One PHP application will be thrown into the arena, and it will be your task to scan it and attempt every twisted hack you know to penetrate it and take control. The workshop will take a tour from the outside (black box testing, scanners, fuzzing), and the inside (code audit), to highlight common security mistakes. We'll discuss solutions, both on their advantage and limits, and we'll probably also discover new vulnerabilities and exploits.

This session aims at providing a fresh look at PHP security by joining audiance and speaker skills to reinforce a poorly secured app.