NCDevCon 2014 Free Video- Web Penetration And Hacking Tools

Please enjoy this free video from NCDevCon 2014: Watch Now

Web Penetration and Hacking Tools

Most security presentation to developers are a dry rehashing of OWASP Top Ten; do this and don't do that with terse snippets of code. This session aims to be different in that the tools that are available to hackers will be demonstrated to show how a web application is attacked. Using the OWASP Top Ten as a guide, a combination of vulnerabilities will be used to attack a demonstration application. Two tools that will be highlighted are sqlmap, BeEF (Browser Exploitation Framework), Metasploit, and published exploit scripts. * Recent events in security and hacking * Overview of OWASP 2013 Top Ten * Show how attacks are never a single issue, but combination of vulnerabilities * See what SQL Injection and password compromise really look like * See why XSS is a serious vulnerability * See authentication bypass in action * Quick overview of Web Application Firewalls and Web Vulnerability Scanners

About David Epler

David Epler

David Epler is a Security Architect with AboutWeb in Rockville, MD. As a member of AboutWeb's solutions team, he has built, deployed, and maintained systems compliant with the most demanding regulations and mandates needed to pass security certification and accreditation for Federal Government clients. Along with the blog he maintains, he is responsible for creating and maintaining Unofficial Updater 2 which makes patching ColdFusion 8 and 9 significantly easier. He also contributed the Security chapter for Learn CF in a Week David has been a speaker at various user groups and conferences like CNCDevCon, cf.Objective(), and Adobe Government Technology Summit.

Follow David Epler on Twitter

Ready to Register for NCDevCon 2015?

Eventbrite - NCDevCon 2015 - North Carolina's Premier Web Conference

There are no comments yet...Kick things off by filling out the form below.

Leave a Comment

Leave this field empty: