Sign up to save your podcasts
Or
Share Building a Scanner and a Community with Zed Attack Proxy - Simon Bennetts - ASW #254
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Building a Scanner and a Community with Zed Attack Proxy - Simon Bennetts - ASW #254
Zed Attack Proxy is an essential tool for web app pentesting. The project just recently moved from OWASP to the Secure Software Project. Hear about the challenges of running an OSS security project, why Simon got involved in the first place, and why successful projects are about more than just code.
Segment Resources: - https://www.zaproxy.org/
- https://softwaresecurityproject.org/blog/welcoming-zap-to-the-software-security-project/
- https://owasp.org/www-project-vulnerable-web-applications-directory/
In the news segment, a key compromised from a crash dump (and the many, many lessons that followed), more examples of mishandling secrets, URL parsing mismatches show path traversal works well in Rust, an old Linux kernel bug shows how brittle code can be (even when it's heavily audited), an example of keeping OSS projects alive, a quick note on BLASTPASS, and a look at privacy in cars, and more!
Visit https://securityweekly.com/asw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/secweekly
Like us on Facebook: https://www.facebook.com/secweekly
Show Notes: https://securityweekly.com/asw-254
View all episodes
By Security Weekly Productions
4.4
208208 ratings
Zed Attack Proxy is an essential tool for web app pentesting. The project just recently moved from OWASP to the Secure Software Project. Hear about the challenges of running an OSS security project, why Simon got involved in the first place, and why successful projects are about more than just code.
Segment Resources: - https://www.zaproxy.org/
- https://softwaresecurityproject.org/blog/welcoming-zap-to-the-software-security-project/
- https://owasp.org/www-project-vulnerable-web-applications-directory/
In the news segment, a key compromised from a crash dump (and the many, many lessons that followed), more examples of mishandling secrets, URL parsing mismatches show path traversal works well in Rust, an old Linux kernel bug shows how brittle code can be (even when it's heavily audited), an example of keeping OSS projects alive, a quick note on BLASTPASS, and a look at privacy in cars, and more!
Visit https://securityweekly.com/asw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/secweekly
Like us on Facebook: https://www.facebook.com/secweekly
Show Notes: https://securityweekly.com/asw-254
More shows like Security Weekly Podcast Network (Audio)
View all
Security Now (Audio)
2,000 Listeners
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
374 Listeners
Risky Business
376 Listeners
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
653 Listeners
CyberWire Daily
1,020 Listeners
Smashing Security
320 Listeners
Click Here
416 Listeners
Darknet Diaries
8,012 Listeners
Cybersecurity Today
177 Listeners
Hacking Humans
315 Listeners
CISO Series Podcast
189 Listeners
Defense in Depth
74 Listeners
Cyber Security Headlines
136 Listeners
Risky Bulletin
46 Listeners
Hacker And The Fed
171 Listeners