The October HackFormers meeting will be held on October 12, 2012 and is free and open to all.
Lunch will be provided at no cost to attendees. Just register and show up!
Seating is limited, so please Register!
Meeting details are given below.
Speaker: Mano ‘dash4rk’ Paul
CEO, SecuRisk Solutions and Express Certifications
Date: October 12, 2012
Time: 12:00 – 1:00 p.m. with introductions beginning at 11:30 a.m.
Venue: Microsoft Technology Center at Quarry Oaks 2.
Address: 10900 Stonelake Blvd. Suite 225. Austin, TX 78759
Topic: SQL Injection and Soul Injection Attacks
Abstract: Take hacking attacks by hacktivist groups such as Anonymous or Lulzsec or for that matter any security breach prevalent today and more often than not, you are going to find hackers are exploiting vulnerabilities in applications that have been around for a while now. Injection flaws is one such class of vulnerability. The OWASP Top 10 lists Injection attacks as the top most risk in applications today. Although SQL injection is rampant, injection flaws are not limited to just backend data stores, but operating systems, directory stores and XML documents as well.
In this special HackFormers AppSec edition meeting, Mano Paul will cover the different types of injection flaws and demonstrate SQL injection in depth, in the first part of his talk. The demo will show how a hacker will go about attempting to exploit an injection vulnerability, highlight the anatomy of a SQL injection attack and showcase the various impacts upon a successful breach. Effective mitigation strategies that you can implement to build highly secure software will be discussed.
The second part of the talk will focus on faith and life issues and how injection attacks are possible and conducted against one’s soul. It will focus on controls that one needs to be adopt to secure one’s soul and draw the parallel from SQL injection to soul injection. How prepared are you to deal with either?