Assessing the security posture of a web application is a common project for a penetration tester and a good skill for developers to know. In this talk, We’ll go over the different stages of a web application pen test, from start to finish.

He’ll start with tools used during the discovery phase to utilize OSINT sources such as search engines, sub-domain brute-forcing and other methods to help you get a good idea of targets “footprint”, all the way to tools used for fuzzing parameters to find potential SQL injection vulnerabilities. We’ll also discuss pro-tips and tricks that we use while conducting a full application penetration assessment. After this talk, you should have a good understanding of what is needed as well as where to start on your journey to hacking web apps.

Details:

Date: Saturday - May 17
Time: 13:00
Length: minutes
Location: Grand Ballroom C

Speakers:

Tim Roberts

Tim is a Sr. Security Consultant within NTT Security’s Threat Services group. He has spoken at national, international …

Brent White

Brent is an Sr. Security Consultant at NTT Security as well as a Trusted Advisor for the Tennessee Department of Safety …