AppSec Blog

Webcast on Manipulating Web Application Interfaces

Felipe Moreno will be giving a webcast on Groundspeed, a Firefox add-on that allows penetration testers to manipulate the interface of web applications in order to adapt it to penetration test needs, removing the annoying client-side limitations and making the test more efficient.

"Not much has changed since the beginning of the web application penetration testing in terms of process for performing manual input validation tests. Place a client proxy between the browser and the application, generate requests, intercept them and modify the HTTP parameters. It's true that we have seen some nice improvements at the client proxy level (compare the old Achilles to the last version of the Burp suite), but the general approach still remains the same. This webcast will propose a new way to look at input data and a new approach to manually test it."

Sign up here for the April 19 webcast!

https://www.sans.org/webcasts/manipulating-web-application-interfaces-93329

Post a Comment






Captcha


* Indicates a required field.