web app securitySecure Coding Course

Begin Learning Cyber Security for FREE Now!

FREE REGISTRATION
Already a Member Login Here

Home Forums Courses Secure Coding Course web app security

This topic contains 8 replies, has 5 voices, and was last updated by  s3crafcp 3 years, 2 months ago.

Viewing 9 posts - 1 through 9 (of 9 total)
  • Author
    Posts
  • #47185

    812teck
    Participant

    BSides DC 2015 – You can’t make web app security easy, but you can make it simple

    This presentation will cover both manual and automated testing methods for web application security vulnerabilities. The simple truth is that is it hard to do, and requires an in-depth Systems Administration background, Software Development background, and IT Security background. This presentation gives a detailed walk through of what it takes to perform a thorough web application security assessment with the expressed goal of making web app security test SIMPLE (since it is NOT easy) and most importantly FREE!

    The talk will walk through several firefox add-ons that can be helpful, several open source web application security testing tools, and Joe will be releasing a new FREE web application security testing tool as well.

    Joseph McCray (CEO at Strategic Security)
    Joe McCray is an Air Force Veteran and has been in IT Security for over 15 years so he is REALLY old. He doesn’t curse or drink as much as he used to, but he does know a thing or two about hacking.

    #47655

    Marcus.Flynn
    Participant

    Great post. Thanks, man.

    #47664

    812teck
    Participant

    Good video for Web App Testing beginners…learn the basics using Firefox then move on to Burp suite and other tools. He has additional videos that cover more advanced topics. This one got me interested in Web App Sec –

    #48192

    cybermo
    Participant

    Thanks for sharing.

    #48379

    RunningMan
    Participant

    Nice share.

    #48419

    812teck
    Participant

    Thank you and you’re welcome!

    #50693

    s3crafcp
    Participant

    Conference: How To Shot Web – Jason Haddix’s talk from DEFCON23
    Jason Haddix explores successful tactics and tools used by himself and the best bug hunters. Practical methodologies, tools and tips that make you better at hacking websites and mobile apps to claim those bug bounties.

    Slides: http://www.slideshare.net/bugcrowd/how-do-i-shot-web-jason-haddix-at-defcon-23

    Repository in github about this Methodology:

    https://github.com/jhaddix/tbhm

    And some tools mentioned in the conference:

    https://github.com/arvinddoraiswamy/mywebappscripts/tree/master/BurpExtensions
    https://github.com/cure53/flashbang
    https://github.com/bugcrowdlabs/maps
    https://github.com/intrigueio/intrigue-core
    https://github.com/debasishm89/burpy
    https://github.com/jhaddix/domain

    Enjoy!

    #50749

    812teck
    Participant

    @s3crafcp good stuff thanks for adding to this post

    #63562

    s3crafcp
    Participant

    @812teck You’re welcome!

Viewing 9 posts - 1 through 9 (of 9 total)

You must be logged in to reply to this topic.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Support Cybrary

Donate Here to Get This Month's Donor Badge

 

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel