I'll be doing a live webinar on Application Vulnerability Analysis on February 8 at 2PM EST - 1 month from today - and it will be a lot of fun! You can hang out in the afternoon and hack some stuff, at least the east coast folks. West coast people can start their afternoon early. Europe - you are on your own. India - you should be sleeping.
Here is the link:
We'll talk about a few principles and then work through using an attack proxy to look for insecure direct object references, forced browsing, injection vulnerabilities, and whatever else comes to mind.
Thanks to WintellectNOW for having me on.
Hop to see you there!