Dive into a hands-on web hacking session with David Rhoades of MavenSecurity.com in this 45-minute conference talk from BSidesPhilly 2017. Explore the Web Security Dojo, learning installation and startup procedures before delving into a comprehensive walkthrough and demo. Gain practical insights into various web vulnerabilities, including cross-site scripting (reflected and persistent), browser exploitation frameworks, and SQL injection. Discover essential tools like Sequel Map and command-line utilities for database vulnerability assessment. Understand the process of writing custom code for web beacons and the impact of cross-site scripting. Conclude by experimenting with password cracking techniques and hashes in the Web Security Dojo environment.