Many functions within a penetration test are routine, and using a script to automate portions of the process can provide a consistent, repeatable and auditable process.
This presentation will begin with a walk through the command-line switches of a couple well-know tools that aid automation. By the end of the session, attendees will have an automation script that they can use to run their own tests, and grow to incorporate more of their own tools and methodology.
This session will be held by Timothy McKenzie. Timothy leads red and purple team exercises, building breach and attack emulation scenarios. He works with highly skilled attack teams to breach organizations with the goal of helping the organization understand weaknesses in their security posture, as well as the impact that a determined, sophisticated adversary could make.
Timothy holds dozens of certifications including GPEN, GWAPT, GXPN, GAWN, GPYC, and GWEB. He’s a SANS Co-Author and Instructor of the SEC542 Web Application Penetration Testing course, as well as a frequent speaker at ISSA, ICBA and other forums.
Do not miss this session as it your path to automate Web Application Scanning!