This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Front Range OWASP Conference 2013/Presentations/DevFu"
Mark Major (talk | contribs) (Created page with "===DevFu: The inner ninja in every application developer=== Many times we try to draw a distinct line between developers and penetration testers. This creates a barrier that ...") |
Jess Garrett (talk | contribs) |
||
| Line 6: | Line 6: | ||
This presentation will go over the various aspects to the developer DevFu toolbox including: deep programming knowledge, ability to write scripts on the fly, common shortcuts and their pitfalls, speaking the language, and secure coding practices. We will go over specific examples of scripts that increase productivity and extend functionality of existing pen testing programs. | This presentation will go over the various aspects to the developer DevFu toolbox including: deep programming knowledge, ability to write scripts on the fly, common shortcuts and their pitfalls, speaking the language, and secure coding practices. We will go over specific examples of scripts that increase productivity and extend functionality of existing pen testing programs. | ||
| + | |||
| + | [[Media:Chrastil.pptx | Slides]] | ||
| + | [https://vimeo.com/68082818 Video] | ||
| + | <br> | ||
Latest revision as of 17:43, 11 June 2013
DevFu: The inner ninja in every application developer
Many times we try to draw a distinct line between developers and penetration testers. This creates a barrier that developers often feel intimidated to cross. The truth is that developers have an innate ability and perspective to become great penetration testers themselves.
Developers in the security industry carry a unique toolset as ethical hackers / security consultants that sets them apart from traditional penetration testers. By incorporating these skills as developers and combining them with the understanding and experience of building applications, developers can take web application penetration testing a step further than the rest.
This presentation will go over the various aspects to the developer DevFu toolbox including: deep programming knowledge, ability to write scripts on the fly, common shortcuts and their pitfalls, speaking the language, and secure coding practices. We will go over specific examples of scripts that increase productivity and extend functionality of existing pen testing programs.
