| |
|
This page contains all of the posts and discussion on MemeStreams referencing the following web page: Outz0ne Presentation. You can find discussions on MemeStreams as you surf the web, even if you aren't a MemeStreams member, using the Threads Bookmarklet.
|
Outz0ne Presentation
by Acidus at 8:18 pm EST, Jan 28, 2007 |
Title: A Hacker's approach to Web Applications Abstract:
This talk will be a live demonstration of how a hacker discovers, analyzes, attacks, and exploits a web application. I will have several sites running on test machines that we will attack. Specific topics include performing reconnaissance, detecting and fingerprinting backend systems, and how to properly utilize different attack vectors like XSS, XSRF, and SQL Injection to do maximum damage to the site. I'll poke holes in common web security myths and I'll also discuss my experiences with pen testing real world sites. Finally, I'll show how to properly secure a website against evil people. Bio:
Acidus spends his days trying to destroy the Intarweb as the lead R&D engineer at a major web security firm. He is far too curious for his own good, and likes really girlie drinks. You know, the kind that come in funny glasses with lots of fruit in them. Seriously, someone buy him a dark beer and some testicles. |
| |
RE: Outz0ne Presentation
by Lost at 11:38 pm EST, Jan 28, 2007 |
Acidus wrote:
Title: A Hacker's approach to Web Applications Abstract:
This talk will be a live demonstration of how a hacker discovers, analyzes, attacks, and exploits a web application. I will have several sites running on test machines that we will attack. Specific topics include performing reconnaissance, detecting and fingerprinting backend systems, and how to properly utilize different attack vectors like XSS, XSRF, and SQL Injection to do maximum damage to the site. I'll poke holes in common web security myths and I'll also discuss my experiences with pen testing real world sites. Finally, I'll show how to properly secure a website against evil people. Bio:
Acidus spends his days trying to destroy the Intarweb as the lead R&D engineer at a major web security firm. He is far too curious for his own good, and likes really girlie drinks. You know, the kind that come in funny glasses with lots of fruit in them. Seriously, someone buy him a dark beer and some testicles.
I would like to submit my AJAX Web application for rootoring at Outerz0ne. |
|
| |
RE: Outz0ne Presentation
by operat0r at 4:36 pm EDT, Aug 6, 2008 |
what was the name of that online java obfuscation that would change the functions even not just like base64 enc them .. ? |
|
|
|
