Building a Scanner and a Community with Zed Attack Proxy - Simon Bennetts - ASW #254
2023-9-13 05:0:0 Author: podcast.securityweekly.com(查看原文) 阅读量:7 收藏

Zed Attack Proxy is an essential tool for web app pentesting. The project just recently moved from OWASP to the Secure Software Project. Hear about the challenges of running an OSS security project, why Simon got involved in the first place, and why successful projects are about more than just code.

Segment Resources: - https://www.zaproxy.org/

 - https://softwaresecurityproject.org/blog/welcoming-zap-to-the-software-security-project/

 - https://owasp.org/www-project-vulnerable-web-applications-directory/

 In the news segment, a key compromised from a crash dump (and the many, many lessons that followed), more examples of mishandling secrets, URL parsing mismatches show path traversal works well in Rust, an old Linux kernel bug shows how brittle code can be (even when it's heavily audited), an example of keeping OSS projects alive, a quick note on BLASTPASS, and a look at privacy in cars, and more!

Visit https://securityweekly.com/asw for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/secweekly

Like us on Facebook: https://www.facebook.com/secweekly

Show Notes: https://securityweekly.com/asw-254

]]>
Zed Attack Proxy is an essential tool for web app pentesting. The project just recently moved from OWASP to the Secure Software Project. Hear about the challenges of running an OSS security project, why Simon got involved in the first place, and why successful projects are about more than just code.

Segment Resources: - https://www.zaproxy.org/

 - https://softwaresecurityproject.org/blog/welcoming-zap-to-the-software-security-project/

 - https://owasp.org/www-project-vulnerable-web-applications-directory/

 In the news segment, a key compromised from a crash dump (and the many, many lessons that followed), more examples of mishandling secrets, URL parsing mismatches show path traversal works well in Rust, an old Linux kernel bug shows how brittle code can be (even when it's heavily audited), an example of keeping OSS projects alive, a quick note on BLASTPASS, and a look at privacy in cars, and more!

Visit https://securityweekly.com/asw for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/secweekly

Like us on Facebook: https://www.facebook.com/secweekly

Show Notes: https://securityweekly.com/asw-254

]]>
01:13:02 false podcast

文章来源: http://podcast.securityweekly.com/building-a-scanner-and-a-community-with-zed-attack-proxy-simon-bennetts-asw-254
如有侵权请联系:admin#unsafe.sh