This talk will will cover web application attack basics to get any n00b started on the path of web app pentesting. Specifically we will cover cross site scripting attacks in javascript, sql injections with a mysql backend, and remote/local file inclusions within PHP. Others people that may join us through the presentation will be Alex Heid, Rod Soto, p33p33, chatters, and a few other special friends of the fish.
Terrence “Tuna” Gareau, Principal Research Scientist for Prolexic Technologies, began his IT security career more than 10 years ago. His experience encompasses enterprise security in addition to distributed denial of services (DDoS) expertise, and he has mitigated some of the Internet’s largest DDoS attacks for both government agencies and private enterprises. Tuna is a leader for architecture, engineering and research teams, creating solutions to protect client networks, establishing security testing policies, network and digital forensics, and serving as the subject matter expert for multiple private and government organizations. His past experience includes work at the Food and Drug Administration (FDA) and Chickasaw Nations Industries. A recognized expert in DDoS attack mitigation, Tuna has shared his knowledge at Defcon, NoVa Hackers, NIH, FDA, and other organizations.