Spot the Web Vulnerability presented at Hacktivity 2012

by Miroslav Stampar,

Tags: Security

Summary : Looking at the recent rise of web application attacks there is a need for raising public awareness of the matter. In that manner in this talk there will be a presentation of selected vulnerable web applications based on publicly available reports (e.g. OSVDB). Each case covered will contain a brief review of vulnerable piece of source code, sample attacking scenarios and ways how to repair/protect against. Vulnerability classes that are going to be covered in the talk: SQL Injection (SQLi), Cross-Site Scripting (XSS), File Inclusion (FI), etc. Approaching the end listener should gain (or strengthen existing) fundamental knowledge about each of described vulnerabilities together with most valuable insights from real world examples.