Defeating the Intercepting Web Proxy

We were very privileged to present yet again on the annual HITB (Hack In The Box) information security conference but this time in Amsterdam. The topic was on how to move away from the arcane intercepting web proxies used during web penetration tests and embrace what is currently possible to achieve with standard browser technologies, i.e. the stuff we do with the Suite. Without further ado, here is the video.

Presentation Abstract

This presentation will give information security professionals and enthusiasts an opportunity to explore new tricks and techniques for performing web application security assessments and penetration tests without using any intercepting proxies or any other standard tools. We will explore the weird and wonderful world of web browsers, the modern web application stack and rich web APIs to create a powerful web application security testing environment.

Attendees will get first hand exposure to brand new tools and techniques. The talk is not only educational but also provides a glimpse into the next generation web security technologies and will include the following topics and much more:


Petko D. Petkov (pdp), is founder of Websecurify and frontman of the GNUCITIZEN Information Security Think Tank. pdp is a recognized information security researcher, security tools developer, penetration tester, frequent speaker at industry events, and published author who has contributed to several best-selling books in the field of information security.

Comments Powered ByDisqus