MDSec are professional security consultants who have been performing web application penetration testing and training for more than a decade.
MDSec wrote the critically-acclaimed Web Application Hacker's Handbook series, which is the most deep and comprehensive general purpose guide to attacking and defending web applications that is currently available. The second edition of our book uses the MDSec lab exercises as practical examples throughout the book.
We have presented training courses on web application security at numerous high-profile venues around the world, including Black Hat, Syscan, Hack in the Box, Countermeasure, NullCon, RuxCon, DevSecCon and 44Con. Our online training labs are the product of many years of experience and feedback from delivering training courses at venues in the US, Europe, Asia, Australia and the Middle East.
We have led security teams at several consultancies, and have worked with all kinds of organizations to test and secure their web applications, including banks, retailers, governments and software developers.