A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Search Irongeek.com:

Affiliates:
Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


Metaprogramming in Ruby and doing it wrong. - Ken Toler Derbycon 2016 (Hacking Illustrated Series InfoSec Tutorial Videos)

Metaprogramming in Ruby and doing it wrong.
Ken Toler
Derbycon 2016

Ruby is a powerful programming language, it includes way to write dynamic code at run time, this is called meta-programming. Meta-programming, everyones favorite Rubyism to hate. It can lead to less code, more abstraction and tears of pain and sorrow. During the review of lots of Rails and Ruby applications we?ve see how meta-programming has lead to some really interesting but terrible security flaws. In this talk, we?ll do a deep dive into examples of how meta-programming can bite you in a big way.

Ken is currently an AppSec engineer at OnDeck, but has been around the security consulting block once or twice. He specializes in Ruby, Java, .NET, and Javascript and has a passion for security and general tech. When he's not digging into code or breaking things he can probably be found at a local karaoke bar.

@relotnek

Back to Derbycon 2016 video list

Printable version of this article

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2016, IronGeek
Louisville / Kentuckiana Information Security Enthusiast