Arpad Ray's PHPNW08 slides: Looking at websites from the perspective of potential attackers is a useful technique not only for security professionals. This talk demonstrates how to use simple PHP scripts to exploit many common security holes in PHP applications, hopefully giving developers a deeper understanding of what it is they are protecting against. * Getting around common precautions against SQL injection * Free spam with SMTP injection * Making a malicious website to exploit PHP sessions * The holes every attacker hopes for * Making use of a newly exploited website