BSidesSF 2017 has ended
Back To Schedule
Sunday, February 12 • 1:30pm - 4:30pm
Exploiting Broken Webapps FULL

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
Limited Capacity full
Adding this to your schedule will put you on the waitlist.

Web applications can fail in a variety of ways, from Cross-Site Scripting to SQL Injection and more. Join us for a look at a variety of common web vulnerabilities, including Cross-Site Scripting, Cross-Site Request Forgery, Weak Authentication, Logic Errors, and more -- and an opportunity to test your web hacking skills against a simulated online bank. We’ll be covering the vulnerabilities from the ground up, but a basic understanding of web applications (i.e., HTTP, HTML, and JavaScript) and browsers would be useful background.

Participants will need to bring a laptop. Prior experience with server-side programming and an understanding of how web apps are built is recommended.


David Tomaschik

Senior Security Engineer, Google
David is a hacker with an interest in embedded devices and hardware security. He's currently a Senior Security Engineer at Google, working on security assessments and Red Teaming.

Sunday February 12, 2017 1:30pm - 4:30pm PST
DNA Lounge