Post Mon Sep 19, 2011 11:35 am

Testing Web Services - DefCon/Black Hat presentation and WP

My first trip to DefCon was driven by wanting to attend this talk.  I had to watch it on DefCon TV, as the room was packed.  Unfortunately, the docs were not present on the DC CD.  So, I had to watch a lot of people running demos, without seeing the demos themselves, and of course listen to the talk with no slides.

Anyway, here are the DefCon slides: https://community.rapid7.com/docs/DOC-1504

And here is the long awaited Whitepaper on testing web services: https://community.rapid7.com/docs/DOC-1505

The Web Application Hackers Handbook is supposed to be updated to cover web services... I should have my copy by the end of the week... Would be nice to have now, as I'm in the middle of a pen test that's employing JSON.

Anyway... happy reading!
Poking at security since 1986.  +++ATH