1. Wim Godden Cu.be Solutions My app is secure... I think
2. Who am I ? Wim Godden (@wimgtr)
3. Where I'm from
4. Where I'm from
5. Where I'm from
6. Where I'm from
7. Where I'm from
8. Where I'm from
9. My town
10. My town
11. Belgium the traffic
12. Who am I ? Wim Godden (@wimgtr) Founder of Cu.be Solutions
(http://cu.be) Open Source developer since 1997 Developer of OpenX,
PHPCompatibility, ... Speaker at PHP and Open Source
conferences
13. Who are you ? Developers ? System engineers ? Network
engineers ? Ever had a hack ? Through the code ? Through the server
?
14. This tutorial Based on 2-day training No Vagrant/VirtualBox
required
15. My app is secure... I think Basic stuff = known... or is it
? Code is not enough Code Webserver Database server Operating
system Network
16. Disclaimer Do not use these techniques to hack Use the
knowledge to prevent others from hacking you
17. Reasons for hackers to hack Steal and sell your data Use
your infrastructure as a jumpstation to hack other servers Send out
lots of spam Use your server in a botnet for DDOS attacks Bring
down your systems
18. Part 1 : the most common attacks
19. OWASP Open Web Application Security Project www.owasp.org
Top 10
20. SQL Injection (OWASP #1) Over 15 years Still #1
problem