Webapp Pentesting: Just Enough Scripting w/ BB King | 1-Hour

Описание к видео Webapp Pentesting: Just Enough Scripting w/ BB King | 1-Hour

🛝Slides and extra bits for this webcast -
https://www.blackhillsinfosec.com/wp-...

TL;DR
In this webcast, we'll look at a few open source tools that form a strong basis for smart scripting in a webapp pentest.

On a webapp or API pentest, scanners and generic scripts are great, but they can only help so much. If you let them form the foundation of your test, you are going to miss the most interesting and damaging vulnerabilities. To come up with creative and useful attacks, you need to understand the target. That only happens when you use the application as a human would: by hand, methodically, thoroughly, and with the eyes of an attacker.

Комментарии

Информация по комментариям в разработке