Clinton Ingrams

Clinton has been teaching programming (and many other IT-related topics) for over 30 years at FE and HE level. He completed his Masters degree in IT at De Montfort University (Leicester) in 1998, and has remained at DMU ever since as a Senior Lecturer. Having first downloaded PHP in 2000, he was invited to start teaching it in 2004. He is currently delivering modules relating to the security of web systems; teaching PHP to second year students and PHP with SLIM to final year students (Secure Web Application Development) and vulnerabilities of web applications (with pentesting) to second year and has recently volunteered to teach Scala to first year students. He also managed industrial/commercial partnerships such as KTPs and has spent many happy months delivering degree modules in Malaysia, Singapore and China. He also is a coordinator of PHPEM, and managed the uncon sessions at the PHPNW conference for several years. Any spare time is spent with his family, and his double basses.

AM: Pentesting Do’s and Dont’s

I have been delivering pentesting courses to undergraduate and postgraduate students for several years, and have worked closely with professional pentesters and pentest brokers. The majority of students I teach will go into the CyberSecurity industry, obtaining employment as professionals within the sector for a wide range of well known (and not so well known) businesses and organisations.

This workshop is a necessarily short introduction to the work of a pentester. We will consider the legal requirements, the learning environments, the tools used, and then we will explore the basics of an actual pentest. We will reference the OWASP Top 10, but we will also look at the contents of a scoping document, and how to structure a pentest by selecting relevant ideas from a range of pentesting methodologies.