PHP Development Environment Setting Marketplace(e) OS Min-Chul Jeong 최진완 2009.09.20

Slides:



Advertisements
Similar presentations
.Net Application Testing By Sam Nasr August 24, 2004.
Advertisements

Closing the Gap: Analyzing the Limitations of Web Application Vulnerability Scanners David Shelly Randy Marchany Joseph Tront Virginia Polytechnic Institute.
Designed-in Security Some Major Challenges Security Group Department of Computer Science University of California, Santa Barbara Trustworthy.
Hands on Demonstration for Testing Security in Web Applications
DEV333. Describe each main attack Demo how the attack works Fix our poor vulnerable application! Why Script Kiddies, Why? Click to Hack.
{ Debugging PHP with Xdebug Stephanie Russell Zachary Klink.
Cloud Computing Part #3 Zigmunds Buliņš, Mg. sc. ing 1.
Software Engineering Process and Tools in the Mozilla Project How open-source CM tools made Firefox the fastest and safest web browser.
CS 290C: Formal Models for Web Software Lecture 1: Introduction Instructor: Tevfik Bultan.
Leveraging User Interactions for In-Depth Testing of Web Applications Sean McAllister, Engin Kirda, and Christopher Kruegel RAID ’08 1 Seoyeon Kang November.
Sara SartoliAkbar Siami Namin NSF-SFS workshop July 14-18, 2014.
Loupe /loop/ noun a magnifying glass used by jewelers to reveal flaws in gems. a logging and error management tool used by.NET teams to reveal flaws in.
Ligthning Velocity FREE
Web Application Vulnerabilities Checklist. EC-Council Parameter Checklist  URL request  URL encoding  Query string  Header  Cookie  Form field 
© 2011 LogiGear Corporation. All Rights Reserved Capturing Interface Presenter: Thuy Tran.
- Chaitanya Krishna Pappala Enterprise Architect- a tool for Business process modelling.
WEB329 ASP.NET: A Lap Around the New Enhancements for Web Developers in Microsoft Visual Studio 2005 Omar Khan Lead Program Manager Web Platform and Tools.
Moodle Development Why work with Moodle? What skills are required. Strategies for building up the Moodle development community in Thailand.
Security testing of study information system Security team: Matis Alliksoo Alo Konno Urmo Lihten Taavi Podzuks Sander Saarm.
Development Strategies for Web Applications Jonathan Babbage National Superconducting Cyclotron Laboratory.
Security Testing Case Study 360logica Software Testing Services.
Xdebug from A to X By Gennady Feldman Aug 25, 2009.
WEBMATRIX Microsoft Pranav Rastogi.
AppSec USA 2014 Denver, Colorado Customizing Burp Suite Getting the Most out of Burp Extensions.
Forensic Drupal Debugging Dan Harris daneesia on drupal.org.
FireBug. What is Firebug?  Firebug is a powerful tool that allows you to edit HTML, CSS and view the coding behind any website: CSS, HTML, DOM and JavaScript.
Alert Logic Provides a Fully Managed Security and Compliance Solution Based in the Cloud, Powered by the Robust Microsoft Azure Platform MICROSOFT AZURE.
Building Secure Web Applications With ASP.Net MVC.
Web system security issues: A developer's perspective Morrison, P. Jason 9 December 2004 BAD Information Security Web system security issues:
If statements and validation. If statement In programming the if statement allows one to test certain conditions and respond differently depending on.
Crash Course in Web Hacking
Building More Reliable And Better Performing Web Applications With Visual Studio 2005 Team System Gabriel Marius TLN312 Program Manager Microsoft Corporation.
Web Application Vulnerabilities ECE 4112 Internetwork Security, Spring 2005 Chris Kelly Chris Lewis April 28, 2005 ECE 4112 Internetwork Security, Spring.
McGraw-Hill/Irwin The Interactive Computing Series © 2002 The McGraw-Hill Companies, Inc. All rights reserved. Microsoft Access 2002 Using Access Tools.
By Davide Balzarotti Marco Cova Viktoria V. FelmetsgerGiovanni Vigna Presented by: Mostafa Saad.
Chapter 1 The Software Security Problem. Goals of this course Become aware of common pitfalls. Static Analysis and tools.
DEV364 Visual Studio Team System “Enabling Better Software Through Better Testing” Keith Brown Pluralsight LLC.
CitiWiki Summer Workshop Day 4: Wiki Teaching Project Li Xu CS, UMass Lowell.
Local Code Execution Requires local account (non-privileged) Requires write access to /tmp If chkrootkit runs as privileged user then Priv. Escl.
Example – SQL Injection MySQL & PHP code: // The next instruction prompts the user is to supply an ID $personID = getIDstringFromUser(); $sqlQuery = "SELECT.
PHP code profiling using XDebug By Gennady Feldman June 16, 2009.
Cool CF Debugging Shlomy Gantz 07/29/01CF_ODYSSEY.
PHP Assignment Help BookMyEssay. What is PHP PHP is a scripting language generally used on web servers. It is an open source language and embedded code.
Application Communities
Group 18: Chris Hood Brett Poche
Web Application Security
Setup a PHP + MySQL Development Environment
Module: Software Engineering of Web Applications
Presentation by: Naga Sri Charan Pendyala
WEB APPLICATION TESTING
Web Application Security
Example – SQL Injection
Web Applications Security INTRO
IBM AS 400 online Training in Hyderabad
Yii - For the Future - Gen Web Development Platform
HTML Level II (CyberAdvantage)
Security of web applications.
What is Cookie? Cookie is small information stored in text file on user’s hard drive by web server. This information is later used by web browser to retrieve.
What is a CMS. CMS is content management system CMS is a software that stores content.
Mid Term II Review.
What is Software Testing?
Security at the Source.
Zach Garcia Keith Reiter
Ben Smith and Laurie Williams
Universal Apps For Windows 10 Shahed Chowdhuri
By Rajanikanth B Eclipse IDE Overview By Rajanikanth B
Introduction to ASP.NET Parts 1 & 2
Mark Quirk Head of Technology Developer & Platform Group
SeeSoft A Visualization Tool..
Presentation transcript:

PHP Development Environment Setting Marketplace(e) OS Min-Chul Jeong 최진완

2 PHP Dev Envr Setting 1. Application Security Check 1.Xss, Sql Injection 관련 처리 Acunetix Web Vulnerability Scanner 5 It’s a free edition -site-scripting/scanner.htm -site-scripting/scanner.htm Acunetix checks for all web vulnerabilities including SQL injection, Cross site scripting and others 2. Source 내의 DB 접속 정보에 대한 Encryption Encrypt/Decrypt Class Keydb 관리

3 PHP Dev Envr Setting 2. 기본개발 툴 소개 효율적인 개발을 위한 기본 개발 툴 1.Firefox 2.FireBug 3.ySlow 4.Eclipse PDT Debugging Tool 1.Xdebug 2.WinCacheGrind Bug Tracking Tool 1.Trac Bugzilla

4 PHP Dev Envr Setting 2. 기본개발 툴 소개 1.Firefox

5 PHP Dev Envr Setting 2. 기본개발 툴 소개 2. FireBug

6 PHP Dev Envr Setting 2. 기본개발 툴 소개 3. ySlow YSlow analyzes web page performance and tells you why performance is slow. It is integrated into the Firebug web development tool for Firefox.

7 PHP Dev Envr Setting 3. Debugging Tool 1. Xdebug The Xdebug extension helps you debugging your script by providing a lot of valuable debug information. The debug information that Xdebug can provide includes the following: stack traces and function traces in error messages with: stack tracesfunction traces full parameter display for user defined functionsparameter display function name, file name and line indications support for member functions memory allocation protection for infinite recursions Xdebug also provides: profiling information for PHP scripts profiling code coverage analysis capabilities to debug your scripts interactively with a debug clientdebug your scripts interactively

8 PHP Dev Envr Setting 3. Debugging Tool 2. WinCacheGrind ect/screenshots.php?group_ id= ect/screenshots.php?group_ id= php.ini 설정 php.ini 에 아래와 같이 config 를 추가 했 습니다. zend_extension=/opt/php5/lib/php/extensi ons/no-debug-non-zts /xdebug.so xdebug.profiler_enable = 1 xdebug.profiler_enable_trigger = 1 xdebug.profiler_output_dir = /tmp 간단한 설명은 아래를 보십시요.

9 PHP Dev Env Setting 4. Bug & Issue Tracking Tool 1.Trac 2.Bugzilla Benefits Improve communication Increase product quality Improve customer satisfaction Ensure accountability Increase productivity Bugzilla can adapt to multiple situations

Portaltone! Proprietary and Confidential. ©2009 All Rights Reserved Thank you 최진완 Q&A