Adria Richards sent some resources to follow up on her recent presentation:
As promised to attendees that night, here is the link to my presentation with resources and citations PLUS a list of videos I’ve located on YouTube demonstrating the attacks I discussed.
YouTube – SQL Injection into ecommerce site
YouTube – XSS into a forum
Article from (OWASP) - Insecure Direct Object Reference aka Sequential user ID’s and session cookies
Thanks again to Adria and don’t forget to catch her show on AskAdria.com
Thanks, David! I wish I’d been able to make Adria’s presentation, but having access to her presentation documents and resources will just have to be good enough!
Comment by Joe Dolson — May 26, 2009 @ 10:18 pm