Information Security Training
PHP Code Auditing Session 7
Posted July 15th, 2009 by jukeane
Attached is the power point (.ppt) presentations detailing the contents of the seventh session of the SAS Information Security PHP Code Auditing training. The seventh session covers PHP's session handling as well as an overview of cookies.
| Attachment | Size |
|---|---|
| php-code-auditing7.ppt | 147.5 KB |
PHP Code Auditing Session 6
Posted July 9th, 2009 by jukeane
Attached is the power point (.ppt) presentations detailing the contents of the sixth session of the SAS Information Security PHP Code Auditing training. The sixth session covers code auditing strategies and vulnerability report generation. This session dealt specifically with the exercise distributed for the class, including a review of the code and demonstration of the techniques presented in the slides.
| Attachment | Size |
|---|---|
| PHP-code-auditing6.ppt | 139 KB |
PHP Code Auditing Session 5
Posted July 1st, 2009 by jukeane
Attached is the power point (.ppt) presentations detailing the contents of the fifth session of the SAS Information Security PHP Code Auditing training. The fifth session covers cross site scripting (XSS) and cross site request forgery (XSRF) vulnerabilities.
| Attachment | Size |
|---|---|
| PHP-code-auditing5.ppt | 168 KB |
PHP Code Auditing Session 4
Posted June 30th, 2009 by jukeane
Attached are the three power point (.ppt) presentations detailing the contents of the fourth session of the SAS Information Security PHP Code Auditing training. The fourth session covers the directory traversal, local and remote file include vulnerabilities and arbitrary code execution.
| Attachment | Size |
|---|---|
| PHP-code-auditing4.1.ppt | 128 KB |
| PHP-code-auditing4.2.ppt | 157 KB |
| PHP-code-auditing4.3.ppt | 213 KB |
PHP Code Auditing Session 3
Posted June 17th, 2009 by jukeane
Attached is the power point (.ppt) presentation detailing the contents of the third session of the SAS Information Security PHP Code Auditing training. The third session covers the exercise from session 2, along with the tools necessary to complete the project and some SQL injection techniques.
| Attachment | Size |
|---|---|
| PHP-code-auditing3.ppt | 2.14 MB |
PHP Code Auditing Session 2
Posted June 10th, 2009 by jukeane
Attached is the power point (.ppt) presentation detailing the contents of the second session of the SAS Information Security PHP Code Auditing training. The second session covers some essential concepts and vocabulary, exploit development, PHP and MySQL interaction, SQL injection vulnerabilities and defensive strategies.
| Attachment | Size |
|---|---|
| PHP-code-auditing2.ppt | 207.5 KB |
PHP Code Auditing Session 1
Posted June 3rd, 2009 by jukeane
Attached is the power point (.ppt) presentation detailing the contents of the first session of the SAS Information Security PHP Code Auditing training. The first session covers PHP foundations and fundamentals in order to build towards more comprehensive topics covering PHP security and vulnerability discovery in PHP code.
| Attachment | Size |
|---|---|
| PHP-code-auditing1.ppt | 186 KB |