w3af – A framework to own the web

Expo Theatre (Hall G) October 20, 2009 - Feedback     

Bookmark and Share

Andrés Riancho

Specially crafted for SecTor’s attendees, the w3af project leader will deliver a double talk about the framework, which will guide you through its features using a demos and real life examples.

The first session introduces w3af to the audience and shows all of the automated Web application scanning features, and follows up with a detailed description of the advanced exploitation features present in the framework. A must-see talk if you’re a penetration tester wanting to learn new tricks.

The second session starts with an introduction to the new tools that have been integrated into w3af’s GUI to help Web application Penetration Testers, and ends up with a comparison between four commercial and open source Web application scanners. This analysis includes the different ways in which HTTP fuzzers and HTML parsers work in each scanner.

While we recommend you to attend both sessions, it is possible to attend the second session without attending the first one.