7-Cross Site Scripting(XSS)
39 OWASP Top Ten Vulnerability 8-Insecure Deserialization
40 OWASP Top Ten Vulnerability 8-Insecure Deserialization
41 OWASP Top Ten Vulnerability 8-Insecure Deserialization
42 OWASP Top Ten Vulnerability 9-Using Components with Known Vulnerabilities
43 OWASP Top Ten Vulnerability 9-Using Components with Known Vulnerabilities
44 OWASP Top Ten Vulnerability 9-Using Components with Known Vulnerabilities
45 OWASP Top Ten Vulnerability 10-Insufficient Logging&Monitoring
46 OWASP Top Ten Vulnerability 10-Insufficient Logging&Monitoring
47 OWASP Top Ten Vulnerability 10-Insufficient Logging&Monitoring
48 React Vulnerability
49 React Vulnerability ReactJS is quite safe by design since ● String variables in views are escaped automatically ● With JSX you pass a function as the event handler, rather than a string that can contain malicious code But …
50 React Vulnerability
51 React Vulnerability XSS via dangerouslySetInnerHTML
52 React Vulnerability XSS via a.href attribute
53 React Vulnerability XSS via a.href(base64 encoded data)
54 React Vulnerability XSS via attacker controlled props
55 Any Question?
56 Resources ● owasp ● slideshare.net/kseniadmitrieva ● stackoverflow.com/questions/33644499/

Recommended

The Next Generation Security
The Next Generation SecurityThe Next Generation Security
The Next Generation SecurityCybera Inc.
 
Owasp and friends
Owasp and friendsOwasp and friends
Owasp and friendsMažvydas Skuodas
 
GECon2017_ Security testing and selenium tests can you do one using the other...
GECon2017_ Security testing and selenium tests can you do one using the other...GECon2017_ Security testing and selenium tests can you do one using the other...
GECon2017_ Security testing and selenium tests can you do one using the other...GECon_Org Team
 
[Cisco Connect 2018 - Vietnam] Eric rennie sw cisco_connect
[Cisco Connect 2018 - Vietnam] Eric rennie sw cisco_connect[Cisco Connect 2018 - Vietnam] Eric rennie sw cisco_connect
[Cisco Connect 2018 - Vietnam] Eric rennie sw cisco_connectNur Shiqim Chok
 
Assume breach, layered security in Azure tested and explained
Assume breach, layered security in Azure tested and explainedAssume breach, layered security in Azure tested and explained
Assume breach, layered security in Azure tested and explainedMartyn Coupland
 
Secure Coding for Java - An Introduction
Secure Coding for Java - An IntroductionSecure Coding for Java - An Introduction
Secure Coding for Java - An IntroductionSebastien Gioria
 
Equifax & Apache Struts Vulnerability CVE-2017-5638
Equifax & Apache Struts Vulnerability CVE-2017-5638Equifax & Apache Struts Vulnerability CVE-2017-5638
Equifax & Apache Struts Vulnerability CVE-2017-5638Black Duck by Synopsys
 
Design highly available and secure system
Design highly available and secure systemDesign highly available and secure system
Design highly available and secure systemAndi Pangeran
 

Recommended

The Next Generation Security
The Next Generation SecurityThe Next Generation Security
The Next Generation SecurityCybera Inc.
 
Owasp and friends
Owasp and friendsOwasp and friends
Owasp and friendsMažvydas Skuodas
 
GECon2017_ Security testing and selenium tests can you do one using the other...
GECon2017_ Security testing and selenium tests can you do one using the other...GECon2017_ Security testing and selenium tests can you do one using the other...
GECon2017_ Security testing and selenium tests can you do one using the other...GECon_Org Team
 
[Cisco Connect 2018 - Vietnam] Eric rennie sw cisco_connect
[Cisco Connect 2018 - Vietnam] Eric rennie sw cisco_connect[Cisco Connect 2018 - Vietnam] Eric rennie sw cisco_connect
[Cisco Connect 2018 - Vietnam] Eric rennie sw cisco_connectNur Shiqim Chok
 
Assume breach, layered security in Azure tested and explained
Assume breach, layered security in Azure tested and explainedAssume breach, layered security in Azure tested and explained
Assume breach, layered security in Azure tested and explainedMartyn Coupland
 
Secure Coding for Java - An Introduction
Secure Coding for Java - An IntroductionSecure Coding for Java - An Introduction
Secure Coding for Java - An IntroductionSebastien Gioria
 
Equifax & Apache Struts Vulnerability CVE-2017-5638
Equifax & Apache Struts Vulnerability CVE-2017-5638Equifax & Apache Struts Vulnerability CVE-2017-5638
Equifax & Apache Struts Vulnerability CVE-2017-5638Black Duck by Synopsys
 
Design highly available and secure system
Design highly available and secure systemDesign highly available and secure system
Design highly available and secure systemAndi Pangeran
 
Cisco connect winnipeg 2018 anatomy of an attack
Cisco connect winnipeg 2018 anatomy of an attackCisco connect winnipeg 2018 anatomy of an attack
Cisco connect winnipeg 2018 anatomy of an attackCisco Canada
 
Hacking liferay
Hacking liferayHacking liferay
Hacking liferayArmel Nene
 
ISO 27k talk for django meet up
ISO 27k talk for django meet upISO 27k talk for django meet up
ISO 27k talk for django meet upViren Rajput
 
Anatomy Of An Attack
Anatomy Of An AttackAnatomy Of An Attack
Anatomy Of An AttackCisco Canada
 
CLUSIR INFONORD OWASP iot 2014
CLUSIR INFONORD OWASP iot 2014CLUSIR INFONORD OWASP iot 2014
CLUSIR INFONORD OWASP iot 2014Sebastien Gioria
 
Re solution - corona virus cyber security infographic
Re solution - corona virus cyber security infographicRe solution - corona virus cyber security infographic
Re solution - corona virus cyber security infographicJacob Tranter
 
WordPress Security - What to do, What NOT to do
WordPress Security - What to do, What NOT to doWordPress Security - What to do, What NOT to do
WordPress Security - What to do, What NOT to doWordPress Trivandrum
 
Secure Coding For Java - Une introduction
Secure Coding For Java - Une introductionSecure Coding For Java - Une introduction
Secure Coding For Java - Une introductionSebastien Gioria
 
certificate
certificatecertificate
certificateShivaditya Tapna
 
ALPSP Conference - Pierre Montagano - Code Ocean - Sept 14 2017
ALPSP Conference - Pierre Montagano - Code Ocean - Sept 14 2017ALPSP Conference - Pierre Montagano - Code Ocean - Sept 14 2017
ALPSP Conference - Pierre Montagano - Code Ocean - Sept 14 2017Code Ocean
 
42 minutes to secure your code....
42 minutes to secure your code....42 minutes to secure your code....
42 minutes to secure your code....Sebastien Gioria
 
Basic detection tests of McAfee ENS + MVISION Insights usage for SunBurst threat
Basic detection tests of McAfee ENS + MVISION Insights usage for SunBurst threatBasic detection tests of McAfee ENS + MVISION Insights usage for SunBurst threat
Basic detection tests of McAfee ENS + MVISION Insights usage for SunBurst threatVladyslav Radetsky
 
2014_EMTieghi_Industrial_Security-templateSERVI
2014_EMTieghi_Industrial_Security-templateSERVI2014_EMTieghi_Industrial_Security-templateSERVI
2014_EMTieghi_Industrial_Security-templateSERVIEnzo M. Tieghi
 
OWASP, PHP, life and universe
OWASP, PHP, life and universeOWASP, PHP, life and universe
OWASP, PHP, life and universeSebastien Gioria
 
Mod Security
Mod SecurityMod Security
Mod SecurityAbhishek Singh
 
شهادات تاهلية1
شهادات تاهلية1شهادات تاهلية1
شهادات تاهلية1Salem Salem
 
Web Security
Web SecurityWeb Security
Web SecurityGerald Villorente
 
OWASP Bulgaria
OWASP BulgariaOWASP Bulgaria
OWASP BulgariaZero Science Lab
 
[OWASP-Bulgaria] G. Geshev - Chapter Introductory Lecture
[OWASP-Bulgaria] G. Geshev - Chapter Introductory Lecture[OWASP-Bulgaria] G. Geshev - Chapter Introductory Lecture
[OWASP-Bulgaria] G. Geshev - Chapter Introductory LectureG. Geshev
 
Splunk Enterprise for InfoSec Hands-On Breakout Session
Splunk Enterprise for InfoSec Hands-On Breakout SessionSplunk Enterprise for InfoSec Hands-On Breakout Session
Splunk Enterprise for InfoSec Hands-On Breakout SessionSplunk
 
Application Security on a Dime: A Practical Guide to Using Functional Open So...
Application Security on a Dime: A Practical Guide to Using Functional Open So...Application Security on a Dime: A Practical Guide to Using Functional Open So...
Application Security on a Dime: A Practical Guide to Using Functional Open So...POSSCON
 
A Closer Look at Isolation: Hype or Next Gen Security?
A Closer Look at Isolation: Hype or Next Gen Security?A Closer Look at Isolation: Hype or Next Gen Security?
A Closer Look at Isolation: Hype or Next Gen Security?MenloSecurity
 

More Related Content

What's hot

Cisco connect winnipeg 2018 anatomy of an attack
Cisco connect winnipeg 2018 anatomy of an attackCisco connect winnipeg 2018 anatomy of an attack
Cisco connect winnipeg 2018 anatomy of an attackCisco Canada
 
Hacking liferay
Hacking liferayHacking liferay
Hacking liferayArmel Nene
 
ISO 27k talk for django meet up
ISO 27k talk for django meet upISO 27k talk for django meet up
ISO 27k talk for django meet upViren Rajput
 
Anatomy Of An Attack
Anatomy Of An AttackAnatomy Of An Attack
Anatomy Of An AttackCisco Canada
 
CLUSIR INFONORD OWASP iot 2014
CLUSIR INFONORD OWASP iot 2014CLUSIR INFONORD OWASP iot 2014
CLUSIR INFONORD OWASP iot 2014Sebastien Gioria
 
Re solution - corona virus cyber security infographic
Re solution - corona virus cyber security infographicRe solution - corona virus cyber security infographic
Re solution - corona virus cyber security infographicJacob Tranter
 
WordPress Security - What to do, What NOT to do
WordPress Security - What to do, What NOT to doWordPress Security - What to do, What NOT to do
WordPress Security - What to do, What NOT to doWordPress Trivandrum
 
Secure Coding For Java - Une introduction
Secure Coding For Java - Une introductionSecure Coding For Java - Une introduction
Secure Coding For Java - Une introductionSebastien Gioria
 
ALPSP Conference - Pierre Montagano - Code Ocean - Sept 14 2017
ALPSP Conference - Pierre Montagano - Code Ocean - Sept 14 2017ALPSP Conference - Pierre Montagano - Code Ocean - Sept 14 2017
ALPSP Conference - Pierre Montagano - Code Ocean - Sept 14 2017Code Ocean
 
42 minutes to secure your code....
42 minutes to secure your code....42 minutes to secure your code....
42 minutes to secure your code....Sebastien Gioria
 
Basic detection tests of McAfee ENS + MVISION Insights usage for SunBurst threat
Basic detection tests of McAfee ENS + MVISION Insights usage for SunBurst threatBasic detection tests of McAfee ENS + MVISION Insights usage for SunBurst threat
Basic detection tests of McAfee ENS + MVISION Insights usage for SunBurst threatVladyslav Radetsky
 
2014_EMTieghi_Industrial_Security-templateSERVI
2014_EMTieghi_Industrial_Security-templateSERVI2014_EMTieghi_Industrial_Security-templateSERVI
2014_EMTieghi_Industrial_Security-templateSERVIEnzo M. Tieghi
 
OWASP, PHP, life and universe
OWASP, PHP, life and universeOWASP, PHP, life and universe
OWASP, PHP, life and universeSebastien Gioria
 
شهادات تاهلية1
شهادات تاهلية1شهادات تاهلية1
شهادات تاهلية1Salem Salem
 

What's hot (16)

Cisco connect winnipeg 2018 anatomy of an attack
Cisco connect winnipeg 2018 anatomy of an attackCisco connect winnipeg 2018 anatomy of an attack
Cisco connect winnipeg 2018 anatomy of an attack
 
Hacking liferay
Hacking liferayHacking liferay
Hacking liferay
 
ISO 27k talk for django meet up
ISO 27k talk for django meet upISO 27k talk for django meet up
ISO 27k talk for django meet up
 
Anatomy Of An Attack
Anatomy Of An AttackAnatomy Of An Attack
Anatomy Of An Attack
 
CLUSIR INFONORD OWASP iot 2014
CLUSIR INFONORD OWASP iot 2014CLUSIR INFONORD OWASP iot 2014
CLUSIR INFONORD OWASP iot 2014
 
Re solution - corona virus cyber security infographic
Re solution - corona virus cyber security infographicRe solution - corona virus cyber security infographic
Re solution - corona virus cyber security infographic
 
WordPress Security - What to do, What NOT to do
WordPress Security - What to do, What NOT to doWordPress Security - What to do, What NOT to do
WordPress Security - What to do, What NOT to do
 
Secure Coding For Java - Une introduction
Secure Coding For Java - Une introductionSecure Coding For Java - Une introduction
Secure Coding For Java - Une introduction
 
certificate
certificatecertificate
certificate
 
ALPSP Conference - Pierre Montagano - Code Ocean - Sept 14 2017
ALPSP Conference - Pierre Montagano - Code Ocean - Sept 14 2017ALPSP Conference - Pierre Montagano - Code Ocean - Sept 14 2017
ALPSP Conference - Pierre Montagano - Code Ocean - Sept 14 2017
 
42 minutes to secure your code....
42 minutes to secure your code....42 minutes to secure your code....
42 minutes to secure your code....
 
Basic detection tests of McAfee ENS + MVISION Insights usage for SunBurst threat
Basic detection tests of McAfee ENS + MVISION Insights usage for SunBurst threatBasic detection tests of McAfee ENS + MVISION Insights usage for SunBurst threat
Basic detection tests of McAfee ENS + MVISION Insights usage for SunBurst threat
 
2014_EMTieghi_Industrial_Security-templateSERVI
2014_EMTieghi_Industrial_Security-templateSERVI2014_EMTieghi_Industrial_Security-templateSERVI
2014_EMTieghi_Industrial_Security-templateSERVI
 
OWASP, PHP, life and universe
OWASP, PHP, life and universeOWASP, PHP, life and universe
OWASP, PHP, life and universe
 
Mod Security
Mod SecurityMod Security
Mod Security
 
شهادات تاهلية1
شهادات تاهلية1شهادات تاهلية1
شهادات تاهلية1
 

Similar to Web Application Penetration

[OWASP-Bulgaria] G. Geshev - Chapter Introductory Lecture
[OWASP-Bulgaria] G. Geshev - Chapter Introductory Lecture[OWASP-Bulgaria] G. Geshev - Chapter Introductory Lecture
[OWASP-Bulgaria] G. Geshev - Chapter Introductory LectureG. Geshev
 
Splunk Enterprise for InfoSec Hands-On Breakout Session
Splunk Enterprise for InfoSec Hands-On Breakout SessionSplunk Enterprise for InfoSec Hands-On Breakout Session
Splunk Enterprise for InfoSec Hands-On Breakout SessionSplunk
 
Application Security on a Dime: A Practical Guide to Using Functional Open So...
Application Security on a Dime: A Practical Guide to Using Functional Open So...Application Security on a Dime: A Practical Guide to Using Functional Open So...
Application Security on a Dime: A Practical Guide to Using Functional Open So...POSSCON
 
A Closer Look at Isolation: Hype or Next Gen Security?
A Closer Look at Isolation: Hype or Next Gen Security?A Closer Look at Isolation: Hype or Next Gen Security?
A Closer Look at Isolation: Hype or Next Gen Security?MenloSecurity
 
Looking Forward… and Beyond - Distinctiveness Through Security Excellence
Looking Forward… and Beyond - Distinctiveness Through Security ExcellenceLooking Forward… and Beyond - Distinctiveness Through Security Excellence
Looking Forward… and Beyond - Distinctiveness Through Security ExcellenceLudovic Petit
 
GDG Dev Fest 2014 Cyber Security & Bangladesh (Raffiqunnabi Rumman )
GDG Dev Fest 2014 Cyber Security & Bangladesh (Raffiqunnabi Rumman )GDG Dev Fest 2014 Cyber Security & Bangladesh (Raffiqunnabi Rumman )
GDG Dev Fest 2014 Cyber Security & Bangladesh (Raffiqunnabi Rumman )Md Raffiqunnabi Rumman
 
OWASP_Top_10_Introduction_and_Remedies_2017.ppt
OWASP_Top_10_Introduction_and_Remedies_2017.pptOWASP_Top_10_Introduction_and_Remedies_2017.ppt
OWASP_Top_10_Introduction_and_Remedies_2017.pptjangomanso
 
Cyber Security and Cloud Computing
Cyber Security and Cloud ComputingCyber Security and Cloud Computing
Cyber Security and Cloud ComputingKeet Sugathadasa
 
Using a Network Model to Address SANS Critical Controls 10 and 11
Using a Network Model to Address SANS Critical Controls 10 and 11Using a Network Model to Address SANS Critical Controls 10 and 11
Using a Network Model to Address SANS Critical Controls 10 and 11Skybox Security
 
Java application security the hard way - a workshop for the serious developer
Java application security the hard way - a workshop for the serious developerJava application security the hard way - a workshop for the serious developer
Java application security the hard way - a workshop for the serious developerSteve Poole
 
SAP (in)security: New and best
SAP (in)security: New and bestSAP (in)security: New and best
SAP (in)security: New and bestERPScan
 
How Malware Works - Understanding Software Vulnerabilities
How Malware Works - Understanding Software VulnerabilitiesHow Malware Works - Understanding Software Vulnerabilities
How Malware Works - Understanding Software VulnerabilitiesBunmi Sowande
 
OWASP Top 10 2007 for JavaEE
OWASP Top 10 2007 for JavaEE OWASP Top 10 2007 for JavaEE
OWASP Top 10 2007 for JavaEE Magno Logan
 
OWASP (Open Web Application Security Project) .pdf
OWASP (Open Web Application Security Project) .pdfOWASP (Open Web Application Security Project) .pdf
OWASP (Open Web Application Security Project) .pdfkavsinghta
 
Automatic detction of web apps vulnerability
Automatic detction of web apps vulnerabilityAutomatic detction of web apps vulnerability
Automatic detction of web apps vulnerability임채호 박사님
 

Similar to Web Application Penetration (20)

Web Security
Web SecurityWeb Security
Web Security
 
OWASP Bulgaria
OWASP BulgariaOWASP Bulgaria
OWASP Bulgaria
 
[OWASP-Bulgaria] G. Geshev - Chapter Introductory Lecture
[OWASP-Bulgaria] G. Geshev - Chapter Introductory Lecture[OWASP-Bulgaria] G. Geshev - Chapter Introductory Lecture
[OWASP-Bulgaria] G. Geshev - Chapter Introductory Lecture
 
Splunk Enterprise for InfoSec Hands-On Breakout Session
Splunk Enterprise for InfoSec Hands-On Breakout SessionSplunk Enterprise for InfoSec Hands-On Breakout Session
Splunk Enterprise for InfoSec Hands-On Breakout Session
 
Application Security on a Dime: A Practical Guide to Using Functional Open So...
Application Security on a Dime: A Practical Guide to Using Functional Open So...Application Security on a Dime: A Practical Guide to Using Functional Open So...
Application Security on a Dime: A Practical Guide to Using Functional Open So...
 
A Closer Look at Isolation: Hype or Next Gen Security?
A Closer Look at Isolation: Hype or Next Gen Security?A Closer Look at Isolation: Hype or Next Gen Security?
A Closer Look at Isolation: Hype or Next Gen Security?
 
OWASP an Introduction
OWASP an Introduction OWASP an Introduction
OWASP an Introduction
 
Looking Forward… and Beyond - Distinctiveness Through Security Excellence
Looking Forward… and Beyond - Distinctiveness Through Security ExcellenceLooking Forward… and Beyond - Distinctiveness Through Security Excellence
Looking Forward… and Beyond - Distinctiveness Through Security Excellence
 
OWASP
OWASPOWASP
OWASP
 
GDG Dev Fest 2014 Cyber Security & Bangladesh (Raffiqunnabi Rumman )
GDG Dev Fest 2014 Cyber Security & Bangladesh (Raffiqunnabi Rumman )GDG Dev Fest 2014 Cyber Security & Bangladesh (Raffiqunnabi Rumman )
GDG Dev Fest 2014 Cyber Security & Bangladesh (Raffiqunnabi Rumman )
 
OWASP_Top_10_Introduction_and_Remedies_2017.ppt
OWASP_Top_10_Introduction_and_Remedies_2017.pptOWASP_Top_10_Introduction_and_Remedies_2017.ppt
OWASP_Top_10_Introduction_and_Remedies_2017.ppt
 
Cyber Security and Cloud Computing
Cyber Security and Cloud ComputingCyber Security and Cloud Computing
Cyber Security and Cloud Computing
 
Using a Network Model to Address SANS Critical Controls 10 and 11
Using a Network Model to Address SANS Critical Controls 10 and 11Using a Network Model to Address SANS Critical Controls 10 and 11
Using a Network Model to Address SANS Critical Controls 10 and 11
 
2014 09-04-pj
2014 09-04-pj2014 09-04-pj
2014 09-04-pj
 
Java application security the hard way - a workshop for the serious developer
Java application security the hard way - a workshop for the serious developerJava application security the hard way - a workshop for the serious developer
Java application security the hard way - a workshop for the serious developer
 
SAP (in)security: New and best
SAP (in)security: New and bestSAP (in)security: New and best
SAP (in)security: New and best
 
How Malware Works - Understanding Software Vulnerabilities
How Malware Works - Understanding Software VulnerabilitiesHow Malware Works - Understanding Software Vulnerabilities
How Malware Works - Understanding Software Vulnerabilities
 
OWASP Top 10 2007 for JavaEE
OWASP Top 10 2007 for JavaEE OWASP Top 10 2007 for JavaEE
OWASP Top 10 2007 for JavaEE
 
OWASP (Open Web Application Security Project) .pdf
OWASP (Open Web Application Security Project) .pdfOWASP (Open Web Application Security Project) .pdf
OWASP (Open Web Application Security Project) .pdf
 
Automatic detction of web apps vulnerability
Automatic detction of web apps vulnerabilityAutomatic detction of web apps vulnerability
Automatic detction of web apps vulnerability
 

Recently uploaded

TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 

Recently uploaded (20)

TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 

Web Application Penetration