Denver July 2008 meeting

Topic: Grendel-Scan: Next Generation Open Source Web App Vulnerability Scanner
David Byrne and Eric Duprey delivered a pre-release of their latest work - Grendel-Scan. Grendel-Scan is a tool they developed to automate aspects of appsec testing.

Slide deck (PPT)

ISO of Live-CD environment

Note that the Live-CD environment used to demonstrate Grendel-Scan includes not only the vulnerability scanner, but also a vulnerable version of Xen-Cart, a popular OSS shopping cart application.

David and Eric will be presenting Grendel-Scan at Defcon '08 in Las Vegas. If you are attending DEFCON, please come to their presentation: Saturday, Track 4, 5:00-5:50PM.