Explore a conference talk from OWASP AppSec California 2015 that introduces Hackazon, a modern vulnerable web application designed to replace outdated test apps. Learn about the challenges of testing contemporary web applications with AJAX interfaces, strict workflows, and RESTful APIs. Discover how Hackazon simulates real-world scenarios, requiring testers to handle classic web security issues alongside modern formats like JSON, XML, GwT, and AMF. Gain insights into the configurable vulnerability landscape and understand why traditional application security scanners may struggle with this new testing environment. Join Dan Kuykendall as he demonstrates Hackazon and discusses techniques for finding vulnerabilities across different interfaces and formats in this open-source project intended for OWASP contribution.
Overview
Syllabus
Hackazon: Stop hacking like its 1999 - Dan Kuykendall - OWASP AppSec California 2015
Taught by
OWASP Foundation
Related Courses
-
Wi-Fi Hacking for Web Pentesters
-
API Authentication's Poorly Implemented - Security Issues in Web APIs
-
Testing Modern Applications with Hackazon
-
Building an AppSec Program with a Budget of $0 - Beyond the OWASP Top 10
-
Mobile Rules the World - Jump into Mobile AppSec with the OWASP MAS Project
-
Squeezing the Last Drop Out of OWASP Juice Shop
