VSA: The Virtual Scripted Attacker, Brucon 2012
XXE Exposed: SQLi, XSS, XXE and XEE against Web Services
Silent web app testing by example - BerlinSides 2011
OWASP OWTF - Summer Storm - OWASP AppSec EU 2013
Pentesting like a grandmaster BSides London 2013
BruCon 2011 Lightning talk winner: Web app testing without attack traffic
Legal and efficient web app testing without permission
Introducing OWASP OWTF Workshop BruCon 2012
Offensive (Web, etc) Testing Framework: My gift for the community - BerlinSides 2011