Explore two innovative OWASP tools designed to enhance web application penetration testing efficiency in this 34-minute conference talk. Learn how Code Pulse provides real-time code coverage feedback during testing, allowing testers to maximize application server code coverage and compare tool performance. Discover the Attack Surface Detector, which uses static code analysis to identify web application endpoints, parameters, and datatypes, integrating seamlessly with Burp Suite and OWASP ZAP for rapid dynamic testing. Gain insights into recent features, witness tool demonstrations, and participate in a Q&A session to understand how these tools can improve your specific testing needs and contribute to building more secure applications.
Improving Penetration Testing Efficiency with OWASP Code Pulse and Attack Surface Detector
Overview
Syllabus
Introduction
Agenda
Whitehat penetration testing
Penetration testing workflow
Attack surface
Open window
Web applications
Code Pulse
What is Code Pulse
How Code Pulse works
Coverage scenario
Live demonstration
The problem
The solution
How it works
Supported frameworks
Available today
Attack Surface Detector
Complex Application
Commandline Interface
Questions
QA
Taught by
OWASP Foundation
Related Courses
-
Getting Started with OWASP Zed Attack Proxy (ZAP) for Web Application Penetration Testing
-
Open-Source OWASP Tools for Enhancing Penetration Testing Coverage
-
Ethical Hacking 101: Web App Penetration Testing - a full course for beginners
4.6 -
Web Application Security Testing with OWASP ZAP
-
Open-Source OWASP Tools for Enhanced Penetration Testing Coverage - 2018
-
Web App Penetration Testing Tutorials
3.0
