SQL injection. Cross-site scripting. Buffer overflow. These are just some of the most common methods attackers use to compromise Web applications. But how can infosec pros know how to prevent them if they don't know how they work?
In this video demo, learn how to use the OWASP Broken Web Apps project, which allows would-be pen testers to attack applications that are intentionally insecure in order to help them hone their skills at securing their own apps.
Want more demos of free security tools? Visit our screencast page.
About the speaker:
Mike McLaughlin is a penetration tester working for First Base Technologies, an information security consultancy in the UK. Mike's daily work consists of both internal and external network based penetration testing, Web application penetration testing, and social engineering.