As soon as you start to receive user input your in danger of various attacks. Whether it’s cross site scripting, injection, server side request forgery, local file includes, cross site request forgery or another attack vector entirely. My talk will show what can go wrong and methods to protect yourself.

Session takeaways


I’m a web developer and also an Ethical Hacker specialising in Web App security. I run my own consulting company and also work for a security company called Hacker House which provides pen tests and cyber security training. I’ve recently been building CTF competitions and have plans to start a training course which teaches web developers about cybersecurity.