Submit Search
Upload
[Php Camp]Owasp Php Top5+Csrf
•
Download as PPT, PDF
•
2 likes
•
1,686 views
Bipin Upadhyay
Follow
Presentation on OWASP PHP Top 5 and CSRF, presented at PHPCamp, Pune, on Sept'20th, 2008
Read less
Read more
Education
Technology
Report
Share
Report
Share
1 of 30
Download now
Recommended
My tryst with sourcecode review
My tryst with sourcecode review
Anant Shrivastava
'Malware Analysis' by PP Singh
'Malware Analysis' by PP Singh
Bipin Upadhyay
How to secure web applications
How to secure web applications
Mohammed A. Imran
Hack and Slash: Secure Coding
Hack and Slash: Secure Coding
Prathan Phongthiproek
Wordpress security
Wordpress security
Mehmet Ince
Tale of Forgotten Disclosure and Lesson learned
Tale of Forgotten Disclosure and Lesson learned
Anant Shrivastava
Anti-Virus Evasion Techniques and Countermeasures
Anti-Virus Evasion Techniques and Countermeasures
n|u - The Open Security Community
Snake bites : Python for Pentesters
Snake bites : Python for Pentesters
Anant Shrivastava
Recommended
My tryst with sourcecode review
My tryst with sourcecode review
Anant Shrivastava
'Malware Analysis' by PP Singh
'Malware Analysis' by PP Singh
Bipin Upadhyay
How to secure web applications
How to secure web applications
Mohammed A. Imran
Hack and Slash: Secure Coding
Hack and Slash: Secure Coding
Prathan Phongthiproek
Wordpress security
Wordpress security
Mehmet Ince
Tale of Forgotten Disclosure and Lesson learned
Tale of Forgotten Disclosure and Lesson learned
Anant Shrivastava
Anti-Virus Evasion Techniques and Countermeasures
Anti-Virus Evasion Techniques and Countermeasures
n|u - The Open Security Community
Snake bites : Python for Pentesters
Snake bites : Python for Pentesters
Anant Shrivastava
Is your python application secure? - PyCon Canada - 2015-11-07
Is your python application secure? - PyCon Canada - 2015-11-07
Frédéric Harper
PyCon Canada 2015 - Is your python application secure
PyCon Canada 2015 - Is your python application secure
IMMUNIO
Flashack
Flashack
n|u - The Open Security Community
Make CSRF Again
Make CSRF Again
Netsparker
BSidesJXN 2017 - Improving Vulnerability Management
BSidesJXN 2017 - Improving Vulnerability Management
Andrew McNicol
Exploiting XPC in AntiVirus
Exploiting XPC in AntiVirus
Csaba Fitzl
Pwnstaller
Pwnstaller
Will Schroeder
REST API Pentester's perspective
REST API Pentester's perspective
SecuRing
Automated Infrastructure Security: Monitoring using FOSS
Automated Infrastructure Security: Monitoring using FOSS
Sonatype
Hunting for the secrets in a cloud forest
Hunting for the secrets in a cloud forest
SecuRing
Web Security... Level Up
Web Security... Level Up
Izzet Mustafaiev
TakeDownCon Rocket City: WebShells by Adrian Crenshaw
TakeDownCon Rocket City: WebShells by Adrian Crenshaw
EC-Council
DevOOPS: Attacks and Defenses for DevOps Toolchains
DevOOPS: Attacks and Defenses for DevOps Toolchains
Chris Gates
Null bhopal Sep 2016: What it Takes to Secure a Web Application
Null bhopal Sep 2016: What it Takes to Secure a Web Application
Anant Shrivastava
Hacking Vulnerable Websites to Bypass Firewalls
Hacking Vulnerable Websites to Bypass Firewalls
Netsparker
Web2.0 : an introduction
Web2.0 : an introduction
Anant Shrivastava
Anatomy of PHP Shells
Anatomy of PHP Shells
Vedran Krivokuca
DevOops Redux Ken Johnson Chris Gates - AppSec USA 2016
DevOops Redux Ken Johnson Chris Gates - AppSec USA 2016
Chris Gates
Django Interview Questions and Answers
Django Interview Questions and Answers
Python Devloper
Hacker's Practice Ground - Wall of Sheep workshops - Defcon 2015
Hacker's Practice Ground - Wall of Sheep workshops - Defcon 2015
lokeshpidawekar
CSRF Basics
CSRF Basics
n|u - The Open Security Community
Cross Site Request Forgery
Cross Site Request Forgery
Tony Bibbs
More Related Content
What's hot
Is your python application secure? - PyCon Canada - 2015-11-07
Is your python application secure? - PyCon Canada - 2015-11-07
Frédéric Harper
PyCon Canada 2015 - Is your python application secure
PyCon Canada 2015 - Is your python application secure
IMMUNIO
Flashack
Flashack
n|u - The Open Security Community
Make CSRF Again
Make CSRF Again
Netsparker
BSidesJXN 2017 - Improving Vulnerability Management
BSidesJXN 2017 - Improving Vulnerability Management
Andrew McNicol
Exploiting XPC in AntiVirus
Exploiting XPC in AntiVirus
Csaba Fitzl
Pwnstaller
Pwnstaller
Will Schroeder
REST API Pentester's perspective
REST API Pentester's perspective
SecuRing
Automated Infrastructure Security: Monitoring using FOSS
Automated Infrastructure Security: Monitoring using FOSS
Sonatype
Hunting for the secrets in a cloud forest
Hunting for the secrets in a cloud forest
SecuRing
Web Security... Level Up
Web Security... Level Up
Izzet Mustafaiev
TakeDownCon Rocket City: WebShells by Adrian Crenshaw
TakeDownCon Rocket City: WebShells by Adrian Crenshaw
EC-Council
DevOOPS: Attacks and Defenses for DevOps Toolchains
DevOOPS: Attacks and Defenses for DevOps Toolchains
Chris Gates
Null bhopal Sep 2016: What it Takes to Secure a Web Application
Null bhopal Sep 2016: What it Takes to Secure a Web Application
Anant Shrivastava
Hacking Vulnerable Websites to Bypass Firewalls
Hacking Vulnerable Websites to Bypass Firewalls
Netsparker
Web2.0 : an introduction
Web2.0 : an introduction
Anant Shrivastava
Anatomy of PHP Shells
Anatomy of PHP Shells
Vedran Krivokuca
DevOops Redux Ken Johnson Chris Gates - AppSec USA 2016
DevOops Redux Ken Johnson Chris Gates - AppSec USA 2016
Chris Gates
Django Interview Questions and Answers
Django Interview Questions and Answers
Python Devloper
Hacker's Practice Ground - Wall of Sheep workshops - Defcon 2015
Hacker's Practice Ground - Wall of Sheep workshops - Defcon 2015
lokeshpidawekar
What's hot
(20)
Is your python application secure? - PyCon Canada - 2015-11-07
Is your python application secure? - PyCon Canada - 2015-11-07
PyCon Canada 2015 - Is your python application secure
PyCon Canada 2015 - Is your python application secure
Flashack
Flashack
Make CSRF Again
Make CSRF Again
BSidesJXN 2017 - Improving Vulnerability Management
BSidesJXN 2017 - Improving Vulnerability Management
Exploiting XPC in AntiVirus
Exploiting XPC in AntiVirus
Pwnstaller
Pwnstaller
REST API Pentester's perspective
REST API Pentester's perspective
Automated Infrastructure Security: Monitoring using FOSS
Automated Infrastructure Security: Monitoring using FOSS
Hunting for the secrets in a cloud forest
Hunting for the secrets in a cloud forest
Web Security... Level Up
Web Security... Level Up
TakeDownCon Rocket City: WebShells by Adrian Crenshaw
TakeDownCon Rocket City: WebShells by Adrian Crenshaw
DevOOPS: Attacks and Defenses for DevOps Toolchains
DevOOPS: Attacks and Defenses for DevOps Toolchains
Null bhopal Sep 2016: What it Takes to Secure a Web Application
Null bhopal Sep 2016: What it Takes to Secure a Web Application
Hacking Vulnerable Websites to Bypass Firewalls
Hacking Vulnerable Websites to Bypass Firewalls
Web2.0 : an introduction
Web2.0 : an introduction
Anatomy of PHP Shells
Anatomy of PHP Shells
DevOops Redux Ken Johnson Chris Gates - AppSec USA 2016
DevOops Redux Ken Johnson Chris Gates - AppSec USA 2016
Django Interview Questions and Answers
Django Interview Questions and Answers
Hacker's Practice Ground - Wall of Sheep workshops - Defcon 2015
Hacker's Practice Ground - Wall of Sheep workshops - Defcon 2015
Viewers also liked
CSRF Basics
CSRF Basics
n|u - The Open Security Community
Cross Site Request Forgery
Cross Site Request Forgery
Tony Bibbs
CSRF Attack and Its Prevention technique in ASP.NET MVC
CSRF Attack and Its Prevention technique in ASP.NET MVC
Suvash Shah
Introduction to CSRF Attacks & Defense
Introduction to CSRF Attacks & Defense
Surya Subhash
Understanding Cross-site Request Forgery
Understanding Cross-site Request Forgery
Daniel Miessler
A8 cross site request forgery (csrf) it 6873 presentation
A8 cross site request forgery (csrf) it 6873 presentation
Albena Asenova-Belal
Viewers also liked
(6)
CSRF Basics
CSRF Basics
Cross Site Request Forgery
Cross Site Request Forgery
CSRF Attack and Its Prevention technique in ASP.NET MVC
CSRF Attack and Its Prevention technique in ASP.NET MVC
Introduction to CSRF Attacks & Defense
Introduction to CSRF Attacks & Defense
Understanding Cross-site Request Forgery
Understanding Cross-site Request Forgery
A8 cross site request forgery (csrf) it 6873 presentation
A8 cross site request forgery (csrf) it 6873 presentation
Similar to [Php Camp]Owasp Php Top5+Csrf
OWASP Top10 2010
OWASP Top10 2010
Tommy Tracx Xaypanya
Owasp top 10 web application security hazards part 2
Owasp top 10 web application security hazards part 2
Abhinav Sejpal
Owasp top 10 web application security hazards - Part 1
Owasp top 10 web application security hazards - Part 1
Abhinav Sejpal
Secure PHP Coding
Secure PHP Coding
Narudom Roongsiriwong, CISSP
Break it while you make it: writing (more) secure software
Break it while you make it: writing (more) secure software
Leigh Honeywell
OWASP an Introduction
OWASP an Introduction
alessiomarziali
Oh no, was that CSRF #Ouch
Oh no, was that CSRF #Ouch
Abhinav Sejpal
Web application penetration testing lab setup guide
Web application penetration testing lab setup guide
Sudhanshu Chauhan
ISC2: AppSec & OWASP Primer
ISC2: AppSec & OWASP Primer
CiNPA Security SIG
Web application security
Web application security
Kapil Sharma
OWASP App Sec US - 2010
OWASP App Sec US - 2010
Aditya K Sood
Session10-PHP Misconfiguration
Session10-PHP Misconfiguration
zakieh alizadeh
Securing Your WordPress Website - WordCamp GC 2011
Securing Your WordPress Website - WordCamp GC 2011
Vlad Lasky
Securing Your WordPress Website by Vlad Lasky
Securing Your WordPress Website by Vlad Lasky
wordcampgc
OWASP_Top_Ten_Proactive_Controls_v32.pptx
OWASP_Top_Ten_Proactive_Controls_v32.pptx
nmk42194
Your Crown Jewels Online: Further Attacks to SAP Web Applications (RSAConfe...
Your Crown Jewels Online: Further Attacks to SAP Web Applications (RSAConfe...
Onapsis Inc.
PHP Security
PHP Security
Mindfire Solutions
OWASP_Top_Ten_Proactive_Controls_v2.pptx
OWASP_Top_Ten_Proactive_Controls_v2.pptx
cgt38842
VAPT_FINAL SLIDES.pptx
VAPT_FINAL SLIDES.pptx
karthikvcyber
OWASP_Top_Ten_Proactive_Controls_v2.pptx
OWASP_Top_Ten_Proactive_Controls_v2.pptx
johnpragasam1
Similar to [Php Camp]Owasp Php Top5+Csrf
(20)
OWASP Top10 2010
OWASP Top10 2010
Owasp top 10 web application security hazards part 2
Owasp top 10 web application security hazards part 2
Owasp top 10 web application security hazards - Part 1
Owasp top 10 web application security hazards - Part 1
Secure PHP Coding
Secure PHP Coding
Break it while you make it: writing (more) secure software
Break it while you make it: writing (more) secure software
OWASP an Introduction
OWASP an Introduction
Oh no, was that CSRF #Ouch
Oh no, was that CSRF #Ouch
Web application penetration testing lab setup guide
Web application penetration testing lab setup guide
ISC2: AppSec & OWASP Primer
ISC2: AppSec & OWASP Primer
Web application security
Web application security
OWASP App Sec US - 2010
OWASP App Sec US - 2010
Session10-PHP Misconfiguration
Session10-PHP Misconfiguration
Securing Your WordPress Website - WordCamp GC 2011
Securing Your WordPress Website - WordCamp GC 2011
Securing Your WordPress Website by Vlad Lasky
Securing Your WordPress Website by Vlad Lasky
OWASP_Top_Ten_Proactive_Controls_v32.pptx
OWASP_Top_Ten_Proactive_Controls_v32.pptx
Your Crown Jewels Online: Further Attacks to SAP Web Applications (RSAConfe...
Your Crown Jewels Online: Further Attacks to SAP Web Applications (RSAConfe...
PHP Security
PHP Security
OWASP_Top_Ten_Proactive_Controls_v2.pptx
OWASP_Top_Ten_Proactive_Controls_v2.pptx
VAPT_FINAL SLIDES.pptx
VAPT_FINAL SLIDES.pptx
OWASP_Top_Ten_Proactive_Controls_v2.pptx
OWASP_Top_Ten_Proactive_Controls_v2.pptx
More from Bipin Upadhyay
"Http protocol and other stuff" by Bipin Upadhyay
"Http protocol and other stuff" by Bipin Upadhyay
Bipin Upadhyay
Attack Simulation And Threat Modeling -Olu Akindeinde
Attack Simulation And Threat Modeling -Olu Akindeinde
Bipin Upadhyay
Php Development Stack
Php Development Stack
Bipin Upadhyay
Php Camp Open Social
Php Camp Open Social
Bipin Upadhyay
[Phpcamp]Shindig An OpenSocial container
[Phpcamp]Shindig An OpenSocial container
Bipin Upadhyay
"The Web Is Broken" by Bipin Upadhyay
"The Web Is Broken" by Bipin Upadhyay
Bipin Upadhyay
Paradigm Created
Paradigm Created
Bipin Upadhyay
More from Bipin Upadhyay
(7)
"Http protocol and other stuff" by Bipin Upadhyay
"Http protocol and other stuff" by Bipin Upadhyay
Attack Simulation And Threat Modeling -Olu Akindeinde
Attack Simulation And Threat Modeling -Olu Akindeinde
Php Development Stack
Php Development Stack
Php Camp Open Social
Php Camp Open Social
[Phpcamp]Shindig An OpenSocial container
[Phpcamp]Shindig An OpenSocial container
"The Web Is Broken" by Bipin Upadhyay
"The Web Is Broken" by Bipin Upadhyay
Paradigm Created
Paradigm Created
Recently uploaded
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Education
pboyjonauth
How to do quick user assign in kanban in Odoo 17 ERP
How to do quick user assign in kanban in Odoo 17 ERP
Celine George
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdf
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdf
phamnguyenenglishnb
What is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERP
Celine George
ENGLISH6-Q4-W3.pptxqurter our high choom
ENGLISH6-Q4-W3.pptxqurter our high choom
nelietumpap1
Quarter 4 Peace-education.pptx Catch Up Friday
Quarter 4 Peace-education.pptx Catch Up Friday
MakMakNepo
EPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptx
RaymartEstabillo3
ROOT CAUSE ANALYSIS PowerPoint Presentation
ROOT CAUSE ANALYSIS PowerPoint Presentation
AadityaSharma884161
DATA STRUCTURE AND ALGORITHM for beginners
DATA STRUCTURE AND ALGORITHM for beginners
Sabitha Banu
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
iammrhaywood
Romantic Opera MUSIC FOR GRADE NINE pptx
Romantic Opera MUSIC FOR GRADE NINE pptx
sqpmdrvczh
Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17
Celine George
Types of Journalistic Writing Grade 8.pptx
Types of Journalistic Writing Grade 8.pptx
Eyham Joco
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
Sarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM,CSX-F
9953330565 Low Rate Call Girls In Rohini Delhi NCR
9953330565 Low Rate Call Girls In Rohini Delhi NCR
9953056974 Low Rate Call Girls In Saket, Delhi NCR
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptx
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptx
Anupkumar Sharma
Field Attribute Index Feature in Odoo 17
Field Attribute Index Feature in Odoo 17
Celine George
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptx
NirmalaLoungPoorunde1
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
UjwalaBharambe
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptx
pboyjonauth
Recently uploaded
(20)
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Education
How to do quick user assign in kanban in Odoo 17 ERP
How to do quick user assign in kanban in Odoo 17 ERP
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdf
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdf
What is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERP
ENGLISH6-Q4-W3.pptxqurter our high choom
ENGLISH6-Q4-W3.pptxqurter our high choom
Quarter 4 Peace-education.pptx Catch Up Friday
Quarter 4 Peace-education.pptx Catch Up Friday
EPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptx
ROOT CAUSE ANALYSIS PowerPoint Presentation
ROOT CAUSE ANALYSIS PowerPoint Presentation
DATA STRUCTURE AND ALGORITHM for beginners
DATA STRUCTURE AND ALGORITHM for beginners
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
Romantic Opera MUSIC FOR GRADE NINE pptx
Romantic Opera MUSIC FOR GRADE NINE pptx
Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17
Types of Journalistic Writing Grade 8.pptx
Types of Journalistic Writing Grade 8.pptx
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
9953330565 Low Rate Call Girls In Rohini Delhi NCR
9953330565 Low Rate Call Girls In Rohini Delhi NCR
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptx
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptx
Field Attribute Index Feature in Odoo 17
Field Attribute Index Feature in Odoo 17
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptx
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptx
[Php Camp]Owasp Php Top5+Csrf
1.
OWASP PHP Top
5 plus CSRF Bipin Upadhyay , Satyam Computers http://projectbee.org/
2.
3.
4.
5.
6.
7.
Network Sec. versus
App Sec. Ports Firewall/IDS/IPS 80 443 0 65535 Web Server Attacker
8.
Network Sec. versus
App Sec… Ports Firewall/NATed IP 0 65535 Malicious OR Compromised Web Server Victim
9.
10.
11.
12.
13.
14.
15.
16.
17.
18.
19.
20.
21.
22.
23.
24.
25.
26.
27.
28.
29.
30.
Download now