2015-021: 24 Deadly Sins: Command injection
BrakeSec Education Podcast · Bryan Brake
May 10, 201540m 10s
Audio is streamed directly from the publisher (traffic.libsyn.com) as published in their RSS feed. Play Podcasts does not host this file. Rights-holders can request removal through the copyright & takedown page.
Show Notes
We continue our journey on the 24 Deadly Programming Sins. If you listened to last week's podcast, we introduced the book we were using as a study tool:
http://www.amazon.com/Deadly-Sins-Software-Security-Programming/dp/0071626751
This week is on command injection. We first discussed command injection as part of our OWASP Top 10 for 2013, but you'll be surprised just how easy devs compile conditions that allow for command injection into their code as well.