from Core Security Technologies

Register below for this free webcast on Tuesday, June 30, 2009 at 2pm EDT / 11am PDT GMT -4:00, New York. Upon registering, you’ll receive an email confirmation containing teleconference and login information. A recording of the webcast will be sent to everyone who registers, so be sure to sign up even if you can’t make the live session.

About this webcast:
The most effective web application pen testers expose the risks that vulnerabilities pose to the business, rather than just to the application itself. “The Art of Combining Web Pen Testing Techiques” series explores the art of replicating web attacks that take advantage of multiple vulnerabilities, revealing greater business risks than would be possible by simply analyzing vulnerabilities on an individual basis.

In this first webcast of the trilogy, Kevin Johnson and Ed Skoudis will discuss SQL and content injection. We will look at a number of powerful tools to assist in discovering these flaws, in addition to making exploitation simpler.

The webcast will also outline and run through a real-world scenario that demonstrates how these tools and attacks can be used directly in a penetration test. The scenario will illustrate the use of SQL injection to insert content on a website that will, in turn, give the tester full control of the selected in-scope browsers and systems that access the target site.