I want to be a hacker Cheat Sheet Links
"I want to be a hacker... but I only look good in a white hat" was the title of the well received talk by Jakub Gadkowski on GroningenPHP on februari 4, 2016. For those who missed information on what you can do about the vurnerabilities Jakub demonstrated, here are some subjects from the slides with hyperlinks and tips for developers on prevention and countermeasures:
||Session attack detection|
|An hour later||Log out/block user on (too many) requests * and/or errors like "route not found", "unknown parameter", "parameter value invalid"
||Index at OWASP inlcuding several cheat sheets|
|I want users!||Use different database connection using different database user for user table, only controllers that really need user data should use this connection|
|Hashed passwords||Faq on php.net|
An alternative to stealing a session not mentioned in the talk: brute force and dictionary attacks on login functions. Countermeasures are mentioned on the OWASP Authentication Cheat Sheet and the Guide to Authentication. Some of the security plugins for Wordpress include such measures and (shamesless plug) here is a Bundle for Symfony 2/3, and its underlying generic library (currently depends on Doctrine DBAL but i hope to add PDO later this year).
Three links that are generally interesting: Security Knowledge Framework for training and lookup, Pargonie's Awesome AppSec for more links, and (of course) the PHP Security Cheat sheet.
One final remark: According to the brothers Ten Cate automated pentesting only finds 10-20 % of the vurnerabilities #. If you want to do better then that you need good habits, procedures, guidelines and sofware components. Consider the results of pentesting as another chance to improve them.
* OWASP Top Ten Cheat Sheet: A2 Weak authentication and session management
# in their talk on Webweek Groningen 2015 about the Security Knowledge Framework