JD Glaser JDs Toolbox Fire and Ice
0Topics covered will be:
Overview of Web attacks
One-way attacks
SQL Entry points
Privilege escalation
Installing a web based sql command prompt
Back-end Database Enumeration tool
One Way SQL Web Hacking: SQL Web hacking is the next generation of hacking "kung fu." This talk expands on our previous web talks with new SQL techniques for taking apart an e-commerce site. Join us for an eye-opening demonstration on what can go wrong with poorly secured Web applications, how severe the risks are, and how to protect yourself and your company.
We shall be covering vulnerabilities ranging from web server misconfigurations, improper URL parsing, application level vulnerabilities, Java application server hacking and some special advanced techniques.
JD provides customized NT network security and audit tools for Foundstone. He specializes in Windows NT system software development and COM/DCOM application development. His most recent achievement was the successful formation of NT OBJECTives, Inc., a software company exclusively centered on building NT security tools. Since it's inception, over 100,000 of those security tools have been downloaded and put into practice. In addition, he has written several critical, unique intrusion audit papers on NT intrusion forensic issues. Currently, JD has been retained as a featured speaker/trainer for all the BlackHat Conferences on NT security issues.
Saumil provides information security consulting services to Foundstone clients, specializing in ethical hacking and security architecture. He holds a designation as a Certified Information Systems Security Professional (CISSP). Saumil has had over 6 years of experience with system administration, network architecture, integrating heterogenous platforms and information security, and has performed numerous ethical hacking exercises for many significant companies in the IT arena. Prior to joining Foundstone, Saumil was a senior consultant with Ernst & Young where he was responsible for their ethical hacking and security architecture solutions.
Saumil graduated from Purdue University with a Masters in Computer Science and a strong research background in operating systems, computer networking, information security and cryptography. At Purdue, he was a research assistant in the COAST (Computer Operations, Audit and Security Technology) laboratory. He got his undergraduate degree in Computer Engineering from Gujarat University, India. Saumil has also authored a book titled "The Anti-Virus Book" published by Tata McGraw-Hill India. Saumil has also worked at the Indian Institute of Management,
Black Hat - USA - 2002 Hacking conference
#hacking, #hackers, #infosec, #opsec, #IT, #security