Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

HTTP Time Bandit - Identifying Web Application Performance Bottlenecks

OWASP Foundation via YouTube

Overview

Explore a comprehensive conference talk on identifying web application performance bottlenecks and potential security vulnerabilities through HTTP request analysis. Learn about the HTTP Time Bandit tool, designed to pinpoint resource-consuming pages in web applications by submitting a series of regular requests and analyzing the gathered data. Discover how this information can be used for both performance optimization and potential DOS/DDOS attacks. Gain insights into the tool's testing and attacking capabilities through live demonstrations on various targets. Delve into topics such as exotic authority, formal methods, Linux examples, graph symmetry, load balancers, proxy servers, protection services, baseline security, and resource consumption. Understand the motivations behind this approach, evasion techniques, and recommended usage scenarios. Examine the implications for CPU-intensive processes and explore potential future developments in this field.

Syllabus

Introduction
Who are we
Agenda
Why do we do this
Taxonomy
Exotic Authority
Proposed Method
Formal Method
Linux
Example
Graph
symmetric nature
attack
testing
other tools
what do we do
load balancers
a proxy
protection services
baseline
security
maximum connections
mod2s
settingstart
Resource Consumption
Motivation
Evasion
Honeypot
Recommended Usage
Bad Times Many
Whats Next
Tools
Paper summation
CPU hogs
Conclusion

Taught by

OWASP Foundation

Reviews

Start your review of HTTP Time Bandit - Identifying Web Application Performance Bottlenecks

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.