Unleashing your Inner Hacker

Are there things about your software that keep you up at night? Is the security of your application and the servers they're running on one of those things? If you answered yes, this talk is for you. If you answered no, this talk is a must! Join Aaron as he introduces you to several methods of quickly learning the basic skills needed to asses the security of a web application and the server(s) that it runs on. You will explore common mistakes made in software development as well as common misconfigurations on servers that lead to their eventual demise.

In this session you will be introduced to Webgoat, a project by OWASP that teaches basic web application hacking techniques through exploration and challenges. You will have the ability to work through a few of the labs as a group and arm yourselves with some new skills. You will learn the basic techniques for port scanning and service identification, and how to spot potential weaknesses in server configurations without setting off any alarm bells. After some basic training you will be given a challenge as a group to deface a simple web application running on a virtual machine during the talk.

About Aaron Bedra

Aaron Bedra is a Senior Engineer at DRW, where he works at the intersection trading and technology. He has served as a Chief Security Officer, Chief Technology Officer, and Principal Engineer/Architect. He has worked professionally on programming languages, most notably Clojure and ClojureScript. Aaron is the creator of Repsheet, an open source threat intelligence toolkit. He is the co-author of Programming Clojure, 2nd and 3rd Edition and a contributor to Functional Programming: A PragPub Anthology.

More About Aaron »