An interactive security demonstration where the speaker guides the audience through various security vulnerabilities in Laravel applications. The talk showcases common security issues like password brute forcing, insecure direct object references, cross-site scripting through markdown, and environment file exposure. The audience participates by attempting to hack a live demo application using their phones while learning about security best practices and common pitfalls.

A security-focused talk demonstrating common vulnerabilities in Laravel applications through live examples. The speaker walks through various attack vectors including credential stuffing, cross-site scripting (XSS), remote code execution through session manipulation, and SQL injection. The talk emphasizes the importance of thinking like a hacker to identify and fix security vulnerabilities, including proper password management and disabling debug mode in production.

A comprehensive talk about CSRF (Cross-Site Request Forgery) attacks and Same-Site Cookies in Laravel applications. The speaker explains how CSRF attacks work, demonstrates different Same-Site Cookie attributes (Strict, Lax, None), and discusses how Laravel implements Same-Site Cookie protection. The talk includes live demonstrations and explains why CSRF protection remains important despite new browser security features.