Loading…
This event has ended. View the official site or create your own event → Check it out
This event has ended. Create your own
Welcome to the full schedule of the OWASP AppSec Research EU 2014 conference days
View analytic
Thursday, June 26 • 12:05 - 12:50
ActiveScan++: Augmenting manual testing with attack proxy plugins

Sign up or log in to save this to your schedule and see who's attending!

This presentation will introduce ActiveScan++ and demonstrate how it can be used to easily identify complex vulnerabilities in real world applications. ActiveScan++ is an open source Python plugin that builds upon Burp Suite's basic active scanning functionality. This talk will cover the classic and exotic vulnerabilities it can detect, as well as the pros and pitfalls that can be found with the proxy-plugin approach to automated vulnerability hunting.

ActiveScan++ uses heuristic probes to efficiently assess the susceptibility of the target to a range of cutting edge attack techniques, such as host header poisoning and relative path overwrites. In addition, ActiveScan++ provides robust identification of blind attack issues, helping to locate rare but critical vulnerabilities such as code injection that pentesters can't afford to miss. Demonstrations of the underlying mechanics of these attacks, how they can be automatically detected, and how we can actively exploit them once they have been identified will be performed throughout the presentation.

The presentation will finish with a discussion of current research into automated detection of 'suspicious' behaviour, in a manner similar to the initial stages of manual testing. These new techniques allow generic detection of entire vulnerability classes by combining platform-independent payload sets with fuzzy pattern matching.

This presentation will host the first public release of this open source tool.


Speakers
JK

James Kettle

Context Information Security
James Kettle has  extensive experience vulnerability bounty hunting across Mozilla's and Google's heavily secured infrastructure, resulting in being ranked 6th in Google's 0x0A list for 2012/13. As part of this he has  performed security research culminating in novel attack techniques such as password reset and cache poisoning, affecting numerous popular web frameworks including Django, Drupal, Symfony and Joomla.


Thursday June 26, 2014 12:05 - 12:50
LAB003
  • Company 29

Attendees (14)