Loading…
AppSec Europe 2014 has ended
Welcome to the full schedule of the OWASP AppSec Research EU 2014 conference days

Sign up or log in to bookmark your favorites and sync them to your phone or calendar.

LAB006 [clear filter]
Monday, June 23
 

09:00 BST

Training room 5 - The Art of Exploiting Injection Flaws
OWASP rates injection flaws as the most critical vulnerability within the Top 10 most Critical Web Application Security Risks under the OWASP Top 10 project: https://www.owasp.org/index.php/Top_10_2013-A1-Injection 

This hands-on session will only focus on the injection flaws and the attendees will get an in-depth understanding of the flaws arising from this vulnerability. The topics covered in the class are: 

SQL Injection 
XPATH Injection 
LDAP Injection 
Hibernate Query Language Injection 
Direct OS Code Injection 
XML Entity Injection 

During the two-days course, the attendees will have access to a number of challenges for each flaw and they will learn a variety of exploitation techniques used by the attackers in the wild. Identify, extract, escalate, execute; we have got it all covered. The following are the objectives of the course: 



  • Understand the problem of Injection Flaws 

  • Learn a variety of advanced exploitation techniques which hackers use 

  • learn how to fix these problems 


Speakers
avatar for Sumit Siddharth

Sumit Siddharth

Founder, NotSoSecure
Sumit Siddharth (Sid) is the founder of NotSoSecure (www.notsosecure.com), a specialist IT security firm delivering high-end IT security consultancy and Training. Prior to NotSoSecure, he worked as Head of Penetration Testing for a leading IT security company in the UK. He has more than 9 years of experience in Penetration Testing. Sid has authored a... Read More →


Monday June 23, 2014 09:00 - 13:00 BST
LAB006

14:00 BST

Training room 5 - The Art of Exploiting Injection Flaws
OWASP rates injection flaws as the most critical vulnerability within the Top 10 most Critical Web Application Security Risks under the OWASP Top 10 project: https://www.owasp.org/index.php/Top_10_2013-A1-Injection 

This hands-on session will only focus on the injection flaws and the attendees will get an in-depth understanding of the flaws arising from this vulnerability. The topics covered in the class are: 

SQL Injection 
XPATH Injection 
LDAP Injection 
Hibernate Query Language Injection 
Direct OS Code Injection 
XML Entity Injection 

During the two-days course, the attendees will have access to a number of challenges for each flaw and they will learn a variety of exploitation techniques used by the attackers in the wild. Identify, extract, escalate, execute; we have got it all covered. The following are the objectives of the course: 



  • Understand the problem of Injection Flaws 

  • Learn a variety of advanced exploitation techniques which hackers use 

  • learn how to fix these problems 


Speakers
avatar for Sumit Siddharth

Sumit Siddharth

Founder, NotSoSecure
Sumit Siddharth (Sid) is the founder of NotSoSecure (www.notsosecure.com), a specialist IT security firm delivering high-end IT security consultancy and Training. Prior to NotSoSecure, he worked as Head of Penetration Testing for a leading IT security company in the UK. He has more than 9 years of experience in Penetration Testing. Sid has authored a... Read More →


Monday June 23, 2014 14:00 - 18:00 BST
LAB006
 
Tuesday, June 24
 

09:00 BST

Training room 5 - The Art of Exploiting Injection Flaws
OWASP rates injection flaws as the most critical vulnerability within the Top 10 most Critical Web Application Security Risks under the OWASP Top 10 project: https://www.owasp.org/index.php/Top_10_2013-A1-Injection 

This hands-on session will only focus on the injection flaws and the attendees will get an in-depth understanding of the flaws arising from this vulnerability. The topics covered in the class are: 

SQL Injection 
XPATH Injection 
LDAP Injection 
Hibernate Query Language Injection 
Direct OS Code Injection 
XML Entity Injection 

During the two-days course, the attendees will have access to a number of challenges for each flaw and they will learn a variety of exploitation techniques used by the attackers in the wild. Identify, extract, escalate, execute; we have got it all covered. The following are the objectives of the course: 



  • Understand the problem of Injection Flaws 

  • Learn a variety of advanced exploitation techniques which hackers use 

  • learn how to fix these problems 


Speakers
avatar for Sumit Siddharth

Sumit Siddharth

Founder, NotSoSecure
Sumit Siddharth (Sid) is the founder of NotSoSecure (www.notsosecure.com), a specialist IT security firm delivering high-end IT security consultancy and Training. Prior to NotSoSecure, he worked as Head of Penetration Testing for a leading IT security company in the UK. He has more than 9 years of experience in Penetration Testing. Sid has authored a... Read More →


Tuesday June 24, 2014 09:00 - 13:00 BST
LAB006

14:00 BST

Training room 5 - The Art of Exploiting Injection Flaws
OWASP rates injection flaws as the most critical vulnerability within the Top 10 most Critical Web Application Security Risks under the OWASP Top 10 project: https://www.owasp.org/index.php/Top_10_2013-A1-Injection 

This hands-on session will only focus on the injection flaws and the attendees will get an in-depth understanding of the flaws arising from this vulnerability. The topics covered in the class are: 

SQL Injection 
XPATH Injection 
LDAP Injection 
Hibernate Query Language Injection 
Direct OS Code Injection 
XML Entity Injection 

During the two-days course, the attendees will have access to a number of challenges for each flaw and they will learn a variety of exploitation techniques used by the attackers in the wild. Identify, extract, escalate, execute; we have got it all covered. The following are the objectives of the course: 



  • Understand the problem of Injection Flaws 

  • Learn a variety of advanced exploitation techniques which hackers use 

  • learn how to fix these problems 


Speakers
avatar for Sumit Siddharth

Sumit Siddharth

Founder, NotSoSecure
Sumit Siddharth (Sid) is the founder of NotSoSecure (www.notsosecure.com), a specialist IT security firm delivering high-end IT security consultancy and Training. Prior to NotSoSecure, he worked as Head of Penetration Testing for a leading IT security company in the UK. He has more than 9 years of experience in Penetration Testing. Sid has authored a... Read More →


Tuesday June 24, 2014 14:00 - 18:00 BST
LAB006
 
Filter sessions
Apply filters to sessions.