So there was an interesting post by Andres (w3af project lead) yesterday on the w3af-users list noting an unusual behavior with Apache. Here's a very quick overview
As promised, I've found some time to add a list of talks that I thought were very interesting. I spent much of the conference helping out with various and sundry things and actually got to see very few talks while I was there. That said, here's the talks that I can't wait for the videos to get posted:
AppSec EU 2009 was fantastic and Poland was quite nice. I think everyone who got to attend had a good time and enjoyed the conference. I'd highly recommend the next AppSec Wherever that OWASP puts on. For the latest OWASP conferences look here.
Here's my quick brain dump from the conference:
Submitted by bradcausey on Mon, 05/18/2009 - 09:24
For those of you that aren't on the mailing list, you may not be aware that Matt made some updates and a bug fix to the Live CD. Check it out here: appseclive.org/content/downloads
Submitted by bradcausey on Tue, 05/12/2009 - 12:52
Just wanted to point out some new tutorials coming your way. I've decided to create a screen shot, walk-through, style tutorial for each of the vulnerability classifications in the OWASP Testing Guide v3.
Creating a VirtualBox Image from the OWASP Live CD
I'd like to thank Kent (if you know him, you know him, if not, don't worry about it) for the early versions of this document and for working out the kinks early on. You've been an amazing help to our virtualization efforts.
Go to the sqlmap website and grab the latest source tarball. In this case, that is sqlmap-0.7rc1.tar.gz. Yes, its a release canidate but per the site, it works fine on Linux. That's what we're using so no worries.
Submitted by bradcausey on Fri, 04/24/2009 - 14:05
Weclome! I am trying something a bit different by using Wink, a linux screen recorder that is in the Ubuntu repositories. Basically, its creates a flash recording. Give it a few minutes to load on a slow connection, and give us some feedback on what kind of tutorials you prefer
Submitted by bradcausey on Fri, 04/24/2009 - 08:48
I just wanted to get started by saying welcome to appseclive.org
Matt and I are really looking forward to growing this into a community where web application security folks can gather and discuss aspects and details of their field. There are a few goals that I personally have for the site.
I would love to see this site be a resource for any and every level of experience and knowledge. The only way to make a major, long term impact in the application world is through education.
