Tickets
Agenda
Speakers
Workshops

Thursday 

Room 6 - OWASP 

09:00 - 10:00 

(UTC+01

Talk (60 min)

Automated Security Testing with OWASP Nettacker

OWASP Nettacker project (a portmanteau of "Network Attacker") is a relatively new yet an awesome and powerful 'swiss-army-knife' automated penetration testing framework fully written in Python. Nettacker recently gained a lot of interest from the European and Asian penetration testing communities and was even included in the specialist Linux distribution for penetration testers and security researchers.

Security Tooling

Nettacker is able to run various scans using a variety of methods and generate scan reports for applications and networks, including services, bugs, vulnerabilities, misconfigurations, default credentials and many other cool features - for example an ability to chain different scan methods.

This talk will feature a live demo and several practical usage examples of how organisations can benefit from this OWASP project for automated security testing

Sam Stepanyan

Sam Stepanyan is an OWASP London Chapter Leader and an Independent Application Security Consultant with over 20 years of experience in IT industry with a background in software engineering and web application development. Sam has worked for various financial services institutions in the City of London specialising in Application Security consulting, Secure Software Development Lifecycle (SDLC), developer training, source code reviews and vulnerability management. He is also a Subject Matter Expert in Web Application Firewalls (WAF) and SIEM systems. Sam holds a Master’s degree in Software Engineering and a CISSP certification.

Arkadii Yakovets

Arkadii Yakovets is a cybersecurity lead specializing in secure application development and DevSecOps. Since joining OWASP in 2023, he has served as a leader and active contributor to the OWASP Nest and OWASP Nettacker projects. Arkadii has mentored over 10 students through Google Summer of Code and other open source sponsorship programs within OWASP and other communities. He is deeply passionate about open source, information security, and clean code practices. Arkadii holds a Master’s degree in Computer Systems and Networks and maintains CCSP, CISSP, and CSSLP certifications from ISC2.