Session Abstract: In this talk, we will explore the mindset of an attacker and demonstrate what it looks like when an attacker views your application. Through a series of live demonstrations, Kevin, a seasoned security professional, will walk attendees through his thought process as he hacks a real application on stage. By examining different attack scenarios, including injection attacks, cross-site scripting, and privilege escalation, Kevin will demonstrate how an attacker can exploit vulnerabilities in your application and gain access to sensitive information. Additionally, he will highlight the most common mistakes developers make that make it easier for attackers to infiltrate the system.

Summary: This talk explores the attacker's mindset and demonstrates their perspective by walking through various attack scenarios. Attendees will gain insight into common vulnerabilities and learn to strengthen their defenses.

Additional Information: This talk is basically a real time attack against an application. I will be demonstrating attacks and walking people through my thought process. The goal is to teach them how to think about vulnerabilities in applications. I will be using open source tools entirely.