Talk Resources
Reversing the Web
If all of security testing is, first and foremost, a visibility problem— reverse engineering how a website/ecosystem works is an important step when source code and other options aren’t available. If you want to have better findings, and more reliable exploits, this talk series will help:
Resources:
Breaching Webservers
Web applications are a primary means to breaching a company’s external network. It is a high-value goal for both malicious actors and security professionals to gain this valuable foothold. But how do you get from mere web application vulnerabilities to the compromise of a server? Common testing guidelines provide you a check list of items to test for, but very few show you how to utilize vulnerabilities to achieve testing goals. This talk is all about taking over webservers.
Resources:
Toorcon 2014 (slides)