Web Hacking presented at BlackHatWindows 2001

by Saumil Udayan Shah, Jd Glaser,

Summary : Web hacking is the next generation of hacking "kung fu." The previous generation of hackers concentrated on operating systems and network protocols, but operating systems are getting more robust and resistant to attacks and network protocols are getting more secure. On the other hand, e-commerce technology is increasingly common and complex. Unfortunately, not enough effort has been spent on securing Web-based infrastructure. Join us for an eye-opening demonstration on what can go wrong with poorly secured Web applications, how severe the risks are, and how to protect yourself and your company from these Web ninjas.
We shall be covering vulnerabilities ranging from web server misconfigurations, improper URL parsing, application level vulnerabilities, Java application server hacking and some special advanced techniques.
Saumil provides information security consulting services to Foundstone clients, specializing in ethical hacking and security architecture. He is also featured as an instructor in Foundstone's Ultimate Hacking and Ultimate Web Hacking training programs. He holds a designation as a Certified Information Systems Security Professional (CISSP).
Saumil has had over 6 years of experience with system administration, network architecture, integrating heterogenous platforms and information security.
Prior to joining Foundstone, Saumil was a senior consultant with Ernst & Young LLP where he was responsible for their ethical hacking and security architecture solutions. For over a year, Saumil has performed numerous ethical hacking exercises for many significant companies in the IT arena. Saumil regularly contributes to the "Security Issues" column on CNet's Builder.com site. He has served as a technical editor for Hacking Exposed 2nd Edition, published by Osborne McGraw-Hill. Saumil has also authored a book titled "The Anti-Virus Book" published by Tata McGraw-Hill India.
Their Presentation! Talk #1 Hacking Exposed: E-commerce (PowerPoint 429k) Talk #2 Web Hacking (PowerPoint 305k)