NOV. 3 – 8, 2019
POTSDAM, GERMANY

EUROPE'S GREATEST AGILE SOFTWARE TESTING FESTIVAL!

When Data Becomes Code

Understanding Injection Attacks on Web Applications

Explore how carefully crafted data is at the heart of many security attacks.

At the the heart of many security attacks like the possibility that a user provides carefuly crafted data which goes on to be intepreted by a virtual machine. An example would be someone providing such data in place of an input as innocent as a book id, but resulting in disclosure of user names and passwords.

This tutorial explores in the simplest possible manner, how and why such attacks work. It takes the participants through practical exercises where they explore crafting such data by hand. Rather than teaching them payloads which they can cram, it helps them in building such payloads and then applying this knowledge to understand others.

All in all, this tutorial would result in a strong foundation for attendees in web application security testing, on which they can build further towards limitless opportunities.


More Related Sessions


Bonus Session

19:30-22:00 Room E1- Track 4: Vendor Talks

Exploratory Testing Challenge

Full-Day Tutorial (6-hour Workshop)

9:00-17:00

Web Application Security

Equipment required

30-minute Talk

11:55-12:25 Room F3 - Track 3: Talks

HACKING - BRIDGING THE GAP & GOING BEYOND TO FIGHT BLACK-HAT

Equipment required

150-min Workshop

14:25-17:25 Room E1- Track 4: Vendor Talks

Introduction to VR Software Testing

Equipment required

Other Events:

Your privacy matters

We use cookies to understand how you use our site and to give you the best experience on our website. If you continue to use this site we will assume that you are happy with it and accept our use of cookies, Privacy Policy and Terms of Use.