Deconstructing PHP Application Exploits for Good, not Evil


Comments are closed.

I really enjoyed the talk, there were lots of great simple to understand examples that illustrated the problems web apps can have.

Good overview....I kind of wished for a few more examples in code. For example, the whole Twitter and CSRF thing was covered, but could have been made a bit more clear showing how the message was inserted and the user was tricked into clicking to send the message. Other than that, it was a good talk...some nice (and different) recommendations at the end.