Embed Size (px)
DESCRIPTION
Gauntlet is the new open source tool to put rugged principles in the dev cycle. The project is just getting kicked off and we are looking for contributors.
Citation preview
Put your code through the Gauntlet
gauntlet, n. an attack from all sides
Your web app You
Your web app
w3af
fuzzers
nmap
nessus
sqlmapmetasploit
You
dirbustercustom attacks
Gauntlet is
an always-attacking environment for
developers
with attacks written in easy-to-read language
accessible to everyone involved in dev, ops,
security, ...
Gauntlet includes
Why Gauntlet?
Security domain knowledge is generally a mystery to dev teams
Gauntlet allows dev and ops and security to communicate and collaborate
Gauntlet joins:
The Philosophy of Rugged Software
&Principles of Behavior Driven Development
You are now commissioned as a
contributor to Gauntlet
Here is your badge
github.com/wickett/gauntlet
Ideas to build
nmap to check ports
crawl site and search for passwords in text
(assume fuzzing)
badness with LOIC, slowloris, wget, curl
Include recon, scanning, fuzzing, injecting, load
multi-vector attacks:timing + load, fail
open, ...
these are just ideas, use your imagination
lets build some tests!
github.com/wickett/gauntlet
![THE GAUNTLET - cLabclab.iat.sfu.ca/pubs/Hawkins-Gauntlet-CHI2015Poster.pdf · [Challenge Description Page] THE GAUNTLET: The Design of a Community Challenge Platform #community #locative-media](https://img.pdfslide.net/doc/110x75/5ed1fb6d5abf7913ed253b8a/the-gauntlet-challenge-description-page-the-gauntlet-the-design-of-a-community.jpg)
![The Gauntlet [1953]](https://img.pdfslide.net/doc/110x75/62a381794875200829389580/the-gauntlet-1953.jpg)
