Programm / Program
18:30 Uhr (06:30pm) - Doors Open
19:00 Uhr (07:00pm) - User group + Host Intro
19:30 Uhr (07:30pm) - XSS PHP CSP ETC OMG WTF BBQ (Main talk)
How to defend against XSS in 2019 because manually calling htmlspecialchars() is so 90s. We'll talk about templating engines, XSS Filters, Content Security Policy and more.
By Michal Špaček (https://twitter.com/spazef0rze)
Michal is a web developer, speaker & engineer. Building report-uri.com, making the web a bit more secure place. Full disclosure: we'll talk about report-uri.com too but this won't be a marketing talk, don't worry. I was talking about it before I started working on it, and talking about it is one of the reasons why I was invited to join. Here's an article about me joining report-uri.com. (https://www.michalspacek.com/adding-features-and-deleting-code-or-how-i-joined-report-uri)
20:15 Uhr (08:15pm) - Short break
20:30 Uhr (08:30pm) - What the flag is CTF? (Main talk)
(in German or English)
Since 2011 Mallle's CTF-Team Eat, Sleep, Pwn, Repeat organizes a Capture the Flag contest for people at Chaos Communication Congress and from all over the world, where over a thousand teams are competing every year who's getting the most points from captured flags.
In this talk, he will give you a short overview about what a CTF is, the challenges, the players, the community and how much fun it is to play. After a short introduction of the different topics from reverse engineering, binary exploitation, over crypto(graphy) to web(-security) tasks he will show some of the web-challenges from this year's junior contest and solve them in a live-hacking session.
So you can get an idea what you are up to when you decide to play, getting a closer look into web issues and see how to solve our challenges even if you never played a CTF before.
By Mallle (https://twitter.com/eatsleeppwnrpt)
Mallle is part of the german CTF-Team @eatSleepPwnRepeat which since 2011 organizes the Capture the Flag contest at Chaos Communication Congress.
21:30 Uhr (09:15pm) - Community + Socializing