Loading…
This event has ended. View the official site or create your own event → Check it out
This event has ended. Create your own
View analytic
Wednesday, May 10 • 13:00 - 17:00
Developer Summit

Sign up or log in to save this to your schedule and see who's attending!

Feedback form is now closed.

We are excited to announce the OWASP Developer Summit EU 2017. OWASP is providing a structured platform for Developers two full days prior to the AppSec EU 2017 conference. The Developer Summit will start with a full-day, hands-on developer session followed by two half day sessions geared towards learning about security vulnerabilities.

Come by yourself or grab a couple friends. The Developer Summit is FREE (no charge) for anyone who would like to participate and learn something new.

We just ask that you SIGN UP so we can get a head count to be sure we have enough space and food.


Day 2: Half Day Afternoon Session
Date: Wednesday, May 10th
Time: 1pm - 5pm
Presenters: Nicole Becher & Mordecai Kraushar

Attacking your web app 

There are some great OWASP projects that deal with both methodologies and tools for testing web sites. There may be even more to it! This workshop will provide the developer with a look at the offensive mindset an attacker has in attacking your web site

We will go through:

  • Using automated scanning tools against the app
  • Using ZAP we will look at a few things you can do as a proxy
  • Use sqlmap to enumerate and inject into databases
  • How to go after those non-technical app vulnerabilities

Requirements: 

  • On a Virtual Machine a recent copy of Kali
  • On a Virtual Machine a copy of the Broken Web Application Distribution
  • The OWASP Juice Shop project 

 



Trainers
avatar for Mordecai Kraushar

Mordecai Kraushar

CipherTechs
Mordecai Kraushar is Director of Audit for CipherTechs, a security solutions company based in New York City. He leads an OWASP project called Vicnum, (it is part of the OWASPBWA project) and which demonstrates vulnerabilities such as cross-site scripting, SQL injections and session management issues that are helpful to IT security analysts developing web security... Read More →



Wednesday May 10, 2017 13:00 - 17:00
Waterfront Center: Hall 1B

Attendees (4)