Gauntlet Kickoff at Austin OWASP Hackathon

  • 1,336 views
Uploaded on

Gauntlet is the new open source tool to put rugged principles in the dev cycle. The project is just getting kicked off and we are looking for contributors.

Gauntlet is the new open source tool to put rugged principles in the dev cycle. The project is just getting kicked off and we are looking for contributors.

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
No Downloads

Views

Total Views
1,336
On Slideshare
0
From Embeds
0
Number of Embeds
2

Actions

Shares
Downloads
3
Comments
0
Likes
1

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. Put your code through the Gauntlet
  • 2. gauntlet, n.an attack from all sides
  • 3. Your web app You
  • 4. custom attacks dirbuster metasploit sqlmap fuzzers nessusw3af nmap Your web app You
  • 5. Gauntlet is
  • 6. an always-attacking environment for developers
  • 7. with attacks written ineasy-to-read language
  • 8. accessible to everyone involved in dev, ops, security, ...
  • 9. Gauntlet includes
  • 10. Why Gauntlet?Security domainknowledge is generallya mystery to dev teams
  • 11. Gauntlet allows devand ops and security tocommunicate andcollaborate
  • 12. Gauntlet joins: The Philosophy of Rugged Software &Principles of BehaviorDriven Development
  • 13. You are now commissioned as acontributor to Gauntlet
  • 14. Here is your badge
  • 15. RUGGED source: Jessica Allen, http://drbl.in/bgwy
  • 16. github.com/wickett/gauntlet
  • 17. Ideas to build
  • 18. nmap to check ports
  • 19. crawl site and searchfor passwords in text (assume fuzzing)
  • 20. badness with LOIC,slowloris, wget, curl
  • 21. Include recon, scanning, fuzzing, injecting, load
  • 22. multi-vector attacks: timing + load, fail open, ...
  • 23. these are just ideas, use your imagination
  • 24. lets build some tests!
  • 25. github.com/wickett/gauntlet