edwardmccaughan wants to give this talk

live demos of common security hacks

demonstration sql injection, xss, csrf, cookie stealing etc. against a deliberately insecure rails app.

I can do it in august, september or october

current code is at https://github.com/edwardmccaughan/unsecuring_rails , suggestions for hacks to try or pull requests for your own hacks are very welcome!