Code Reviewing Web Application Framework Based Applications (Struts 2, Spring MVC, Ruby on Rails (Groovy on Grails), .NET MVC)
- Type
- Paper
- Tags
- code auditing
- Authors
- Abraham Kang
- Event
- Black Hat USA 2012
- Indexed on
- Jun 05, 2014
- URL
- https://media.blackhat.com/bh-us-12/Briefings/Kang/BH_US_12_Kang_Code_Reviewing_WP.pdf
- File name
- BH_US_12_Kang_Code_Reviewing_WP.pdf
- File size
- 724.2 KB
- MD5
- 2eb04d40a49976fd953ed10880c06bd9
- SHA1
- e1b5863f734b8eaa465f05abfcabff29a909b61d
This workshop will give participants an opportunity to practically review Web Application Framework based applications for security vulnerabilities. The material in this workshop provides the hands-on experience that one would need to quickly understand each web application framework (Struts 2, Spring MVC, Ruby on Rails (Groovy on Grails), .NET MVC, Zend PHP, and Scala Play) and identify vulnerabilities in applications using those frameworks. Sample applications are provided with guided tasks to ease participants into understanding the nuances of each framework and the overall steps a code reviewer should follow to identify vulnerabilities.
About us
Secdocs is a project aimed to index high-quality IT security and hacking documents. These are fetched from multiple data sources: events, conferences and generally from interwebs.
Statistics
Serving 8166 documents and 531.0 GB of hacking knowledge, indexed from 2419 authors from 163 security conferences.
Contribute
To support this site and keep it alive, you can click on the buttons below. Any help is really appreciated! This service is provided for free, but real money is needed to pay bills.
