<p>Hacking a web service generally isn't rocket science. But what if the web service requires messages to be sent using a binary protocol? What if it requires message level encryption but you don't have a key? These are just a few common scenarios you are likely to encounter when trying to attack a web service built with Windows Communication Foundation (WCF). Through a series of live demonstrations, the presentation will show how to identify and attack WCF web services.</p>
<p>Brian Holyfield is a founding member of Gotham Digital Science. He has worked in the information security industry for over 10 years, and specializes in software security. Brian is a frequent speaker at security conferences and a regular contributor on the GDS Security Blog. Brian has also contributed to books including "Network Security Tools" (O'Reilly), where he outlined techniques for automating the detection and exploitation of web application vulnerabilities.</p>