Intro to Web App Testing with Mutillidae, presented at BSidesIOWA 2015

by Andrew Freeborn,

Summary : This presentation will introduce web application testing to aspiring security professionals as well as assist existing security professionals. The content will be based on the premise that “you don’t know what you don’t know”, as it is can be challenging to know where to locate tools and resources in web app testing. While there are many books and videos on YouTube, how do you know what to trust? I will introduce OWASP standards, a simple test OWASP web app platform and OWASP open source tools. The talk will cover using OWASP ZAP and Burp Suite Free against the OWASP Mutillidae 2 platform. After attending the presentation, participants will leave with an understanding of basic web app testing and industry standard testing tools to jumpstart their way forward.