A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Search Irongeek.com:

Affiliates:
Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


Application Recon - The Lost Art - Tony Miller GrrCON 2015 (Hacking Illustrated Series InfoSec Tutorial Videos)

Application Recon - The Lost Art
Tony Miller
GrrCON 2015

Tools for conducting application penetration tests have become increasingly advanced over the past decade. Yet with all this focus on bigger, badder and more specialized tools, it seems we,ve lost sight of the most effective tool in our arsenal, our own eyes. Performing reconnaissance on target applications is one of those concepts that many know exists but few seem to actually employ as part of an application penetration test. In this presentation, we,ll discuss how intelligence gathering can not only improve application assessments but in many cases can be the difference between a sparse report and pwn,ing the app. We,ll look at some common and some less than common methods for gathering intelligence on your target application. We,ll see some examples of how good reconnaissance techniques turned seemingly trivial applications into smoking piles of wreckage that left their owners dazed and confused.

Back to GrrCON 2015 video list

Printable version of this article

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2016, IronGeek
Louisville / Kentuckiana Information Security Enthusiast