Projects/OWASP Zed Attack Proxy Project/Pages/Talks
2014 December 21: Skype: Dan Billing: WTEU-52 – Revealing security problems with OWASP ZAP
If you were with us for WTEU-50 in October, you’ll remember that we took an introductory tour through the world of security testing. We analysed several different types of security vulnerability, and manually explored a demo application to see whether it was susceptible to these problems.
On Sunday 21st, we’re taking things to the next level! We’re once again joined again by Dan Billing, who will be showing us how to use specialised (and often free) tools to help us uncover security weaknesses. These tools make it trivial to perform techniques such as fuzzing (automating different types of data injection) and scanning (monitoring application traffic for potential vulnerabilities) as part of your everyday test activities.
We’ll be conducting the session via Skype as usual. Dan will be sharing his screen with us for the duration of the session, so that you can follow along with his examples. Logistically, this means we’ll be running the session via a video call, although you won’t necessarily need to speak yourself – we’ll have the standard Skype text chat running alongside.