Meetup I / 2019 - CTF & Security


Programm / Program

18:30 Uhr (06:30pm) - Doors Open

19:00 Uhr (07:00pm) - User group + Host Intro

19:30 Uhr (07:30pm) - XSS PHP CSP ETC OMG WTF BBQ (Main talk)

How to defend against XSS in 2019 because manually calling htmlspecialchars() is so 90s. We'll talk about templating engines, XSS Filters, Content Security Policy and more.

By Michal Špaček (

Michal is a web developer, speaker & engineer. Building, making the web a bit more secure place. Full disclosure: we'll talk about too but this won't be a marketing talk, don't worry. I was talking about it before I started working on it, and talking about it is one of the reasons why I was invited to join. Here's an article about me joining (

20:15 Uhr (08:15pm) - Short break

20:30 Uhr (08:30pm) - What the flag is CTF? (Main talk)

(in German or English)

Since 2011 Mallle's CTF-Team Eat, Sleep, Pwn, Repeat organizes a Capture the Flag contest for people at Chaos Communication Congress and from all over the world, where over a thousand teams are competing every year who's getting the most points from captured flags.

In this talk, he will give you a short overview about what a CTF is, the challenges, the players, the community and how much fun it is to play. After a short introduction of the different topics from reverse engineering, binary exploitation, over crypto(graphy) to web(-security) tasks he will show some of the web-challenges from this year's junior contest and solve them in a live-hacking session.

So you can get an idea what you are up to when you decide to play, getting a closer look into web issues and see how to solve our challenges even if you never played a CTF before.

By Mallle (

Mallle is part of the german CTF-Team @eatSleepPwnRepeat which since 2011 organizes the Capture the Flag contest at Chaos Communication Congress.

21:30 Uhr (09:15pm) - Community + Socializing