Explore the intricacies of reverse engineering web applications in this 50-minute conference talk from LASCON 2011. Delve into testing guidelines, information gathering techniques, and the assessment phase. Examine various web development concepts including page controllers, query strings, Ruby, and front controllers. Analyze URL rewrite patterns and technology intersections to understand application behavior. Learn about psychoanalysis techniques, encoding types, and complex data structures in web applications. Discover how to interpret source code, exceptions, and timing patterns. Gain valuable insights on testing tips, asking the right questions, and removing metadata to enhance your web application security assessment skills.