Hackers of India

Web hacking Kung-Fu and Art of Defense

By  Shreeraj Shah  on 26 Sep 2005 @ Hitb Sec Conf

Abstract

Web attacks are on the rise and new methods of hacking are evolving. This presentation will cover new methodologies for web application footprinting, discovery and information gathering with a new range of tools.

Web applications are getting exploited using various new injection techniques like advanced SQL injection, LDAP query, XPATH goofing etc. All these new exploit methods will be discussed. The HTTP stack is changing in application frameworks like .NET. The stack can be utilized for defense using HTTP interfaces. Defense methodology for web applications are required to combat new threats emerging in the field.

This will be a deep-knowledge presentation that will be full of live demos, examples and new tools!