Let’s read some code and find some bugs! In this workshop, we will take an application and hunt for bugs by performing a code review.
Code reviews can be intimidating, but they are often the best way to find vulnerabilities that will be missed during traditional testing. In this hands-on session, we will provide you with the methodologies and techniques to get started and some examples of both trivial and non-trivial bugs.
To make it easier, we will use a PHP application, but most of the bugs will not be specific to PHP and cover a wide range of vulnerabilities.
This session is aimed at developer/engineer and security professional.
Just bring your favourite IDE, we will provide everything else!