This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "WXf: Web Exploitation Framework"
Dallendoug (talk | contribs) (added link header) |
Mark.bristow (talk | contribs) (→The speaker) |
||
| Line 11: | Line 11: | ||
Web Exploitation Framework (“wXf”) is written in Ruby and was originally an idea as a module for Rapid 7’s Metasploit but the idea quickly outgrew a network exploitation framework. Instead, we designed a core that focuses on the web standards along with exploits & payloads designed specifically for defeating web application protections. wXf maintains somewhat of the look and feel of Metasploit but the code is entirely different. Our goal is to have a security professional familiar with the Metasploit framework using wXf in under 10 minutes. | Web Exploitation Framework (“wXf”) is written in Ruby and was originally an idea as a module for Rapid 7’s Metasploit but the idea quickly outgrew a network exploitation framework. Instead, we designed a core that focuses on the web standards along with exploits & payloads designed specifically for defeating web application protections. wXf maintains somewhat of the look and feel of Metasploit but the code is entirely different. Our goal is to have a security professional familiar with the Metasploit framework using wXf in under 10 minutes. | ||
| − | == The | + | == The speakers == |
| + | |||
| + | Ken Johnson's bio will be posted shortly. | ||
| + | |||
| + | Chris Gates (CG/carnal0wnage) is currently the Network Attack Team Lead for Applied Security Inc. and is a member of the Metasploit Project and Attack Research. He enjoys business logic flaws, misconfigured databases and the occasional client-side attack. He has spoken at various other security conferences including BlackHat USA, Defcon, CSI 2009, Brucon, SOURCE Boston, Toorcon, Notacon, and Chicagocon. | ||
| − | |||
[[Category:AppSec_DC_2010_Presentations]] [[Category:OWASP_Conference_Presentations]] | [[Category:AppSec_DC_2010_Presentations]] [[Category:OWASP_Conference_Presentations]] | ||
Revision as of 21:32, 20 October 2010
Registration | Hotel | Walter E. Washington Convention Center
The presentation
Several web application security centric frameworks have come and gone that were intended to address this challenge. The goal of Web Exploitation Framework (wXf) is to take the experience of using these tools, the perceived shortcomings and build something that is easy to use, install and extend.
Web Exploitation Framework (“wXf”) is written in Ruby and was originally an idea as a module for Rapid 7’s Metasploit but the idea quickly outgrew a network exploitation framework. Instead, we designed a core that focuses on the web standards along with exploits & payloads designed specifically for defeating web application protections. wXf maintains somewhat of the look and feel of Metasploit but the code is entirely different. Our goal is to have a security professional familiar with the Metasploit framework using wXf in under 10 minutes.
The speakers
Ken Johnson's bio will be posted shortly.
Chris Gates (CG/carnal0wnage) is currently the Network Attack Team Lead for Applied Security Inc. and is a member of the Metasploit Project and Attack Research. He enjoys business logic flaws, misconfigured databases and the occasional client-side attack. He has spoken at various other security conferences including BlackHat USA, Defcon, CSI 2009, Brucon, SOURCE Boston, Toorcon, Notacon, and Chicagocon.
