OWASP AppSec DC 2012/Python Basics for Web App Pentesters Part 2

From OWASP
Jump to: navigation, search

AppSecDC-468x60-banner-2012.jpg

Registration Now OPEN! | Hotel | Schedule | Convention Center | AppSecDC.org

The Presentation

Join me again and take a break from those talks that overstimulate your brain with cool technical details but provide little use to your day to day job. Part two of this talk STILL has none of that. We are going to continue your lessons in python and teach you more python skills to use in your pentests. Join one of the SamuraiWTF project leads and learn how to interact with websites using python scripts and python shells. This time we'll be building on the various HTTP requests you learned the first round and be focusing one how you can effectively use those requests in your own custom python tools. We'll cover more regular expresses, cover the ins and outs of multi-threaded operations, and discuss the best ways to analyze all those results. We'll also revisit the PyCIT and the new templates that have been added.
By the way, don't forget your laptop if you want to follow along.  ;-)

The Speakers

Justin Searle

AppSecDC12-Searle.jpg
Justin Searle is a Managing Partner of UtiliSec, specializing in Smart Grid security architecture design and penetration testing. Justin led the Smart Grid Security Architecture group in the creation of NIST Interagency Report 7628 and currently plays key roles in the Advanced Security Acceleration Project for the Smart Grid (ASAP-SG), National Electric Sector Cybersecurity Organization Resources (NESCOR), and Smart Grid Interoperability Panel (SGIP). Justin has taught courses in hacking techniques, forensics, networking, and intrusion detection for multiple universities, corporations, and security conferences, and is currently an instructor for the SANS Institute. In addition to electric power industry conferences, Justin frequently presents at top security conferences such as Black Hat, DEFCON, OWASP, and AusCERT. Justin co-leads prominent open source projects including the Samurai Web Testing Framework, Middler, Yokoso!, and Laudanum. Justin has an MBA in International Technology and is a CISSP and SANS GIAC certified Incident Handler (GCIH), Intrusion Analyst (GCIA), and Web Application Penetration Tester (GWAPT).

Gold Sponsors

Aspect logo owasp.jpg AppSecDC2009-Sponsor-securicon.gif AppSecDC2009-Sponsor-mandiant.gif AppSecDC2012-ISC2.gif

Silver Sponsors

SPL-LOGO-MED.png

Small Business

AppSecDC2012-Sponsor-sideas.gif BayShoreNetworks.png

Exhibitors

link=http://www.codenomicon.com/ Codenomicon WhiteHat Logo.png AppSecDC2012-HP.jpg WSI - Logo.jpg