Debugging applications with network security tools

Web application developers are very comfortable getting into the bits and bytes of their programs and data, however few take advantage of the network analysis tools available to inspect, test and troubleshoot the network interactions of their applications. This session will provide instruction for using three network security tools to analyze web applications on the network. Wireshark will be used to capture web session to analyze headers and content, extract and save objects, gather performance statistics, and other web app troubleshooting techniques. Webscarab will be used to capture SSL session traffic and modify HTTP requests and responses on the wire. Finally, netcat will be used to perform automated replay tests against a web application.

Voir les 146 présentations

Kevin Bong

Ghostscale

Kevin is a director of cybersecurity consulting, responsible for penetration testing, risk assessments, compliance audits, incident response, and cybersecurity advisory services. Kevin holds the CISSP, CISA, PMP, GIAC GSE, GX-CS, GX-IA, GX-IH, GCIA, GPPA, GCFA, GAWN, CEH and ISO 27001 LA certifications. Kevin’s research interests include hardware and embedded systems, and supporting the community by hosting hardware hacking villages at conferences including CypherCon, THOTCON, and SecretCon.

Debugging applications with network security tools

Kevin Bong

Montréal 2011 sponsored by

Montréal 2011
sponsored by