[Owasp-leaders] Are we helping Hackers or helping Application security?

Achim achim at owasp.org
Wed May 25 08:29:29 UTC 2016


On 25.05.2016 03:19, johanna curiel curiel wrote:
...
> 
> For those who have not seen the video highly recommended
> 
> https://tune.pk/video/6528544/hack

...

Hmm, looking at the video, I'd say that the subject of this thread is
off-topic, at least the complain about the realation with ZAP.
All the malicious hacks are done using sqlmap and some backdoor shells.
ZAP is only used to copy some data (cookie and POST data) which could be
done easily with browser add-ons too, just to name a few: web developer,
firebug, firehttp, live http header, and many more ...

So the blame should go to mozilla and the add-on deveopers too. Does it?
Or bash bash, kali, mysql, nc, vim, ...

Said this, the discussion in general is ok, but not blaming ZAP for the
case shown in the video.

Time to calm down, OWASP and its tools are ok ;-)

Ciao
Achim



More information about the OWASP-Leaders mailing list