Loading…
This event has ended. View the official site or create your own event + mobile app → Check it out
This event has ended. Create your own
Welcome to the full schedule of the OWASP AppSec Research EU 2013 conference days. You’ll find the schedule for the training days at http://trainings2013.appsec.eu
View analytic
Thursday, August 22 • 1:50pm - 2:35pm
Burp Pro - Real-life tips and tricks

Sign up or log in to save this event to your list and see who's attending!


A lot of services are provided through the Web. Pentesters are spending a lot of time testing Web applications, Web Services, REST and JSON interfaces, mobile applications and thick clients. For all these assessments, an interactive HTTP proxy is mandatory to intercept, analyze, modify and replay the traffic. Burp Pro is the "de facto" tool for this kind of job. This presentation conveys many years of experience in using this tool and will try to address real-life situations. Topics covered: recent features like Burp Extender, testing of mobile applications, automatic scanning despite CSRF tokens (using "Recursive Grep" or Macros) and session logout, interactive parsing and manipulation of items, useful tricks like shortcuts and backups, efficient brute-forcing of BasicAuth forms, ... 
Speakers
NG

Nicolas Grégoire

Nicolas Grégoire (@agarri_fr), electronic-sheep-herder from the beautiful South of France will show how to get the most out of Burp Pro during pen-tests. A must see for serious offensive security folks who like to do more than just clicking buttons.

Thursday August 22, 2013 1:50pm - 2:35pm
Aussichtsreich (Emporio)
Remove this from your schedule?
You may not be able to get back in if this is full.
Remove
Cancel