Join Core Security, Ed Skoudis and Kevin Johnson of InGuardians, for a webcast discussing SQL and content injection. The webcast will also outline and run through a real-world scenario that demonstrates how these tools and attacks can be used directly in a penetration test.

The most effective web application pen testers expose the risks that vulnerabilities pose to the business, rather than just to the application itself. “The Art of Combining Web Pen Testing Techiques” series explores the art of replicating web attacks that take advantage of multiple vulnerabilities, revealing greater business risks than would be possible by simply analyzing vulnerabilities on an individual basis.

In this first webcast of the trilogy, Kevin Johnson and Ed Skoudis will discuss SQL and content injection. We will look at a number of powerful tools to assist in discovering these flaws, in addition to making exploitation simpler. 

In the second installment of the Invasion of the Browser Snatchers trilogy, Ed Skoudis and Kevin Johnson of InGuardians will examine the increasing use of third-party APIs in web applications. You’ll see how APIs, such as those used by FaceBook and MySpace, can affect your penetration tests. You’ll also learn how to collect information using Social Butterfly, a server-side tool that allows you to interact with third-party APIs.