Oscon2009 Php Code Audit

•

0 j'aime•829 vues

In this laboratory, we will carry out a safety audit of an Open Source web application. The technical objective is to provide a complete report and treat all phases of investigative work: black box analysis, open source analysis, identifying vulnerabilities (XSS, injections, disclosure, etc.), recommendations for strengthening, and prioritization of tasks. All skills will be tested in this complex exercise. We will work on a real application: (The name of the application will come later). The laboratory will end with the handing over of the report to the authors of the application so they can have an outside view on the safety of the application.

Technologie

Recommandé

Preparing for the next php versionDamien Seguy

Kings of Code 2009err

Transparency report sharing the secret of word press themesplugins businessArjun Thakuri

Busy Tone Vulnerable PBXJaime Restrepo

Strong typing @ php leedsDamien Seguy

Strong typing : adoption, adaptation and organisationDamien Seguy

Qui a laissé son mot de passe dans le codeDamien Seguy

Analyse statique et applicationsDamien Seguy

Recommandé

Preparing for the next php versionDamien Seguy

Kings of Code 2009err

Transparency report sharing the secret of word press themesplugins businessArjun Thakuri

Busy Tone Vulnerable PBXJaime Restrepo

Strong typing @ php leedsDamien Seguy

Strong typing : adoption, adaptation and organisationDamien Seguy

Qui a laissé son mot de passe dans le codeDamien Seguy

Analyse statique et applicationsDamien Seguy

Top 10 pieges php afup limogesDamien Seguy

Top 10 php classic traps DPC 2020Damien Seguy

Meilleur du typage fort (AFUP Day, 2020)Damien Seguy

Top 10 php classic traps confooDamien Seguy

Tout pour se préparer à PHP 7.4Damien Seguy

Top 10 php classic traps php serbiaDamien Seguy

Top 10 php classic trapsDamien Seguy

Top 10 chausse trappesDamien Seguy

Code review workshopDamien Seguy

Understanding static analysis php amsterdam 2018Damien Seguy

Review unknown code with static analysis php ce 2018Damien Seguy

Everything new with PHP 7.3Damien Seguy

Php 7.3 et ses RFC (AFUP Toulouse)Damien Seguy

Tout sur PHP 7.3 et ses RFCDamien Seguy

Review unknown code with static analysis php ipc 2018Damien Seguy

Code review for busy peopleDamien Seguy

Static analysis saved my code tonightDamien Seguy

Machine learning in php las vegasDamien Seguy

Review unknown code with static analysis Zend con 2017Damien Seguy

Review unknown code with static analysisDamien Seguy

Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j

WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal

Contenu connexe

Plus de Damien Seguy

Top 10 pieges php afup limogesDamien Seguy

Top 10 php classic traps DPC 2020Damien Seguy

Meilleur du typage fort (AFUP Day, 2020)Damien Seguy

Top 10 php classic traps confooDamien Seguy

Tout pour se préparer à PHP 7.4Damien Seguy

Top 10 php classic traps php serbiaDamien Seguy

Top 10 php classic trapsDamien Seguy

Top 10 chausse trappesDamien Seguy

Code review workshopDamien Seguy

Understanding static analysis php amsterdam 2018Damien Seguy

Review unknown code with static analysis php ce 2018Damien Seguy

Everything new with PHP 7.3Damien Seguy

Php 7.3 et ses RFC (AFUP Toulouse)Damien Seguy

Tout sur PHP 7.3 et ses RFCDamien Seguy

Review unknown code with static analysis php ipc 2018Damien Seguy

Code review for busy peopleDamien Seguy

Static analysis saved my code tonightDamien Seguy

Machine learning in php las vegasDamien Seguy

Review unknown code with static analysis Zend con 2017Damien Seguy

Review unknown code with static analysisDamien Seguy

Plus de Damien Seguy (20)

Top 10 pieges php afup limoges

Top 10 php classic traps DPC 2020

Meilleur du typage fort (AFUP Day, 2020)

Top 10 php classic traps confoo

Tout pour se préparer à PHP 7.4

Top 10 php classic traps php serbia

Top 10 php classic traps

Top 10 chausse trappes

Code review workshop

Understanding static analysis php amsterdam 2018

Review unknown code with static analysis php ce 2018

Everything new with PHP 7.3

Php 7.3 et ses RFC (AFUP Toulouse)

Tout sur PHP 7.3 et ses RFC

Review unknown code with static analysis php ipc 2018

Code review for busy people

Static analysis saved my code tonight

Machine learning in php las vegas

Review unknown code with static analysis Zend con 2017

Review unknown code with static analysis

Dernier

Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j

WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal

Finology Group – Insurtech Innovation Award 2024The Digital Insurer

Understanding the Laravel MVC ArchitecturePixlogix Infotech

Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung

CNv6 Instructor Chapter 6 Quality of Servicegiselly40

From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software

04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG

Boost PC performance: How more available memory can improve productivityPrincipled Technologies

Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko

How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes

Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik

IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge

Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada

Histor y of HAM Radio presentation slidevu2urc

Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC

Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55

Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...gurkirankumar98700

A Domino Admins Adventures (Engage 2024)Gabriella Davis

Dernier (20)

Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...

WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service

Finology Group – Insurtech Innovation Award 2024

Understanding the Laravel MVC Architecture

Swan(sea) Song – personal research during my six years at Swansea ... and bey...

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...

CNv6 Instructor Chapter 6 Quality of Service

From Event to Action: Accelerate Your Decision Making with Real-Time Automation

04-2024-HHUG-Sales-and-Marketing-Alignment.pptx

Boost PC performance: How more available memory can improve productivity

Handwritten Text Recognition for manuscripts and early printed texts

How to Troubleshoot Apps for the Modern Connected Worker

Injustice - Developers Among Us (SciFiDevCon 2024)

IAC 2024 - IA Fast Track to Search Focused AI Solutions

Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024

Histor y of HAM Radio presentation slide

Breaking the Kubernetes Kill Chain: Host Path Mount

Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...

Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...

A Domino Admins Adventures (Engage 2024)