Previous blog posts you might have missed and maybe you would like to read first for background: Part 1: Intro Part 2: Translating APKs The OWASP Mobile Application Security Verification Standard classifies the flaw explained in this blog post, under section V5: Network Communication Requirements, as follows: MSTG-NETWORK-1: Data is encrypted on the network using …
REMINDER: We just released OWTF 1.0 “Lionheart”, Please try it and give us feedback! Just a quick note to say that the materials used by the OWTF Crew during the Brucon 5×5 presentations are now online: Slides here: https://speakerdeck.com/tunnelshade/brucon-2014-5by5-owasp-owtf OWTF 1.0 “Lionheart” – Brucon 5×5 Video: Talk structure and higher resolution demos (From minute: 0) Introduction to OWTF and discussion of the Web …
Why wait? Download OWTF 1.0 “Lionheart” now! 😉 Just a quick note that the OWTF Crew will be presenting part of what is coming on OWTF 1.0 “Lionheart” during the Brucon 5×5 presentations: When: Friday September 26, 2014 13:00 – 15:00 Where: 5 La Trappe (Novotel Ghent) – Brucon, Ghent, Belgium, Europe 🙂 OWTF talks …
At Brucon 2012 I had the privilege to present and demo VSA, the Virtual Scripted Attacker, a tool I had been working on with a great team of very talented people for a number of months. The talk was only 5 minutes long (a Lightning talk) so the presentation is brief. VSA is the first …
I would like to use this opportunity to thank everybody that voted my lightning talk “Web app testing without attack traffic” as the “BruCon 2011 Lightning Talk winner”. I only had 5 minutes so I had to take out many things I wanted to cover, for this reason, I have significantly expanded this talk (106 slides …
I will be giving a lightning talk at Brucon next week. My goal is to give a quick overview on the vast amount of tests possible before you have permission to test a target. This is particularly useful if you are given a short test window but you are willing to put the extra effort …
