PHP Development Environment Setting Marketplace(e) OS Min-Chul Jeong 최진완 2009.09.20

Slides:

Advertisements

Similar presentations

.Net Application Testing By Sam Nasr August 24, 2004.

Advertisements

Closing the Gap: Analyzing the Limitations of Web Application Vulnerability Scanners David Shelly Randy Marchany Joseph Tront Virginia Polytechnic Institute.

Designed-in Security Some Major Challenges Security Group Department of Computer Science University of California, Santa Barbara Trustworthy.

Hands on Demonstration for Testing Security in Web Applications

DEV333. Describe each main attack Demo how the attack works Fix our poor vulnerable application! Why Script Kiddies, Why? Click to Hack.

{ Debugging PHP with Xdebug Stephanie Russell Zachary Klink.

Cloud Computing Part #3 Zigmunds Buliņš, Mg. sc. ing 1.

Software Engineering Process and Tools in the Mozilla Project How open-source CM tools made Firefox the fastest and safest web browser.

CS 290C: Formal Models for Web Software Lecture 1: Introduction Instructor: Tevfik Bultan.

Leveraging User Interactions for In-Depth Testing of Web Applications Sean McAllister, Engin Kirda, and Christopher Kruegel RAID ’08 1 Seoyeon Kang November.

Sara SartoliAkbar Siami Namin NSF-SFS workshop July 14-18, 2014.

Loupe /loop/ noun a magnifying glass used by jewelers to reveal flaws in gems. a logging and error management tool used by.NET teams to reveal flaws in.

Ligthning Velocity FREE

Web Application Vulnerabilities Checklist. EC-Council Parameter Checklist  URL request  URL encoding  Query string  Header  Cookie  Form field 

© 2011 LogiGear Corporation. All Rights Reserved Capturing Interface Presenter: Thuy Tran.

- Chaitanya Krishna Pappala Enterprise Architect- a tool for Business process modelling.

WEB329 ASP.NET: A Lap Around the New Enhancements for Web Developers in Microsoft Visual Studio 2005 Omar Khan Lead Program Manager Web Platform and Tools.

Moodle Development Why work with Moodle? What skills are required. Strategies for building up the Moodle development community in Thailand.

Security testing of study information system Security team: Matis Alliksoo Alo Konno Urmo Lihten Taavi Podzuks Sander Saarm.

Development Strategies for Web Applications Jonathan Babbage National Superconducting Cyclotron Laboratory.

Security Testing Case Study 360logica Software Testing Services.

Xdebug from A to X By Gennady Feldman Aug 25, 2009.

WEBMATRIX Microsoft Pranav Rastogi.

AppSec USA 2014 Denver, Colorado Customizing Burp Suite Getting the Most out of Burp Extensions.

Forensic Drupal Debugging Dan Harris daneesia on drupal.org.

FireBug. What is Firebug?  Firebug is a powerful tool that allows you to edit HTML, CSS and view the coding behind any website: CSS, HTML, DOM and JavaScript.

Alert Logic Provides a Fully Managed Security and Compliance Solution Based in the Cloud, Powered by the Robust Microsoft Azure Platform MICROSOFT AZURE.

Building Secure Web Applications With ASP.Net MVC.

Web system security issues: A developer's perspective Morrison, P. Jason 9 December 2004 BAD Information Security Web system security issues:

If statements and validation. If statement In programming the if statement allows one to test certain conditions and respond differently depending on.

Crash Course in Web Hacking

Building More Reliable And Better Performing Web Applications With Visual Studio 2005 Team System Gabriel Marius TLN312 Program Manager Microsoft Corporation.

Web Application Vulnerabilities ECE 4112 Internetwork Security, Spring 2005 Chris Kelly Chris Lewis April 28, 2005 ECE 4112 Internetwork Security, Spring.

McGraw-Hill/Irwin The Interactive Computing Series © 2002 The McGraw-Hill Companies, Inc. All rights reserved. Microsoft Access 2002 Using Access Tools.

By Davide Balzarotti Marco Cova Viktoria V. FelmetsgerGiovanni Vigna Presented by: Mostafa Saad.

Chapter 1 The Software Security Problem. Goals of this course Become aware of common pitfalls. Static Analysis and tools.

DEV364 Visual Studio Team System “Enabling Better Software Through Better Testing” Keith Brown Pluralsight LLC.

CitiWiki Summer Workshop Day 4: Wiki Teaching Project Li Xu CS, UMass Lowell.

Local Code Execution Requires local account (non-privileged) Requires write access to /tmp If chkrootkit runs as privileged user then Priv. Escl.

Example – SQL Injection MySQL & PHP code: // The next instruction prompts the user is to supply an ID $personID = getIDstringFromUser(); $sqlQuery = "SELECT.

PHP code profiling using XDebug By Gennady Feldman June 16, 2009.

Cool CF Debugging Shlomy Gantz 07/29/01CF_ODYSSEY.

PHP Assignment Help BookMyEssay. What is PHP PHP is a scripting language generally used on web servers. It is an open source language and embedded code.

Application Communities

Group 18: Chris Hood Brett Poche

Web Application Security

Setup a PHP + MySQL Development Environment

Module: Software Engineering of Web Applications

Presentation by: Naga Sri Charan Pendyala

WEB APPLICATION TESTING

Web Application Security

Example – SQL Injection

Web Applications Security INTRO

IBM AS 400 online Training in Hyderabad

Yii - For the Future - Gen Web Development Platform

HTML Level II (CyberAdvantage)

Security of web applications.

What is Cookie? Cookie is small information stored in text file on user’s hard drive by web server. This information is later used by web browser to retrieve.

What is a CMS. CMS is content management system CMS is a software that stores content.

Mid Term II Review.

What is Software Testing?

Security at the Source.

Zach Garcia Keith Reiter

Ben Smith and Laurie Williams

Universal Apps For Windows 10 Shahed Chowdhuri

By Rajanikanth B Eclipse IDE Overview By Rajanikanth B

Introduction to ASP.NET Parts 1 & 2

Mark Quirk Head of Technology Developer & Platform Group

SeeSoft A Visualization Tool..

Presentation transcript:

PHP Development Environment Setting Marketplace(e) OS Min-Chul Jeong 최진완

2 PHP Dev Envr Setting 1. Application Security Check 1.Xss, Sql Injection 관련 처리 Acunetix Web Vulnerability Scanner 5 It’s a free edition -site-scripting/scanner.htm -site-scripting/scanner.htm Acunetix checks for all web vulnerabilities including SQL injection, Cross site scripting and others 2. Source 내의 DB 접속 정보에 대한 Encryption Encrypt/Decrypt Class Keydb 관리

3 PHP Dev Envr Setting 2. 기본개발 툴 소개 효율적인 개발을 위한 기본 개발 툴 1.Firefox 2.FireBug 3.ySlow 4.Eclipse PDT Debugging Tool 1.Xdebug 2.WinCacheGrind Bug Tracking Tool 1.Trac Bugzilla

4 PHP Dev Envr Setting 2. 기본개발 툴 소개 1.Firefox

5 PHP Dev Envr Setting 2. 기본개발 툴 소개 2. FireBug

6 PHP Dev Envr Setting 2. 기본개발 툴 소개 3. ySlow YSlow analyzes web page performance and tells you why performance is slow. It is integrated into the Firebug web development tool for Firefox.

7 PHP Dev Envr Setting 3. Debugging Tool 1. Xdebug The Xdebug extension helps you debugging your script by providing a lot of valuable debug information. The debug information that Xdebug can provide includes the following: stack traces and function traces in error messages with: stack tracesfunction traces full parameter display for user defined functionsparameter display function name, file name and line indications support for member functions memory allocation protection for infinite recursions Xdebug also provides: profiling information for PHP scripts profiling code coverage analysis capabilities to debug your scripts interactively with a debug clientdebug your scripts interactively

8 PHP Dev Envr Setting 3. Debugging Tool 2. WinCacheGrind ect/screenshots.php?group_ id= ect/screenshots.php?group_ id= php.ini 설정 php.ini 에 아래와 같이 config 를 추가 했 습니다. zend_extension=/opt/php5/lib/php/extensi ons/no-debug-non-zts /xdebug.so xdebug.profiler_enable = 1 xdebug.profiler_enable_trigger = 1 xdebug.profiler_output_dir = /tmp 간단한 설명은 아래를 보십시요.

9 PHP Dev Env Setting 4. Bug & Issue Tracking Tool 1.Trac 2.Bugzilla Benefits Improve communication Increase product quality Improve customer satisfaction Ensure accountability Increase productivity Bugzilla can adapt to multiple situations

Portaltone! Proprietary and Confidential. ©2009 All Rights Reserved Thank you 최진완 Q&A