Saturday, May 7, 2011

Web Hacking Video Series #1 Automating SQLi with Burp Extractor

After speaking with many penetration testers I have realized that web application hacking is a mystery for many testers who typically perform network based penetration testing but have no prior development knowledge. This post is the first in a series of Web Hacking Video Training posts that will attempt to show various techniques that prove useful in situations where you realize all avenues of attack are running across http based protocols. This is typical on external tests.