I recently gave a talk on common web vulnerabilities with my colleague Scott Kirkland (see a link to his blog on the right) at the 2011 IT Security Symposium at UC Davis. If you attended the session, hope you enjoyed it! Otherwise we’ve posted the demo and the slide deck on Github.
We covered topics such as SSL, SQL Encryption, Cross Site Scripting (XSS), Cookie Policies, Html Encoding, Cross Site Request Forgery (CSRF) and Insecure Direct Object Reference.
The demo is also bundled with Scott’s talk on Data Validation and Html5.
You can find the demo and slides here.