23C3 - 1.5
23rd Chaos Communication Congress
Who can you trust?
Speakers | |
---|---|
Viktoria Polzer |
Schedule | |
---|---|
Day | 2 |
Room | Workshop Area |
Start time | 11:30 |
Duration | 01:00 |
Info | |
ID | 1745 |
Event type | Workshop |
Track | Hacking |
Language | English |
Feedback | |
---|---|
Did you attend this event? Give Feedback |
Web Application Security
Find the Flaw, or Someone Else Will
Extensive information on web application security mistakes (and how to avoid them) has been available for quite a while. Yet many web applications still come with flaws that are often easy to find and exploit. The currently hyped AJAX will probably increase the number of buggy applications, since it invites programmers to entrust critical tasks like input validation and access control to the browser - thereby making it easy for malicious users to bypass these checks.
This talk will provide a short overview of how web applications work and then discuss the most common security flaws and attacks (e.g. SQL Injection and Cross Site Scripting). It also presents methods and tools that can be used to test for these issues.