Web Application Analysis With Owasp Hatkit

Presented at DEF CON 19 (2011), Aug. 6, 2011, 1 p.m. (50 minutes).

The presentation will take a deep dive into two newly released Owasp tools; the Owasp Hatkit Proxy and the Owasp Hatkit Datafiddler. The name Hatkit is an acronym (of sorts) for Http Analysis Toolkit and are tools mainly for people who analyse (hack!) web applications. The tools make extensive use of MongoDB, in particular the advanced querying facilities in available in this database. Prior knowledge of Javascript and Python is an advantage, but absolutely no requirement.

Presenters:

• Martin Holst Swende - Senior Security Consultant, 2Secure AB
  Martin Holst Swende is a Senior Security Consultant at 2Secure AB, working with application security- and penetration testing. Martin has a background as a Java/J2me-programmer but nowadays finds more joy in Python and Javascript. Martin is project leader for the Owasp Hatkit Proxy/Datafiddler projects and contributor to open source security projects such as Webscarab and Nmap. Twitter: @mhswende
• Patrik Karlsson - Senior Security Expert, 2Secure AB
  Patrik Karlsson is a Senior Security Expert with over ten years of experience in the field of IT- and Information Security. Patrik's area of expertise includes security penetration testing, vulnerability assessments, software application security audits and incident investigations. Patrik is an active Nmap contributer and runs the security related web site www.cqure.net. Twitter: @nevdull77

Links:

• https://defcon.org/html/defcon-19/dc-19-speakers.html#Swende
• https://www.youtube.com/watch?v=_btt-Aq_dzA

Similar Presentations:

• AppSec USA 2015 / OWASP & More - State of OWASP
• AppSec USA 2013 / Project Talk: The OWASP Education Projects
• AppSec USA 2012 / KEYNOTE: The State of OWASP