SEARCH
TOOLBOX
LANGUAGES
Difference between revisions of "OWTF Botnet mode"

Difference between revisions of "OWTF Botnet mode"

From BruCON 2016

Jump to: navigation, search
(Created page with "OWASP OWTF is the Offensive (Web) Testing Framework, a project designed to facilitate penetration testing, making security assessments as efficient as possible. Please see: ht...")
 
(No difference)

Latest revision as of 20:57, 9 September 2014

OWASP OWTF is the Offensive (Web) Testing Framework, a project designed to facilitate penetration testing, making security assessments as efficient as possible. Please see: http://owtf.org for more information.

This presentation will cover the following OWASP OWTF projects:

1) Botnet Mode: A Brucon 5x5 project designed to make OWTF emulate a botnet, this makes it easier for the average penetration tester to test a website using multiple IP addresses (i.e. like real-world attackers having a botnet can), even when OWTF is launched from a single IP address.

This makes it practical to test if security controls can be bypassed when the origin IP of the scanning machine changes.

2) WAF Bypasser: While multiple WAF bypassing tools exist, few of them focus on bypassing poorly written virtual patches, indeed, there are many possible mistakes that can occur when web application code handles HTTP requests vs, what the WAF is looking at. This nifty project can additionally be run either standalone or as an OWTF aux plugin. It should be no surprise that the WAF bypasser was found to work well against production WAFs and we even found some cool 0-day during development :)