NOTACON 5: Exploit-Me Series: Firefox Plug-ins for Application Penetration Testing

Speakers: Dan Sinclair and Sahba Kazerooni

The cost of fixing bugs is drastically reduced in the development stage compared to production. If developers and QA engineers have the proper tools they will be able to scan their applications for security vulnerabilities. The Exploit-Me series of tools is the basis for this tool set. The XSS-Me plug-in provides the ability to scan for reflective Cross-Site Scripting vulnerabilities. SQL Inject-Me provides the ability to look for SQL injection vulnerabilities. By building these plug-ins into the development cycle developers and QA engineers will be able to find security issues early.

This presentation will take a demonstration based approach and will provide examples of advanced XSS and SQL Injection attacks and display how the Exploit-Me tools can be used to identify these vulnerabilities in the application thus empowering the attendees with the ability to search for such vulnerabilities in their applications.

For more information visit: http://bit.ly/NOTACON_2008_information
To download the video visit: http://bit.ly/NOTACON_2008_videos

Category:

Science & Technology

Tags:

• Exploit
• Me
• Series
• Firefox
• Plugins
• for
• Application
• Penetration
• Testing
• Dan
• Sinclair
• and
• Sahba
• Kazerooni

License:

Standard YouTube License