3. cross-site scripting cross-site request forgery information disclosure denial of service distributed denial of service remote code execution code injection SQL injection Typical web application attacks
4. Vulnerability scanners Botnet scanners Google and Yahoo How attackers find vulnerable apps
5. Full Disclosure Security Mailing Lists www.exploit-db.com www.securityfocus.com packetstormsecurity.org Where attackers find their exploits
6. Try Gruyere http://google-gruyere.appspot.com/ Life cycle of a web attack
7. Joomla exploit -> http://www.joomlaexploit.com/ Joomla YJ Contact us Component Local File Inclusion Vulnerability -> http://www.exploit-db.com/exploits/18033/ Proof of Concept: http://localhost/[path]/ index.php?option=com_yjcontactus & view=../../../../../../../../../../../../../../etc/passwd%00 Google it, and crack them.... Using google as a “hacker” :)
9. Nmap - port scanner Hping2,3,4 - port scanner and packet generator Nessus - comprehensive security analysis tool I LOVE IT! I HATE THEM!!! Snort -Traffic analyzer with a lot of plug-ins Wireshark - Traffic analyzer Other general security tools
10. It is pretty easy to crack web apps these days :) And most of the work is already done by someone else! :( Conclusion