Learn, hack!

Hacking and security documentation: slides, papers, video and audio recordings. All in high-quality, daily updated, avoiding security crap documents. Spreading hacking knowledge, for free, enjoy. Follow on .

Code Reviewing Web Application Framework Based Applications (Struts 2, Spring MVC, Ruby on Rails (Groovy on Grails), .NET MVC)

Type
Paper
Tags
code auditing
Authors
Abraham Kang
Event
Black Hat USA 2012
Indexed on
Jun 05, 2014
URL
https://media.blackhat.com/bh-us-12/Briefings/Kang/BH_US_12_Kang_Code_Reviewing_WP.pdf
File name
BH_US_12_Kang_Code_Reviewing_WP.pdf
File size
724.2 KB
MD5
2eb04d40a49976fd953ed10880c06bd9
SHA1
e1b5863f734b8eaa465f05abfcabff29a909b61d

This workshop will give participants an opportunity to practically review Web Application Framework based applications for security vulnerabilities. The material in this workshop provides the hands-on experience that one would need to quickly understand each web application framework (Struts 2, Spring MVC, Ruby on Rails (Groovy on Grails), .NET MVC, Zend PHP, and Scala Play) and identify vulnerabilities in applications using those frameworks. Sample applications are provided with guided tasks to ease participants into understanding the nuances of each framework and the overall steps a code reviewer should follow to identify vulnerabilities.

About us

Secdocs is a project aimed to index high-quality IT security and hacking documents. These are fetched from multiple data sources: events, conferences and generally from interwebs.

Statistics

Serving 8165 documents and 530.8 GB of hacking knowledge, indexed from 2419 authors from 163 security conferences.

Contribute

To support this site and keep it alive, you can click on the buttons below. Any help is really appreciated! This service is provided for free, but real money is needed to pay bills.

Flattr this Click here to lend your support to: Keep live SecDocs for an year and make a donation at www.pledgie.com !