Security Module for PHP7 - Killing Bugclasses and Virtual-Patching the Rest

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!

Grab it

Explore a conference talk from 44CON 2018 on developing Snuffleupagus, an open-source PHP security module designed to address vulnerabilities in PHP7 applications. Learn about passive bug class elimination, virtual-patching techniques, and how this module improves upon the aging Suhosin. Discover methods for implementing precise, false-positive-free, and low-overhead security measures without modifying application code. Gain insights into PHP-specific security challenges, remote administration, granular patching, and strategies for preventing common vulnerabilities like XSS and remote code execution. Understand the module's performance implications and future development plans, including workshop opportunities and documentation resources.

Syllabus

Intro
PHP internal code
Remote administration
elephant
chaching
granular patching
virtual machine
extra parameter
value stream
kill vulnerability
stealing XSS
cookies
unsterilized
remote code execution
remote boot
R documentation
Xxe
CV
Support values
File manipulation
bug tracker
comparison
PHP madness
No Passport
Strict Mode
ReadOnly Detection
Dump Rules
My sequel query
Performance
Going forward
Workshop
Documentation
PHP
Thank you

Taught by

44CON Information Security Conference

Reviews

Start your review of Security Module for PHP7 - Killing Bugclasses and Virtual-Patching the Rest

Taught by

Snuffleupagus - Killing Bugclasses in PHP 7, Virtual-Patching the Rest

Injecting Security Into Web Apps With Runtime Patching And Context Learning

5 Best Free Web Development Courses for 2024: Over 900 Hours of Learning

Never Stop Learning.