SANS Webcast: Manipulating Web Application Interfaces

Complimentary security webcast today at SANS.org. Today, April 19, at 1:00 pm SANS presents “Manipulating Web Application Interfaces”:

Not much has changed since the beginning of the web application penetration testing in terms of process for performing manual input validation tests. Place a client proxy between the browser and the application, generate requests, intercept them and modify the HTTP parameters.

It’s true that we have seen some nice improvements at the client proxy level (compare the old Achilles to the last version of the Burp suite), but the general approach still remains the same. This webcast will propose a new way to look at input data and a new approach to manually test it. It will introduce Groundspeed, a Firefox add-on that allows the penetration tester to manipulate the interface of web applications in order to adapt it to the penetration test needs, removing the annoying client-side limitations and making the test more efficient.

– Felipe Moreno will present the webcast, he is a New York City security professional and a member of the Information Security Team at Markit Group. You need to register for the event before the webcast begins.

 

~ by D. Dieterle on April 19, 2010.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

 
%d bloggers like this: