50 likes | 144 Vues
Learn about the dangers of web hacking, common attack methods like Cross-site scripting and SQL injection, and how to protect your web applications using built-in functions, magic quotes, and web application firewalls.
E N D
[31.10.2009] Hand on Web Hacking Ivan Markovic <ivan.markovic@netsec.rs>
Web Application Security Web aplikacije …- Zašto suopasne ?- Zaštita[sigurankod, firewall, enkripcija]- Gdenastaje problem ? - Uobičajnimetodinapada [Cross site scripting & SQL injection]- Uobičajnimetodizaštite[ugradjenefunkcije, magic_quotes, waf]
OWASP Webgoat OWASP(http://www.owasp.org/ )- OWASP Webgoat(http://www.owasp.org/index.php/Category:OWASP_WebGoat_Project)
OWASP Webgoat Sadržajkursa:* Code Quality Citanjevitalnihinformacijaizizvornogkodaaplikacije.* Cross Site Scripting (XSS) Ubacivanjemalicioznogkoda u okviru web stranica. * Injection Flaws (SQL injection, ...) Manipulacijaupitima ka bazipodataka. * Parameter Tampering Manipulacijaparametrimaizahtevima. * Access Control Flaws Eksploatacijaprivilegija. * AJAX Security SigurnostAJAX aplikacija.
STAY SECUREHand on Web Hacking Ivan Markovic <ivan.markovic@netsec.rs>