Description: Background: The Offensive (Web) Testing Framework (aka OWTF) is a free and opensource OWASP+PTES-focused tool. Its objective is to unite great tools and make pen testing more efficient. Full details available at http://owtf.org.
In this talk there will be a brief introduction to OWASP OWTF. This will be followed up with demos of the latest features up until the time of the conference (with special focus on the Brucon sponsored 5x5 development features before the conference) to help pen testers get the most out of this tool and/or provide them with new ideas to improve their pen testing process.
OWASP OWTF is a tool that tries to achieve a new level of efficiency and comprehensiveness by combining great standards (OWASP aligned, PTES in the to-do list), great tools, websites and knowledge in the public domain together with continuous reporting using an interactive report that allows the pen tester to analyse the information in a similar fashion to the thought process of a chess player.
OWASP OWTF intends to find an optimal balance between automation and human analysis so that the best of both worlds can be attained.
After an infosec honour mark at university, from 2000 until 2007 Abraham's contact with security was mostly from a defensive point of view: fixing vulnerabilities, source code reviews and vulnerability prevention at the design level as an application and framework architect.
From 2007 forward Abraham focused more on the offensive side of security with special focus on web app security.
In his spare time Abraham is the lead developer/architect of OWASP OWTF (http://owtf.org), an independent security consultant, a GIAC exam question writer and a security blogger (http://7-a.org).
Abraham also holds a number of information security certifications: CISSP, OSCP, GWEB, OSWP, CPTS, CEH, MCSE:Security, MCSA:Security, Security+
For more information, Abraham's CV can be found here:
http://dl.dropbox.com/u/55471795/LaHJZLtt23OhYAb8R2Aq7gO6aRE8CXPhXZWjqQaEreayZUk8nsXNh0B3HVLk.pdf
For More Inforamtion please visit : - https://appsec.eu/
Tags: securitytube , hacking , hackers , information security , convention , computer security , OWASP-AppsecEU13 ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.