Luca De Fulgentis is an application security engineer with experience in application penetration testing and source code reviewing. He had the chance to be a speaker around the world, yet he now lives in Switzerland. He is a believer in full (yet responsible) disclosure and still appreciates the challenges in security, even though he’s currently busy scaling security testing on large organizations. He graduated in Milan and worked as a security consultant for large enterprises, focusing on web and virtualization security. He holds a Masters Degree in Computer Engineering from the Politecnico di Milano university.Ībout the Reviewers Claudio Criscione is a cat tamer and a security expert, even though he often fails to see theĭiference. In the past years, he has been an active participant in the security community and a member of the Open Web Application Security Project (OWASP). Prior to Addepar, Luca worked at Matasano Security as a senior security consultant, performing vulnerability research activities on a wide range of systems: from web applications to stand-alone software and mobile applications. He is the Director of Information Security at Addepar, a company that is re-inventing the infrastructure which powers global wealth management. His professional expertise includes black box testing, web application security, vulnerability research, and source code analysis. Production Coordinator Aparna Bhagat Cover Work Aparna Bhagat Cover Image Sheetal AuteĪbout the Author Luca Carettoni is a security researcher with over eight years of experience in the application security ield. Project Coordinator Amigya Khurana ProofreadersĪcquisition Editor Martin Bell Commissioning Editor Harsha Bharwani Technical Editor Dominic Pereira ISBN 978-1-84969-518-3 Credits Author Luca Carettoni Reviewers Livery Place 35 Livery Street Birmingham B3 2PB, UK. However, Packt Publishing cannot guarantee the accuracy of this information. Packt Publishing has endeavored to provide trademark information about all of the companies and products mentioned in this book by the appropriate use of capitals. Neither the author, nor Packt Publishing, and its dealers and distributors will be held liable for any damages caused or alleged to be caused directly or indirectly by this book. However, the information contained in this book is sold without warranty, either express or implied. Every efort has been made in the preparation of this book to ensure the accuracy of the information presented. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews. Instant Burp Suite Starter Copyright © 2013 Packt PublishingĪll rights reserved. Get up and running with Burp Suite using this hands-on practical guide Step 3 – Tampering web requests.ġ – Using the target site map functionality.Ģ – Crawling a web application with Burp Spider.ģ – Launching an automatic scan with Burp Scanner.Ĥ – Automating customized attacks with Burp Intruder.Ĭonfiguring the attack type and positions.Īdditional Burp Intruder options.ĥ – Manipulating and iterating web requests with Burp Repeater.Ħ – Analysing application data randomness with Burp Sequencer.ħ – Decoding and encoding data with Burp Decoder. Step 4 – Verify Burp Proxy configuration.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |