This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Projects/OWASP Zed Attack Proxy Project/Pages/Talks"

From OWASP
Jump to: navigation, search
Line 2: Line 2:
  
  
'''2014 November 22: Null, Bangalore: [http://swachalit.null.co.in/event_sessions/171-owasp-zap-tool-demo Marudhamaran Gunasekaran: OWASP ZAP Tool Demo]'''
+
'''2014 December 21: Skype: [http://weekendtesting.com/archives/3804 Dan Billing: WTEU-52 – Revealing security problems with OWASP ZAP]'''
  
The OWASP Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. Originally a fork of the Paros Proxy project, ZAP targets a wide range of software professionals right from a software developer to a penetration tester working on any platform that supports Java. Equipped with a myriad a features and support for custom addons, ZAP is fully documented in an easy to understand language.
+
If you were with us for WTEU-50 in October, you’ll remember that we took an introductory tour through the world of security testing. We analysed several different types of security vulnerability, and manually explored a demo application to see whether it was susceptible to these problems.
  
We would see a demonstration of how to set up and how to use it all.
+
On Sunday 21st, we’re taking things to the next level! We’re once again joined again by Dan Billing, who will be showing us how to use specialised (and often free) tools to help us uncover security weaknesses. These tools make it trivial to perform techniques such as fuzzing (automating different types of data injection) and scanning (monitoring application traffic for potential vulnerabilities) as part of your everyday test activities.
 +
 
 +
We’ll be conducting the session via Skype as usual. Dan will be sharing his screen with us for the duration of the session, so that you can follow along with his examples. Logistically, this means we’ll be running the session via a video call, although you won’t necessarily need to speak yourself – we’ll have the standard Skype text chat running alongside.

Revision as of 13:54, 15 December 2014

Upcoming Talks/Training:


2014 December 21: Skype: Dan Billing: WTEU-52 – Revealing security problems with OWASP ZAP

If you were with us for WTEU-50 in October, you’ll remember that we took an introductory tour through the world of security testing. We analysed several different types of security vulnerability, and manually explored a demo application to see whether it was susceptible to these problems.

On Sunday 21st, we’re taking things to the next level! We’re once again joined again by Dan Billing, who will be showing us how to use specialised (and often free) tools to help us uncover security weaknesses. These tools make it trivial to perform techniques such as fuzzing (automating different types of data injection) and scanning (monitoring application traffic for potential vulnerabilities) as part of your everyday test activities.

We’ll be conducting the session via Skype as usual. Dan will be sharing his screen with us for the duration of the session, so that you can follow along with his examples. Logistically, this means we’ll be running the session via a video call, although you won’t necessarily need to speak yourself – we’ll have the standard Skype text chat running alongside.