Everyone should be a little bit worried about security of their site, and at conferences lots of security talks focus on practical steps people can take. In this talk Tim will flip the norms and instead focus on several real examples of sites being hacked but from the attackers perspective. We will see the whole attacks from the bad actors view identifying targets, analysing vulnerable sites, adding payload, exploiting in doing so showing how sites are infected, how some tools do prevent certain attacks and how clever and indeed not so clever bad actors can circumvent lots of hardening done.
Each step we can analyse what could have been put in place to prevent and frustrate the attack and then look at how this can be implemented on your site.