Injectable Exploits: Two New Tools for Pwning Web Apps and Browsers
Kevin Johnson is a Senior Security Analyst with InGuardians. Kevin came to security from a development and system administration background. He has many years of experience performing security services for fortune 100 companies, and in his spare time contributes to a large number of open source security projects. Kevin founded and leads the development on B.A.S.E. (the Basic Analysis and Security Engine) project. The BASE project is the most popular web interface for the Snort intrusion detection system. Kevin is an instructor for SANS, teaching both the Incident Handling and Hacker Techniques class and the Web Application Penetration Testing and Ethical Hacking class, which he is the author. He has presented to many organizations, including Infragard, ISACA, ISSA, RSA and the University of Florida.
Justin Searle, a Senior Security Analyst with InGuardians, specializes in penetration testing and security architecture. Previously, Justin served as JetBlue Airway's IT Security Architect and has provided top-tier support for the largest supercomputers in the world. Justin has taught hacking techniques, forensics, networking, and intrusion detection courses for multiple universities and corporations. Justin has presented at top security conferences including DEFCON, ToorCon, ShmooCon, and SANS. In his rapidly dwindling spare time, Justin co-leads prominent open source projects including The Middler, Samarai Web Testing Framework, and the social networking pentest tools: Yokoso! and Laudnum. He is actively working to finish the upcoming bestseller the Seven Most Deadly Social Network Hacks, with Tom Eston of the Security Justice Podcast, and Kevin Johnson of InGuardians. Justin has an MBA in International Technology and is CISSP and SANS GIAC-certified in incident handling and hacker techniques (GCIH) and intrusion analysis (GCIA). Frank DiMaggio is a manager of the Intel server team with a large insurance company in the South East. He has been in a systems administration role for over 18 years, working with small and medium sized businesses in North Florida. His experience is with Microsoft, Novell and Linux Operating Systems. In his spare time he contributes to open source security projects such as BASE, SamuraiWTF and Yokoso!