Explore two open-source OWASP tools designed to enhance the efficiency and comprehensiveness of white box penetration testing in this 47-minute conference talk from AppSecCali 2019. Learn how OWASP Code Pulse uses glass box testing techniques to provide real-time code coverage feedback, helping testers maximize their testing coverage and communicate useful metrics. Discover the Attack Surface Detector, which performs static code analysis to identify web application endpoints, parameters, and datatypes, integrating with Burp Suite and OWASP ZAP for rapid dynamic testing. Gain insights into recent features, major releases, and participate in a Q&A session to provide feedback on these tools' effectiveness and potential improvements for penetration testing needs.
Open-Source OWASP Tools for Enhancing Penetration Testing Coverage
Overview
Syllabus
AppSecCali 2019 - Open-source OWASP tools to aid in penetration testing coverage
Taught by
OWASP Foundation
Related Courses
-
Open-Source OWASP Tools for Enhanced Penetration Testing Coverage - 2018
-
Web Hacker's Toolbox - Tools Used by Successful Hackers
-
Getting Started with OWASP Zed Attack Proxy (ZAP) for Web Application Penetration Testing
-
Improving Penetration Testing Efficiency with OWASP Code Pulse and Attack Surface Detector
-
Web Application Security Testing with OWASP ZAP
-
Ethical Hacking 101: Web App Penetration Testing - a full course for beginners
4.6
