Shreeraj Shah
April 21, 2005
Presentation Title: Web hacking Kung-Fu and Art of Defense
Presentation Details: Web attacks are on the rise and new methods of hacking are evolving. This presentation will cover new methodologies for web application footprinting, discovery and information gathering with a new range of tools.
Web applications are getting exploited using various new injection techniques like advanced SQL injection, LDAP query, XPATH goofing etc. All these new exploit methods will be discussed. The HTTP stack is changing in application frameworks like .NET. The stack can be utilized for defense using HTTP interfaces. Defense methodology for web applications are required to combat new threats emerging in the field.
This will be a deep-knowledge presentation that will be full of live demos, examples and new tools!
About Shreeraj:
Shreeraj Shah is founder and director of Net-Square. He has five years of experience in the field of security with a strong academic background. He has experience in system security architecture, system administration, network architecture, web application development, security consulting and has performed network penetration testing and application evaluation exercises for many significant companies in the IT arena. Shreeraj graduated from Marist College with a Masters in Computer Science, and has a strong research background in computer networking, application development, and object-oriented programming. He received his Bachelor’s degree in Engineering, Instrumentation and Control from Gujarat University, and an MBA from Nirma Institute of Management, India.
Shreeraj is the co-author of “Web Hacking: Attacks and Defense†published by Addison Wesley. He has published several advisories, tools, and white papers as researcher, and has presented at conferences including HackInTheBox, RSA, Blackhat, Bellua, CII, NASSCOM etc. You can find his blog at http://shreeraj.blogspot.com/.