Explore OWASP Top 10 vulnerabilities and learn practical exploitation techniques in this comprehensive BSides Augusta 2015 conference talk. Dive into topics such as components with known vulnerabilities, misconfigurations, sensitive data exposure, broken authentication, and session management. Discover how to identify and exploit insecure direct object references, path manipulation, and access control issues. Gain insights into cross-site request forgery, cross-site scripting, and various browser exploit tools. Learn about web penetration testing methodologies, including form submission analysis, Burp Suite usage, and Ajax manipulation. Investigate injection techniques, error message analysis, and database-related vulnerabilities. Master the art of crafting magic strings and understand the importance of proper input sanitization. Conclude with an exploration of command shell stored procedures and the risks of running applications as root.