Intro to IronWASP
-- ABHIJETH DUGGINAPEDDI
Hello
Time to brag:
Security Consultant at TCS for bread and
butter
Love speaking and training
Got lucky with Google, Y!, ...
For the next 40 minutes
Why
What is
How to use
Pentesting with
Few comparisons between IronWASP and Burpsuite
Resources an...
What does it do??
 Vulnerability Scanner
 Intelligent crawler
 Checks for OWASP top 10 and Sans top 25
 Extensible via...
Why the developers think that the
tool is great??
 Powerful and effective
 WiHawk - WiFi Router Vulnerability Scanner by...
Why do I like it??
 HP WebInspect 10.0 starts at $1,500
and is licensed per application
 IBM Appscan Singe User 4500$
 ...
And ..
 Nice framework
 Simple to use
 No rocket science required
 Good for beginners
 Good for companies to use duri...
Questions ???
Special thanks
Resources : http://blog.ironwasp.org/
And his team:
WiHawk Anamika Singh
XmlChor Harshal Jamdade
IronSAP Pr...
Lets catch up:
Fb.com/abhijethd
@abhijeth
www.abhijeth.com
Also thank you
www.null.co.in
fb.com/nullhyd
@nullhyd
Intro to IronWASP
Intro to IronWASP
Intro to IronWASP
Upcoming SlideShare
Loading in...5
×

Intro to IronWASP

1,689

Published on

null Hyderabad Chapter - April 2014 Meet

Published in: Education, Technology
0 Comments
2 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
1,689
On Slideshare
0
From Embeds
0
Number of Embeds
4
Actions
Shares
0
Downloads
276
Comments
0
Likes
2
Embeds 0
No embeds

No notes for slide

Intro to IronWASP

  1. 1. Intro to IronWASP -- ABHIJETH DUGGINAPEDDI
  2. 2. Hello Time to brag: Security Consultant at TCS for bread and butter Love speaking and training Got lucky with Google, Y!, Microsoft, Twitter .. Etc Love anime and politics !! Trying to contribute to the security community and start-ups in Hyd. Abhijeth Dugginapeddi www.abhijeth.com @abhijeth Fb.com/abhijethd
  3. 3. For the next 40 minutes Why What is How to use Pentesting with Few comparisons between IronWASP and Burpsuite Resources and Credits
  4. 4. What does it do??  Vulnerability Scanner  Intelligent crawler  Checks for OWASP top 10 and Sans top 25  Extensible via plug-ins or modules in Python, Ruby, C# or VB.NET  False positive detection  Generate reports in HTML and RTF formats
  5. 5. Why the developers think that the tool is great??  Powerful and effective  WiHawk - WiFi Router Vulnerability Scanner by  XmlChor - Automatic XPATH Injection Exploitation Tool IronSAP - SAP Security Scanner SSL Security Checker - Scanner to discover vulnerabilities in SSL installations  OWASP Skanda - Automatic SSRF Exploitation Tool  CSRF PoC Generator - Tool for automatically generating exploits for CSRF vulnerabilities  HAWAS - Tool for automatically detecting and decoding encoded strings and hashes in websites
  6. 6. Why do I like it??  HP WebInspect 10.0 starts at $1,500 and is licensed per application  IBM Appscan Singe User 4500$  IBM Appscan enterprise 155,000$  Acunetix 1 year 3195$  Acunetix with maintenance 5995$  BurpSuite Professional per year 299$
  7. 7. And ..  Nice framework  Simple to use  No rocket science required  Good for beginners  Good for companies to use during low budget projects  Little better than other free tools  Finally, developed by an Indian researcher. Support him !!
  8. 8. Questions ???
  9. 9. Special thanks Resources : http://blog.ironwasp.org/ And his team: WiHawk Anamika Singh XmlChor Harshal Jamdade IronSAP Prasanna K SSL Security Checker Manish Saindane OWASP Skanda Jayesh Singh Chauhan CSRF PoC Generator Jayesh Singh Chauhan Lavakumar Kuppan @lavakumark Founder of the IronWASP Project. Author of many Security Tools.
  10. 10. Lets catch up: Fb.com/abhijethd @abhijeth www.abhijeth.com Also thank you www.null.co.in fb.com/nullhyd @nullhyd
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×