Speaker: Pablo González Escribano.
Abstract: This talk introduces web pentesting, how it is performed, and why it remains relevant in modern applications. It discusses common assumptions about web security, professional pentesting methodologies, and analyzes real-world vulnerabilities such as IDOR, SQL Injection, XSS, and improperly used JWTs, explaining their causes, conditions, and impact.