Learn about advanced web application security techniques in this 42-minute conference talk from BSides Las Vegas 2012. Explore the lifecycle of exploits, specific attacks against software, and PHP-CGI remote code execution. Dive into attack response strategies, incident handling, and auditing practices, including file system monitoring and cleanup techniques. Examine attacker motivations, backdoor evolution, and methods for detecting and analyzing malicious code. Gain insights into .htaccess infections, IP address tracking, and advanced backdoor techniques such as variable function calls. Enhance your web security knowledge with practical examples and recommendations for further reading.