RUBY FOR PENTESTERS: THE WORKSHOP

July 26, 14:15 - 18:00

Applied Workshop II

Pompeian

Having a great set of test tools could be the difference between a successful engagement and utter catastrophe. Being able to create tools on the fly to solve intractable test or research problems is a challenge we face every day.

In this workshop we'll lead off by demonstrating the power and flexibility of Ruby. Then we'll teach you how to use your new superpowers to rapidly prototype solutions for real-world problems including:

The fast path to binary and protocol reversing tools
Rapidly prototyped network clients using our 'bag of tricks' approach
Dealing with Java using JRuby
Extending Burp Suite using Buby
Building scriptable debuggers and hit tracers with Ragweed
Hooking into native code with FFI
Adding Redis in the mix to manage test cases and results from within your Ruby code

Participants will be given a virtual test environment to use that includes a toolchain and sample applications to test - they just need to bring a laptop. The toolchain will also be available on the conference DVD and for download.

Quick demonstrations leading into hands-on hacking on real apps will keep the workshop fast-paced and fun.

Presented by

Timur Duehr

Cory Scott

Michael Tracy