Difference between revisions of "Pen Testing with Iron"

From OWASP
Jump to: navigation, search
(Created page with '== The presentation == rightBy taking advantage of the new Dynamic Language Runtime (DLR) from Microsoft, many challenges in pen testing .NET ba…')
 
 
(One intermediate revision by one user not shown)
Line 1: Line 1:
 +
[[Image:468x60-banner-2010.gif|link=http://www.owasp.org/index.php?title=OWASP_AppSec_DC_2010]]
 +
 +
[https://guest.cvent.com/EVENTS/Register/IdentityConfirmation.aspx?e=d52c6f5f-d568-4e16-b8e0-b5e2bf87ab3a Registration] | [https://resweb.passkey.com/Resweb.do?mode=welcome_gi_new&groupID=2766908 Hotel] | [http://www.dcconvention.com/ Walter E. Washington Convention Center]
 +
<br>
 
== The presentation  ==
 
== The presentation  ==
  
Line 7: Line 11:
 
Additionally, since the DLR has nearly full support for running python and ruby applications, many familiar pen testing tools can be brought into an engagement to further enhance the testing of .NET applications.
 
Additionally, since the DLR has nearly full support for running python and ruby applications, many familiar pen testing tools can be brought into an engagement to further enhance the testing of .NET applications.
  
== The speaker  ==
+
== Andrew Wilson ==
 
+
Speaker bio will be posted shortly.
+
  
 +
Andrew Wilson is a Security Consultant at Trustwave. He is a member of Trustwave's SpiderLabs - the advanced security team focused on penetration testing, incident response, and application security. He has over 9 years experience building and securing software for a variety of companies. Andrew specializes in application security assessment, penetration testing, threat modeling and secure development life cycle. Andrew is active in the developer and security community as a speaker, a trainer, and as a leader of the Phoenix OWASP & Azure user groups. Andrew is recognized as a Microsoft MVP in Windows Azure.
 
[[Category:AppSec_DC_2010_Presentations]] [[Category:OWASP_Conference_Presentations]]
 
[[Category:AppSec_DC_2010_Presentations]] [[Category:OWASP_Conference_Presentations]]

Latest revision as of 15:43, 20 October 2010

468x60-banner-2010.gif

Registration | Hotel | Walter E. Washington Convention Center

The presentation

Owasp logo normal.jpg
By taking advantage of the new Dynamic Language Runtime (DLR) from Microsoft, many challenges in pen testing .NET based applications are greatly simplified. The combination of dynamic and static languages drives toward a best of breed approach in testing .NET applications.

This talk will focus on practical methods of testing WCF services, Silverlight, and connected WPF Desktop applications using Python or Ruby via the Microsoft Iron* language ports. Specific topics covered will include increasing code visibility, simplified service proxy calls and overriding application behavior dynamically.

Additionally, since the DLR has nearly full support for running python and ruby applications, many familiar pen testing tools can be brought into an engagement to further enhance the testing of .NET applications.

Andrew Wilson

Andrew Wilson is a Security Consultant at Trustwave. He is a member of Trustwave's SpiderLabs - the advanced security team focused on penetration testing, incident response, and application security. He has over 9 years experience building and securing software for a variety of companies. Andrew specializes in application security assessment, penetration testing, threat modeling and secure development life cycle. Andrew is active in the developer and security community as a speaker, a trainer, and as a leader of the Phoenix OWASP & Azure user groups. Andrew is recognized as a Microsoft MVP in Windows Azure.