I’m pleased to announce the May Meeting for this Thursday, Security + PHP.
It’ll cover some of the basics of web application security, such as Cross Site Scripting (XSS), Cross Site Request Forgery (XSRF), SQL injection and some tips for their prevention and becoming more security conscious. There will be some demonstrations of all the topics with some suggested solutions. We’ll also see a demonstration of the simplistic Browser exploitation Framework (BeEF) project from bindshell.net , which presents an interesting take on potentials of XSS and XSRF within the browser.
A little about Eric:
For the past year, I’ve worked at Code Greene, a web development company based in downtown Salt Lake City; I’ve worked on backend medium to large scale integration projects as well as custom PHP and CakePHP web frontends and sites, though my preferences are towards integration and API projects. While I know CakePHP best, I have looked at other PHP frameworks, such as Code Igniter and Zend Framework. In terms of my computer preferences, I don’t have a lot of time for gaming so a Linux distro, such as Ubuntu or Kubuntu, with some quality hardware usually suits me well. I don’t like Windows much anymore, as in the past year I have migrated all but one of my home systems to Ubuntu and only have to use Windows minimally at the university. Honestly, either way works if I can get the job done without too many runarounds, and you know…button clicks.
Eric can be followed on twitter at xtrementl (Extreme-NTL).