gauntlet kickoff at austin owasp hackathon

Put your code through the Gauntlet

gauntlet, n. an attack from all sides

Your web app You

Your web app

fuzzers

nessus

sqlmapmetasploit

dirbustercustom attacks

Gauntlet is

an always-attacking environment for

developers

with attacks written in easy-to-read language

accessible to everyone involved in dev, ops,

security, ...

Gauntlet includes

Why Gauntlet?

Security domain knowledge is generally a mystery to dev teams

Gauntlet allows dev and ops and security to communicate and collaborate

Gauntlet joins:

The Philosophy of Rugged Software

&Principles of Behavior Driven Development

You are now commissioned as a

contributor to Gauntlet

Here is your badge

RUGGED

source: Jessica Allen, http://drbl.in/bgwy

github.com/wickett/gauntlet

Ideas to build

nmap to check ports

crawl site and search for passwords in text

(assume fuzzing)

badness with LOIC, slowloris, wget, curl

Include recon, scanning, fuzzing, injecting, load

multi-vector attacks:timing + load, fail

open, ...

these are just ideas, use your imagination

lets build some tests!

github.com/wickett/gauntlet

gauntlet kickoff at austin owasp hackathon

gauntlet joins

security domainknowledge

multivector attacks

web appyou

dev teams

devand ops

generallya mystery

jessica allen

Technology

modern: hackathon demo at cornell fintech hackathon

owasp (membership) and new owasp projects · owasp 7 owasp

genre theory – david gauntlet

gauntlet of ind [tempusfugitives]

gw 06 the gauntlet

the gauntlet: the design of a community challenge...

gauntlet brochure

the gauntlet — september 24, 2015

owasp 2013 appsec usa zap hackathon

highfive runs the analyst’s gauntlet...highfive runs the...

link gauntlet knitting pattern

gauntlet 2

nazgul gauntlet - template - instructables

gauntlet legends manual ntsc dreamcast

the gauntlet — may 14, 2015

gauntlet 1

wbie gauntlet darkness calls eng

adv gauntlet

no. 10 the gloster gauntlet

the gauntlet — july 16, 2015