Abruptly Mangle the Web presented at Kiwicon 2012

by Thibaud Weksteen,

Tags: Security

Summary : Unsatisfied with current Web application mass-destruction tools, Thiebaud created a genuine(tm) nephew of Scapy for HTTP. Did you ever need to inject an xml-double_urlencoded-base64 payload in the middle of a cookie header to exploit an SQL injection? If so, you know that this can be a pain with existing tools and how "quickly" forge your own script might take longer than you thought. This talk will sum up the general state of web application pentest tools, their weaknesses and present Abrupt and how its design solves some of these issues. Finally, working, useful examples will be demonstrated on how to use it for your day job or your discreet night-time activities.