DAST Vuln Research Process (How does it work?)
This talk will outline how I conduct research to generate specific attack payloads for various CWE checks and includes two case studies of OS Command Injection and eXternal XML Entity (XXE) Injection.
Agenda:
- What goes into DAST VR?
- Research Process
- Case Studies
- OS Command Injection
- XML Entity Injection
- Q/A
Edited by Isaac Dawson