YoVDO

HTTP Time Bandit - Identifying Web Application Performance Bottlenecks

Offered By: OWASP Foundation via YouTube

Tags

Web Application Performance Courses Penetration Testing Courses Network Analysis Courses Vulnerability Assessment Courses Web Server Security Courses Load Testing Courses

Course Description

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore a comprehensive conference talk on identifying web application performance bottlenecks and potential security vulnerabilities through HTTP request analysis. Learn about the HTTP Time Bandit tool, designed to pinpoint resource-consuming pages in web applications by submitting a series of regular requests and analyzing the gathered data. Discover how this information can be used for both performance optimization and potential DOS/DDOS attacks. Gain insights into the tool's testing and attacking capabilities through live demonstrations on various targets. Delve into topics such as exotic authority, formal methods, Linux examples, graph symmetry, load balancers, proxy servers, protection services, baseline security, and resource consumption. Understand the motivations behind this approach, evasion techniques, and recommended usage scenarios. Examine the implications for CPU-intensive processes and explore potential future developments in this field.

Syllabus

Introduction
Who are we
Agenda
Why do we do this
Taxonomy
Exotic Authority
Proposed Method
Formal Method
Linux
Example
Graph
symmetric nature
attack
testing
other tools
what do we do
load balancers
a proxy
protection services
baseline
security
maximum connections
mod2s
settingstart
Resource Consumption
Motivation
Evasion
Honeypot
Recommended Usage
Bad Times Many
Whats Next
Tools
Paper summation
CPU hogs
Conclusion


Taught by

OWASP Foundation

Related Courses

Improving Performance with IndexedDB and Caching
LinkedIn Learning
Better Performance with HTTP/2
Devoxx via YouTube
Better Performance with HTTP/2
Devoxx via YouTube
Web Assembly Interaction with JavaScript
Pluralsight
Bottleneck Analysis in Web Applications - Full-Stack Profiling Techniques
International PHP Conference via YouTube