Black Hat //Webcast 18
Auditing/Assessment - Pen Testing the Web with Firefox // Michael Schearer ("theprez98")
Hacking the web has never been easier. Whether you're using Firefox as a standalone tool for information gathering, modifying your browser with innovative extensions, or using Firefox as a web front-end for other penetration testing tools, you can hack all within the potentially anonymous cozy confines of your customized browser. Putting it all together brings your hack-foo one step further. DNS lookups, uptime reports, hosted hash crackers and online scanners are at your browser's fingertips. With Firefox's innovative add-on feature, a number of powerful extensions have been developed for security scanning, ethical hacking, penetration testing, and general security auditing. Finally, a number of penetration testing applications are built specifically with web-based front-ends. Add in a few recommendations for your setup and a few places to test your hacking skills, and your recipe for hack soup is complete.
Michael Schearer ("theprez98")
Michael is a government contractor who spent nearly nine years in the United States Navy as a combat-experienced EA-6B Prowler Electronic Countermeasures Officer. He also spent nine months on the ground doing counter-IED work with the U.S. Army. He is a graduate of Georgetown University's National Security Studies Program and a presenter at DEFCON, ShmooCon, HOPE and internationally at CONFidence (Poland) and HackCon (Norway) as well as other numerous conferences. Michael is a licensed amateur radio operator and an active member of the Church of WiFi. He lives in Maryland with his wife and four children.
We would like to thank this month’s webcast sponsor Core Security Technologiesfor their continued support.