Loading…
This event has ended. View the official site or create your own event → Check it out
This event has ended. Create your own
View analytic
Monday, January 25 • 9:00am - 5:00pm
Web Pentesting Using OWASP Tools

Sign up or log in to save this to your schedule and see who's attending!

This training will teach students how to conduct website assessments using free and open source OWASP tools. Students will learn how to conduct web penetration tests using known methodologies such as the OWASP Testing Guide + PTES  and NIST SP800-115.


Using the various methodologies, tools such as OWASP’s OWTF, ASVS and OWASP ZAP will be used introduced in order to demonstrate the lifecycle of web hacking. These tools give you the opportunity to perform and automate stages of penetration testing from reconnaissance, vulnerability analysis, to dynamic application testing and remediation steps to vulnerabilities found.



Who Should Take This Course?

This course is designed to help web developers and security professionals understand how to pentest and secure web applications. Candidates are expected to have basic knowledge of web technologies, but no experience in security is required prior to taking this course. However, security professionals who want to learn more about web security methodologies will benefit from this class.

 

What Should Students Bring?


Participants are required to bring a laptop (Windows, Mac or Linux) with at least 3 GB of RAM, 20 GB of free disk space,and either VMWare Player (free), VMWare Workstation, VMWare Fusion or Oracle VirtualBox pre-installed with Kali Linux (no version preference). If you want to get a head start, feel free to download and install OWASP ZAP and OWASP OWTF on the Kali Linux virtual machine.



Speakers
avatar for Aaron Guzman

Aaron Guzman

Principal Penetration Testing Consultant, Dell SecureWorks
Aaron is a Chapter leader for the Open Web Application Security Project (OWASP) Los Angeles, Research Director for Cloud Security Alliance SoCal and the President for the High Technology Crime Investigation Association of Southern California(HTCIA SoCal). Aaron’s interest and expertise lies in application security, mobile pentesting, web pentesting, IoT research and network penetration testing. Aaron has given talks at various meetups... Read More →


Attendees (3)