Panda is back with a follow up on practical penetration testing of a web server / web application.
This is a continuation of their previous talk on Wordpress Security Review, and should be considered practical tips on testing only websites for which you yourself own the server instance, or you have been given explicit permission to test on. Act responsibly! 👍
+++
A walkthrough of hacking a webapp for standard users up to admins and devs. After the talk, I'll send out the slide deck, which will include links to references and resources. The talk will include
* Reconnaissance
* Identifying and exploiting vulnerabilities
* Recommended remediation for vulnerabilities identified
As part of the above,
* Tactics, techniques, and procedures (TTP)
* Tools used
