Web Application Analysis With Owasp Hatkit

Presented at DEF CON 19 (2011), Aug. 6, 2011, 1 p.m. (50 minutes)

The presentation will take a deep dive into two newly released Owasp tools; the Owasp Hatkit Proxy and the Owasp Hatkit Datafiddler. The name Hatkit is an acronym (of sorts) for Http Analysis Toolkit and are tools mainly for people who analyse (hack!) web applications. The tools make extensive use of MongoDB, in particular the advanced querying facilities in available in this database. Prior knowledge of Javascript and Python is an advantage, but absolutely no requirement.


Presenters:

  • Patrik Karlsson - Senior Security Expert, 2Secure AB
    Patrik Karlsson is a Senior Security Expert with over ten years of experience in the field of IT- and Information Security. Patrik's area of expertise includes security penetration testing, vulnerability assessments, software application security audits and incident investigations. Patrik is an active Nmap contributer and runs the security related web site www.cqure.net. Twitter: @nevdull77
  • Martin Holst Swende - Senior Security Consultant, 2Secure AB
    Martin Holst Swende is a Senior Security Consultant at 2Secure AB, working with application security- and penetration testing. Martin has a background as a Java/J2me-programmer but nowadays finds more joy in Python and Javascript. Martin is project leader for the Owasp Hatkit Proxy/Datafiddler projects and contributor to open source security projects such as Webscarab and Nmap. Twitter: @mhswende

Links:

Similar Presentations: