Difference between revisions of "Front Range OWASP Conference 2013/Presentations/DevFu"

From OWASP
Jump to: navigation, search
(Created page with "===DevFu: The inner ninja in every application developer=== Many times we try to draw a distinct line between developers and penetration testers. This creates a barrier that ...")
 
 
Line 6: Line 6:
  
 
This presentation will go over the various aspects to the developer DevFu toolbox including: deep programming knowledge, ability to write scripts on the fly, common shortcuts and their pitfalls, speaking the language, and secure coding practices. We will go over specific examples of scripts that increase productivity and extend functionality of existing pen testing programs.
 
This presentation will go over the various aspects to the developer DevFu toolbox including: deep programming knowledge, ability to write scripts on the fly, common shortcuts and their pitfalls, speaking the language, and secure coding practices. We will go over specific examples of scripts that increase productivity and extend functionality of existing pen testing programs.
 +
 +
[[Media:Chrastil.pptx | Slides]]
 +
[https://vimeo.com/68082818 Video]
 +
<br>

Latest revision as of 12:43, 11 June 2013

DevFu: The inner ninja in every application developer

Many times we try to draw a distinct line between developers and penetration testers. This creates a barrier that developers often feel intimidated to cross. The truth is that developers have an innate ability and perspective to become great penetration testers themselves.

Developers in the security industry carry a unique toolset as ethical hackers / security consultants that sets them apart from traditional penetration testers. By incorporating these skills as developers and combining them with the understanding and experience of building applications, developers can take web application penetration testing a step further than the rest.

This presentation will go over the various aspects to the developer DevFu toolbox including: deep programming knowledge, ability to write scripts on the fly, common shortcuts and their pitfalls, speaking the language, and secure coding practices. We will go over specific examples of scripts that increase productivity and extend functionality of existing pen testing programs.

Slides Video