Ce talk contient du code
pouvant heurter

la sensibilité des plus crafts.

@JulienTopcu

Welcome to Pangloss !

"all is for the best in the best of all possible worlds"

@JulienTopcu

@JulienTopcu

Julien Topçu

Tech Coach

beyondxscratch.com

julien.topcu@owasp.org

craftsrecords.org

Comment se faire h4ck3r

bien comme il faut !

@JulienTopcu

@JulienTopcu

' OR '1'='1' LIMIT 1 --

HRE

@JulienTopcu

Human Readable Encryption

a.k.a clear-text

@JulienTopcu

@JulienTopcu

Dear Pangloss user,


We are really happy to offer you a 80% discount!!!


This is a limited offer, don't loose any time and visit this link!

@JulienTopcu

VanderdendurBank

Salary                                             +1759


Ashley Madison                             -169

Pangloss Order                    -1000000
 

Balance                                   -997 904

😱

🤔

😏

🤑

@JulienTopcu

Injection

Broken Authentication

Sensitive data exposure

XML External Entities (XXE)

Broken Access Control

Security misconfigurations

Cross Site Scripting (XSS)

Insecure Deserialization

Using Components with known vulnerabilities

Insufficient logging and monitoring

Hackers-proof software

in 20 minutes

@JulienTopcu

😈

@JulienTopcu

Thank you!

GitLab Repository

Keeping your secrets

@JulienTopcu

@JulienTopcu

Vulnerabilities in third-parties