Presentation Title: Yet Another Web Application Testing Toolkit (YAWATT)
Presentation Details:

Fyodor and Meder will present the results of their research in the area of automated web application security testing. YAWAT was created
due to the fact that the existing automated web application security testing approaches are extremely limited, and practically unable to
identify application security problems beyond typical coding errors (i.e. SQL injection, XSS and CRLF injection bugs).

The purpose of the YAWATT is to provide security analysts with flexible modular framework based on meta-language that is used to describe web
application testing scenarios and aims to assist in discovery of both coding errors and application “logic” vulnerabilities. Due to modular
design the application testers are provided with granular control over whole testing process, and ability to modify execution scenario, submit additional application data and/or re-execute testing process using new “knowledge” obtained during previous execution.

About Meder

Meder Kydyraliev is a security researcher interested in network security and applications of AI techniques in ethical hacking. Lately, together with Fyodor, he has been researching to find an intelligent way to automate security assessment processes to free up some time for creative stuff. Meder has obtained his B.S. in software engineering from AUCA/Kyrgyzstan and is currenlty working as an associate for KPMG Singapore doing infosec assessments.