This talk contain code that may offend the sensibilities 
of the most crafters.


Welcome to Pangloss !

"all is for the best in the best of all possible worlds"



Julien Topçu

Sr Technical Leader

How to get properly h4ck3d!



' OR '1'='1' LIMIT 1 --



Human Readable Encoding

a.k.a clear-text



Dear Pangloss user,

We are really happy to offer you a 80% discount!!!


This is a limited offer, don't loose any time and visit this link!



Salary                                             +1759

Ashley Madison                             -169

Pangloss Order                    -1000000

Balance                                   -997 904







Broken Authentication

Sensitive data exposure

XML External Entities (XXE)

Broken Access Control

Security misconfigurations

Cross Site Scripting (XSS)

Insecure Deserialization

Using Components with known vulnerabilities

Insufficient logging and monitoring

Hackers-proof software

in 20 minutes




Thank you!

GitLab Repository

Keeping your secrets



Vulnerabilities in third-parties

How to get properly hacked!

By Julien Topçu

How to get properly hacked!

Yet another leak of credit card numbers on the internet! It is scary isn't it? But wait a minute! What are we doing to make sure our application is actually secured? During this live-coding and live-hacking session, discover the most common mistakes in software developement leading to security vulnerabilities, that the vast majority of us do without even knowing it! After that, you will not see your application in the same way ...

  • 437
Loading comments...

More from Julien Topçu