Web Admin Blog

Real Web Admins. Real World Experience.

Entries Tagged ‘penetration’

Assessing Your Web App Manually Without Hacking It

After giving my presentation on “Using Proxies to Secure Applications and More” at the TRISC 2009 conference, I decided to attend the presentation by Robert “RSnake” Hansen and Rob MacDougal entitled “Assessing Your Web App Manually Without Hacking It”.  The gist of this presentation was that with a few simple tools (Web Developer Toolbar, NoScript, […]

Cryptography for Penetration Testers – OWASP AppSec NYC 2008

This presentation was on “Cryptography for Penetration Testers” and was by Chris Eng, the Senior Director of Security Research at VeraCode. The Premise How much do you really have to know about cryptography in order to detect and exploit crypto weaknesses in web apps. Goals Learn basic techniques for identifying and analyzing cryptographic data Learn […]

Mastering PCI Section 6.6 – OWASP AppSec NYC 2008

This presentation is by Jacob West in the Security Research Group and Taylor McKinsley in Product Marketing from Fortify software.  I’d like to note that Fortify is a developer of a source code analysis tool and so this presentation may have a bias towards source code analysis tools. 56% of organizations fail PCI section 6.  […]