Web Application Attack Surface Detector; Javascript Sniffers

This is a past event

51 people went

Location image of event venue

Details

Main Presentation - Attack Surface Detector: Open source tool (and related open source tools) for more efficient pen testing and OWASP ZAP integration

Short Topic - Javascript Sniffers and Client Side Attacks

6:30 - 6:45 pizza, announcements, news
6:45 - 7:10 Javascript Sniffer Exploits - Jim Weiler
7:15 - 8:15 Attack Surface Detector (Description below) - Vincent Hopson (CodeDX)

Quickbase Cambridge
150 Cambridgepark Dr.

Accessible from Alewife T station and Alewife T parking

pizza, salad and soda provided by Quickbase.

BIO - Vincent Hopson
I am an Embedded Software Engineer that has gone to the dark side (Sales Engineering). I’ve spent the last 20 or so years working in Software Security/Quality in a variety of Static Analysis companies, with a short stint in code defense systems. I relax by playing games (twitch or strategy), or flying my drone.

LinkedIn: https://www.linkedin.com/in/vincent-hopson-205b9a2/

Attack Surface Detector-
“The White Hat’s Advantage” explores classical “defense in depth”. Through a lens of World War I, we look into why it is important to know your attacker and plan defenses around that knowledge. Two tools from OWASP help in this regard; the Attack Surface Detector, and Code Pulse.

These tools help illuminate dark corners of your web application, and show you where your virtual cobwebs exist. Vincent will give a brief talk about their importance, and a demonstration.