Improving Penetration Testing Efficiency with OWASP Code Pulse and Attack Surface Detector

Explore two innovative OWASP tools designed to enhance web application penetration testing efficiency in this 34-minute conference talk. Learn how Code Pulse provides real-time code coverage feedback during testing, allowing testers to maximize application server code coverage and compare tool performance. Discover the Attack Surface Detector, which uses static code analysis to identify web application endpoints, parameters, and datatypes, integrating seamlessly with Burp Suite and OWASP ZAP for rapid dynamic testing. Gain insights into recent features, witness tool demonstrations, and participate in a Q&A session to understand how these tools can improve your specific testing needs and contribute to building more secure applications.

Introduction
Agenda
Whitehat penetration testing
Penetration testing workflow
Attack surface
Open window
Web applications
Code Pulse
What is Code Pulse
How Code Pulse works
Coverage scenario
Live demonstration
The problem
The solution
How it works
Supported frameworks
Available today
Attack Surface Detector
Complex Application
Commandline Interface
Questions
QA