Mutillidae - Jeremy Druin AIDE 2015 (Hacking Illustrated Series InfoSec Tutorial Videos)
Mutillidae
Jeremy Druin

 

Recorded at AIDE 2015

Presentation 1: Path Relative Style Sheet Injection: Strange but True

Abstract: Originally discussed by Gareth Heyes, PRSSI is a type of reflected cross site scripting that takes advantage of the difference in path parsing between browsers and web application servers. PRSSI allows cascading style sheet scripts to be injected via the URL path in a most interesting way.

Presentation 2: Introduction to the Mutillidae II Web Application Security Training Environment

Abstract: OWASP Mutillidae II is a free, open source, deliberately vulnerable web-application that can be installed on Linux and Windows. With dozens of vulnerabilities and hints to help the user; this is an easy-to-use web hacking environment designed for labs, security enthusiast, classrooms, CTF, and vulnerability assessment tool targets.

Bio: Jeremy Druin GISF, GSEC, GPEN, GXPN, GWAPT, GMOB, Sec+ Email: jeremy@ellipsisinfosec.com Twitter: @webpwnized Jeremy works as a internal pen-tester, application security consultant, and defect-remediation expert for a multi-national transportation logistic company. Jeremy is also the owner of Ellipsis Information Security assisting the community with these security services. Additionally Jeremy develops the open-source Mutillidae 2.x training environment and teaches on security topics. As a Director of Education for the Kentucky ISSA chapter, Jeremy presents on web application pentesting and remediation along with operating the "webpwnized" YouTube video channel. Jeremy has a Bachelors in Computer Science from Indiana University and is a GIAC-certified Web Application, Mobile and Network Pen-Tester.
 

Part 1:


Part 2:


Back to AIDE 2015 video list



If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2020, IronGeek