Just for the benefit for anyone who is not familiar with course content, the topics which might be of interest to them which the course covers:
Oracle SQLI- how do execute code, how to do priv esc from web app, OOB
extraction might be of interest to you. Examples of burp pro missing
SQLI. Injection in order by/group by, 2nd order injection etc.
Stuff on XPATH is pretty awesome. I will show a new attack with which
you can not just read any arbitrary XML file on system but any file
with any extension.
LDAP- some really good example of auth bypass and blind ldap tool.
XXE- not too new stuff but good pointer on where to look for these.
Direct code injection- examples of recent ruby on rail and other
framework issues such as expression query language injection etc
Hope to meet some of the fellow ethicalhacker members at Black hat!