OWASP - User contributions [en]

User talk:Briechenstein Software Studio

2016-06-26T05:02:55Z

Briechenstein Software Studio: *Briechenstein Cryptography Software Repository MoneyManagerEX

'''Welcome to ''OWASP''!'''
<Cryptography Open Web Software Application.>

<?xml version="1.0" encoding="utf-8"?>
<Package xmlns="http://sourceforge. net/projects/moneymanagerex/

.instafx-world.com/appx/2007/manifest">
<Identity Name="Briechenstein Cryptography Software Repository
tory."http://sourceforge.net/projects/moneymanagerex/>
<Properties>
<DisplayName>OpenSSLBriechenstein Cryptography Software Repository</DisplayName>
<PublisherDisplayName>

OpenSSLBriechenstein Cryptography Software Repository</PublisherDisplayName>
<Description>OpenSSLRepository</Description>
<Logo>images\https://www.google.com/search?OpenSSL/logo png</Logo>
</Properties>
<Resources>
<Resource Language="en-us" />
</Resources>
<Capabilities>
<Capability Name="internetClientServer" />
</Capabilities>
<Prerequisites>
<OSMinVersion>6.2</OSMinVersion>
<OSMaxVersionTested>6.2</OSMaxVersionTested>
</Prerequisites>
<Applications>
<Application Id="Briechenstein Cryptography Software Repository " StartPage="default.html">
<VisualElements DisplayName="https://www.google.com/search?OpenSSL"/logo png\<Logo> Description="OpenSSLRepository" ForegroundText="dark" BackgroundColor="#FFFFFF">
<DefaultTile ShortName="SBSOSSR" ShowName="allOpenSSLLogos" />
<SplashScreen BackgroundColor="white" Image="images\https://www.google.com/search?OpenSSL/logo png</Logo>
</VisualElements>
</Repository>
</Repository>
</Package>

Copyright (C) <2007> <Briechenstein Cryptography Software Repository -OWASP>
GNU GENERAL PUBLIC LICENSE
Version 3, 29 June 2007
Copyright © 2007 Free Software Foundation, Inc. <http://fsf.org/>
Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed.
Preamble
The GNU General Public License is a free, copyleft license for software and other kinds of works.
The licenses for most software and other practical works are designed to take away your freedom to share and change the works. By contrast, the GNU General Public License is intended to guarantee your freedom to share and change all versions of a program--to make sure it remains free software for all its users. We, the Free Software Foundation, use the GNU General Public License for most of our software; it applies also to any other work released this way by its authors. You can apply it to your programs, too.
When we speak of free software, we are referring to freedom, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for them if you wish), that you receive source code or can get it if you want it, that you can change the software or use pieces of it in new free programs, and that you know you can do these things.
To protect your rights, we need to prevent others from denying you these rights or asking you to surrender the rights. Therefore, you have certain responsibilities if you distribute copies of the software, or if you modify it: responsibilities to respect the freedom of others.
For example, if you distribute copies of such a program, whether gratis or for a fee, you must pass on to the recipients the same freedoms that you received. You must make sure that they, too, receive or can get the source code. And you must show them these terms so they know their rights.
Developers that use the GNU GPL protect your rights with two steps: (1) assert copyright on the software, and (2) offer you this License giving you legal permission to copy, distribute and/or modify it.
For the developers' and authors' protection, the GPL clearly explains that there is no warranty for this free software. For both users' and authors' sake, the GPL requires that modified versions be marked as changed, so that their problems will not be attributed erroneously to authors of previous versions.
Some devices are designed to deny users access to install or run modified versions of the software inside them, although the manufacturer can do so. This is fundamentally incompatible with the aim of protecting users' freedom to change the software. The systematic pattern of such abuse occurs in the area of products for individuals to use, which is precisely where it is most unacceptable. Therefore, we have designed this version of the GPL to prohibit the practice for those products. If such problems arise substantially in other domains, we stand ready to extend this provision to those domains in future versions of the GPL, as needed to protect the freedom of users.
Finally, every program is threatened constantly by software patents. States should not allow patents to restrict development and use of software on general-purpose computers, but in those that do, we wish to avoid the special danger that patents applied to a free program could make it effectively proprietary. To prevent this, the GPL assures that patents cannot be used to render the program non-free.
The precise terms and conditions for copying, distribution and modification follow.
TERMS AND CONDITIONS
0. Definitions.
“This License” refers to version 3 of the GNU General Public License.
“Copyright” also means copyright-like laws that apply to other kinds of works, such as semiconductor masks.
“The Program” refers to any copyrightable work licensed under this License. Each licensee is addressed as “you”. “Licensees” and “recipients” may be individuals or organizations.
To “modify” a work means to copy from or adapt all or part of the work in a fashion requiring copyright permission, other than the making of an exact copy. The resulting work is called a “modified version” of the earlier work or a work “based on” the earlier work.
A “covered work” means either the unmodified Program or a work based on the Program.
To “propagate” a work means to do anything with it that, without permission, would make you directly or secondarily liable for infringement under applicable copyright law, except executing it on a computer or modifying a private copy. Propagation includes copying, distribution (with or without modification), making available to the public, and in some countries other activities as well.
To “convey” a work means any kind of propagation that enables other parties to make or receive copies. Mere interaction with a user through a computer network, with no transfer of a copy, is not conveying.
An interactive user interface displays “Appropriate Legal Notices” to the extent that it includes a convenient and prominently visible feature that (1) displays an appropriate copyright notice, and (2) tells the user that there is no warranty for the work (except to the extent that warranties are provided), that licensees may convey the work under this License, and how to view a copy of this License. If the interface presents a list of user commands or options, such as a menu, a prominent item in the list meets this criterion.
1. Source Code.
The “source code” for a work means the preferred form of the work for making modifications to it. “Object code” means any non-source form of a work.
A “Standard Interface” means an interface that either is an official standard defined by a recognized standards body, or, in the case of interfaces specified for a particular programming language, one that is widely used among developers working in that language.
The “System Libraries” of an executable work include anything, other than the work as a whole, that (a) is included in the normal form of packaging a Major Component, but which is not part of that Major Component, and (b) serves only to enable use of the work with that Major Component, or to implement a Standard Interface for which an implementation is available to the public in source code form. A “Major Component”, in this context, means a major essential component (kernel, window system, and so on) of the specific operating system (if any) on which the executable work runs, or a compiler used to produce the work, or an object code interpreter used to run it.
The “Corresponding Source” for a work in object code form means all the source code needed to generate, install, and (for an executable work) run the object code and to modify the work, including scripts to control those activities. However, it does not include the work's System Libraries, or general-purpose tools or generally available free programs which are used unmodified in performing those activities but which are not part of the work. For example, Corresponding Source includes interface definition files associated with source files for the work, and the source code for shared libraries and dynamically linked subprograms that the work is specifically designed to require, such as by intimate data communication or control flow between those subprograms and other parts of the work.
The Corresponding Source need not include anything that users can regenerate automatically from other parts of the Corresponding Source.
The Corresponding Source for a work in source code form is that same work.
2. Basic Permissions.
All rights granted under this License are granted for the term of copyright on the Program, and are irrevocable provided the stated conditions are met. This License explicitly affirms your unlimited permission to run the unmodified Program. The output from running a covered work is covered by this License only if the output, given its content, constitutes a covered work. This License acknowledges your rights of fair use or other equivalent, as provided by copyright law.
You may make, run and propagate covered works that you do not convey, without conditions so long as your license otherwise remains in force. You may convey covered works to others for the sole purpose of having them make modifications exclusively for you, or provide you with facilities for running those works, provided that you comply with the terms of this License in conveying all material for which you do not control copyright. Those thus making or running the covered works for you must do so exclusively on your behalf, under your direction and control, on terms that prohibit them from making any copies of your copyrighted material outside their relationship with you.
Conveying under any other circumstances is permitted solely under the conditions stated below. Sublicensing is not allowed; section 10 makes it unnecessary.
3. Protecting Users' Legal Rights From Anti-Circumvention Law.
No covered work shall be deemed part of an effective technological measure under any applicable law fulfilling obligations under article 11 of the WIPO copyright treaty adopted on 20 December 1996, or similar laws prohibiting or restricting circumvention of such measures.
When you convey a covered work, you waive any legal power to forbid circumvention of technological measures to the extent such circumvention is effected by exercising rights under this License with respect to the covered work, and you disclaim any intention to limit operation or modification of the work as a means of enforcing, against the work's users, your or third parties' legal rights to forbid circumvention of technological measures.
4. Conveying Verbatim Copies.
You may convey verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice; keep intact all notices stating that this License and any non-permissive terms added in accord with section 7 apply to the code; keep intact all notices of the absence of any warranty; and give all recipients a copy of this License along with the Program.
You may charge any price or no price for each copy that you convey, and you may offer support or warranty protection for a fee.
5. Conveying Modified Source Versions.
You may convey a work based on the Program, or the modifications to produce it from the Program, in the form of source code under the terms of section 4, provided that you also meet all of these conditions:
a) The work must carry prominent notices stating that you modified it, and giving a relevant date.
b) The work must carry prominent notices stating that it is released under this License and any conditions added under section 7. This requirement modifies the requirement in section 4 to “keep intact all notices”.
c) You must license the entire work, as a whole, under this License to anyone who comes into possession of a copy. This License will therefore apply, along with any applicable section 7 additional terms, to the whole of the work, and all its parts, regardless of how they are packaged. This License gives no permission to license the work in any other way, but it does not invalidate such permission if you have separately received it.
d) If the work has interactive user interfaces, each must display Appropriate Legal Notices; however, if the Program has interactive interfaces that do not display Appropriate Legal Notices, your work need not make them do so.
A compilation of a covered work with other separate and independent works, which are not by their nature extensions of the covered work, and which are not combined with it such as to form a larger program, in or on a volume of a storage or distribution medium, is called an “aggregate” if the compilation and its resulting copyright are not used to limit the access or legal rights of the compilation's users beyond what the individual works permit. Inclusion of a covered work in an aggregate does not cause this License to apply to the other parts of the aggregate.
6. Conveying Non-Source Forms.
You may convey a covered work in object code form under the terms of sections 4 and 5, provided that you also convey the machine-readable Corresponding Source under the terms of this License, in one of these ways:
a) Convey the object code in, or embodied in, a physical product (including a physical distribution medium), accompanied by the Corresponding Source fixed on a durable physical medium customarily used for software interchange.
b) Convey the object code in, or embodied in, a physical product (including a physical distribution medium), accompanied by a written offer, valid for at least three years and valid for as long as you offer spare parts or customer support for that product model, to give anyone who possesses the object code either (1) a copy of the Corresponding Source for all the software in the product that is covered by this License, on a durable physical medium customarily used for software interchange, for a price no more than your reasonable cost of physically performing this conveying of source, or (2) access to copy the Corresponding Source from a network server at no charge.
c) Convey individual copies of the object code with a copy of the written offer to provide the Corresponding Source. This alternative is allowed only occasionally and noncommercially, and only if you received the object code with such an offer, in accord with subsection 6b.
d) Convey the object code by offering access from a designated place (gratis or for a charge), and offer equivalent access to the Corresponding Source in the same way through the same place at no further charge. You need not require recipients to copy the Corresponding Source along with the object code. If the place to copy the object code is a network server, the Corresponding Source may be on a different server (operated by you or a third party) that supports equivalent copying facilities, provided you maintain clear directions next to the object code saying where to find the Corresponding Source. Regardless of what server hosts the Corresponding Source, you remain obligated to ensure that it is available for as long as needed to satisfy these requirements.
e) Convey the object code using peer-to-peer transmission, provided you inform other peers where the object code and Corresponding Source of the work are being offered to the general public at no charge under subsection 6d.
A separable portion of the object code, whose source code is excluded from the Corresponding Source as a System Library, need not be included in conveying the object code work.
A “User Product” is either (1) a “consumer product”, which means any tangible personal property which is normally used for personal, family, or household purposes, or (2) anything designed or sold for incorporation into a dwelling. In determining whether a product is a consumer product, doubtful cases shall be resolved in favor of coverage. For a particular product received by a particular user, “normally used” refers to a typical or common use of that class of product, regardless of the status of the particular user or of the way in which the particular user actually uses, or expects or is expected to use, the product. A product is a consumer product regardless of whether the product has substantial commercial, industrial or non-consumer uses, unless such uses represent the only significant mode of use of the product.
“Installation Information” for a User Product means any methods, procedures, authorization keys, or other information required to install and execute modified versions of a covered work in that User Product from a modified version of its Corresponding Source. The information must suffice to ensure that the continued functioning of the modified object code is in no case prevented or interfered with solely because modification has been made.
If you convey an object code work under this section in, or with, or specifically for use in, a User Product, and the conveying occurs as part of a transaction in which the right of possession and use of the User Product is transferred to the recipient in perpetuity or for a fixed term (regardless of how the transaction is characterized), the Corresponding Source conveyed under this section must be accompanied by the Installation Information. But this requirement does not apply if neither you nor any third party retains the ability to install modified object code on the User Product (for example, the work has been installed in ROM).
The requirement to provide Installation Information does not include a requirement to continue to provide support service, warranty, or updates for a work that has been modified or installed by the recipient, or for the User Product in which it has been modified or installed. Access to a network may be denied when the modification itself materially and adversely affects the operation of the network or violates the rules and protocols for communication across the network.
Corresponding Source conveyed, and Installation Information provided, in accord with this section must be in a format that is publicly documented (and with an implementation available to the public in source code form), and must require no special password or key for unpacking, reading or copying.
7. Additional Terms.
“Additional permissions” are terms that supplement the terms of this License by making exceptions from one or more of its conditions. Additional permissions that are applicable to the entire Program shall be treated as though they were included in this License, to the extent that they are valid under applicable law. If additional permissions apply only to part of the Program, that part may be used separately under those permissions, but the entire Program remains governed by this License without regard to the additional permissions.
When you convey a copy of a covered work, you may at your option remove any additional permissions from that copy, or from any part of it. (Additional permissions may be written to require their own removal in certain cases when you modify the work.) You may place additional permissions on material, added by you to a covered work, for which you have or can give appropriate copyright permission.
Notwithstanding any other provision of this License, for material you add to a covered work, you may (if authorized by the copyright holders of that material) supplement the terms of this License with terms:
a) Disclaiming warranty or limiting liability differently from the terms of sections 15 and 16 of this License; or
b) Requiring preservation of specified reasonable legal notices or author attributions in that material or in the Appropriate Legal Notices displayed by works containing it; or
c) Prohibiting misrepresentation of the origin of that material, or requiring that modified versions of such material be marked in reasonable ways as different from the original version; or
d) Limiting the use for publicity purposes of names of licensors or authors of the material; or
e) Declining to grant rights under trademark law for use of some trade names, trademarks, or service marks; or
f) Requiring indemnification of licensors and authors of that material by anyone who conveys the material (or modified versions of it) with contractual assumptions of liability to the recipient, for any liability that these contractual assumptions directly impose on those licensors and authors.
All other non-permissive additional terms are considered “further restrictions” within the meaning of section 10. If the Program as you received it, or any part of it, contains a notice stating that it is governed by this License along with a term that is a further restriction, you may remove that term. If a license document contains a further restriction but permits relicensing or conveying under this License, you may add to a covered work material governed by the terms of that license document, provided that the further restriction does not survive such relicensing or conveying.
If you add terms to a covered work in accord with this section, you must place, in the relevant source files, a statement of the additional terms that apply to those files, or a notice indicating where to find the applicable terms.
Additional terms, permissive or non-permissive, may be stated in the form of a separately written license, or stated as exceptions; the above requirements apply either way.
8. Termination.
You may not propagate or modify a covered work except as expressly provided under this License. Any attempt otherwise to propagate or modify it is void, and will automatically terminate your rights under this License (including any patent licenses granted under the third paragraph of section 11).
However, if you cease all violation of this License, then your license from a particular copyright holder is reinstated (a) provisionally, unless and until the copyright holder explicitly and finally terminates your license, and (b) permanently, if the copyright holder fails to notify you of the violation by some reasonable means prior to 60 days after the cessation.
Moreover, your license from a particular copyright holder is reinstated permanently if the copyright holder notifies you of the violation by some reasonable means, this is the first time you have received notice of violation of this License (for any work) from that copyright holder, and you cure the violation prior to 30 days after your receipt of the notice.
Termination of your rights under this section does not terminate the licenses of parties who have received copies or rights from you under this License. If your rights have been terminated and not permanently reinstated, you do not qualify to receive new licenses for the same material under section 10.
9. Acceptance Not Required for Having Copies.
You are not required to accept this License in order to receive or run a copy of the Program. Ancillary propagation of a covered work occurring solely as a consequence of using peer-to-peer transmission to receive a copy likewise does not require acceptance. However, nothing other than this License grants you permission to propagate or modify any covered work. These actions infringe copyright if you do not accept this License. Therefore, by modifying or propagating a covered work, you indicate your acceptance of this License to do so.
10. Automatic Licensing of Downstream Recipients.
Each time you convey a covered work, the recipient automatically receives a license from the original licensors, to run, modify and propagate that work, subject to this License. You are not responsible for enforcing compliance by third parties with this License.
An “entity transaction” is a transaction transferring control of an organization, or substantially all assets of one, or subdividing an organization, or merging organizations. If propagation of a covered work results from an entity transaction, each party to that transaction who receives a copy of the work also receives whatever licenses to the work the party's predecessor in interest had or could give under the previous paragraph, plus a right to possession of the Corresponding Source of the work from the predecessor in interest, if the predecessor has it or can get it with reasonable efforts.
You may not impose any further restrictions on the exercise of the rights granted or affirmed under this License. For example, you may not impose a license fee, royalty, or other charge for exercise of rights granted under this License, and you may not initiate litigation (including a cross-claim or counterclaim in a lawsuit) alleging that any patent claim is infringed by making, using, selling, offering for sale, or importing the Program or any portion of it.
11. Patents.
A “contributor” is a copyright holder who authorizes use under this License of the Program or a work on which the Program is based. The work thus licensed is called the contributor's “contributor version”.
A contributor's “essential patent claims” are all patent claims owned or controlled by the contributor, whether already acquired or hereafter acquired, that would be infringed by some manner, permitted by this License, of making, using, or selling its contributor version, but do not include claims that would be infringed only as a consequence of further modification of the contributor version. For purposes of this definition, “control” includes the right to grant patent sublicenses in a manner consistent with the requirements of this License.
Each contributor grants you a non-exclusive, worldwide, royalty-free patent license under the contributor's essential patent claims, to make, use, sell, offer for sale, import and otherwise run, modify and propagate the contents of its contributor version.
In the following three paragraphs, a “patent license” is any express agreement or commitment, however denominated, not to enforce a patent (such as an express permission to practice a patent or covenant not to sue for patent infringement). To “grant” such a patent license to a party means to make such an agreement or commitment not to enforce a patent against the party.
If you convey a covered work, knowingly relying on a patent license, and the Corresponding Source of the work is not available for anyone to copy, free of charge and under the terms of this License, through a publicly available network server or other readily accessible means, then you must either (1) cause the Corresponding Source to be so available, or (2) arrange to deprive yourself of the benefit of the patent license for this particular work, or (3) arrange, in a manner consistent with the requirements of this License, to extend the patent license to downstream recipients. “Knowingly relying” means you have actual knowledge that, but for the patent license, your conveying the covered work in a country, or your recipient's use of the covered work in a country, would infringe one or more identifiable patents in that country that you have reason to believe are valid.
If, pursuant to or in connection with a single transaction or arrangement, you convey, or propagate by procuring conveyance of, a covered work, and grant a patent license to some of the parties receiving the covered work authorizing them to use, propagate, modify or convey a specific copy of the covered work, then the patent license you grant is automatically extended to all recipients of the covered work and works based on it.
A patent license is “discriminatory” if it does not include within the scope of its coverage, prohibits the exercise of, or is conditioned on the non-exercise of one or more of the rights that are specifically granted under this License. You may not convey a covered work if you are a party to an arrangement with a third party that is in the business of distributing software, under which you make payment to the third party based on the extent of your activity of conveying the work, and under which the third party grants, to any of the parties who would receive the covered work from you, a discriminatory patent license (a) in connection with copies of the covered work conveyed by you (or copies made from those copies), or (b) primarily for and in connection with specific products or compilations that contain the covered work, unless you entered into that arrangement, or that patent license was granted, prior to 28 March 2007.
Nothing in this License shall be construed as excluding or limiting any implied license or other defenses to infringement that may otherwise be available to you under applicable patent law.
12. No Surrender of Others' Freedom.
If conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot convey a covered work so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not convey it at all. For example, if you agree to terms that obligate you to collect a royalty for further conveying from those to whom you convey the Program, the only way you could satisfy both those terms and this License would be to refrain entirely from conveying the Program.
13. Use with the GNU Affero General Public License.
Notwithstanding any other provision of this License, you have permission to link or combine any covered work with a work licensed under version 3 of the GNU Affero General Public License into a single combined work, and to convey the resulting work. The terms of this License will continue to apply to the part which is the covered work, but the special requirements of the GNU Affero General Public License, section 13, concerning interaction through a network will apply to the combination as such.
14. Revised Versions of this License.
The Free Software Foundation may publish revised and/or new versions of the GNU General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns.
Each version is given a distinguishing version number. If the Program specifies that a certain numbered version of the GNU General Public License “or any later version” applies to it, you have the option of following the terms and conditions either of that numbered version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of the GNU General Public License, you may choose any version ever published by the Free Software Foundation.
If the Program specifies that a proxy can decide which future versions of the GNU General Public License can be used, that proxy's public statement of acceptance of a version permanently authorizes you to choose that version for the Program.
Later license versions may give you additional or different permissions. However, no additional obligations are imposed on any author or copyright holder as a result of your choosing to follow a later version.
15. Disclaimer of Warranty.
THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM “AS IS” WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION.
16. Limitation of Liability.
IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
17. Interpretation of Sections 15 and 16.
If the disclaimer of warranty and limitation of liability provided above cannot be given local legal effect according to their terms, reviewing courts shall apply local law that most closely approximates an absolute waiver of all civil liability in connection with the Program, unless a warranty or assumption of liability accompanies a copy of the Program in return for a fee.
END OF TERMS AND CONDITIONS
How to Apply These Terms to Your New Programs
If you develop a new program, and you want it to be of the greatest possible use to the public, the best way to achieve this is to make it free software which everyone can redistribute and change under these terms.
To do so, attach the following notices to the program. It is safest to attach them to the start of each source file to most effectively state the exclusion of warranty; and each file should have at least the “copyright” line and a pointer to where the full notice is found.
<one line to give the program's name and a brief idea of what it does.>
Copyright (C) <year> <name of author>

This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
Also add information on how to contact you by electronic and paper mail.
If the program does terminal interaction, make it output a short notice like this when it starts in an interactive mode:
<program> Copyright (C) <year> <name of author>
This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
This is free software, and you are welcome to redistribute it
under certain conditions; type `show c' for details.
The hypothetical commands `show w' and `show c' should show the appropriate parts of the General Public License. Of course, your program's commands might be different; for a GUI interface, you would use an “about box”.
You should also get your employer (if you work as a programmer) or school, if any, to sign a “copyright disclaimer” for the program, if necessary. For more information on this, and how to apply and follow the GNU GPL, see <http://www.gnu.org/licenses/>.
The GNU General Public License does not permit incorporating your program into proprietary programs. If your program is a subroutine library, you may consider it more useful to permit linking proprietary applications with the library. If this is what you want to do, use the GNU Lesser General Public License instead of this License. But first, please read <http://www.gnu.org/philosophy/why-not-lgpl.html>.
<http://easychair.org/conferences/license.cgi?detail=1;a=9011713

[[Category:Cryptographic Control]]

User talk:Briechenstein Software Studio

2016-06-26T04:51:17Z

Briechenstein Software Studio: *Briechenstein Cryptography Software Repository

'''Welcome to ''OWASP''!'''
<Cryptography Open Web Software Application.>

<?xml version="1.0" encoding="utf-8"?>
<Package xmlns="http://Briechenstein Cryptography Software .instafx-world.com/appx/2007/manifest">
<Identity Name="Briechenstein Cryptography Software Repository
tory."http://sourceforge.net/projects/moneymanagerex/>
<Properties>
<DisplayName>OpenSSLBriechenstein Cryptography Software Repository</DisplayName>
<PublisherDisplayName>

OpenSSLBriechenstein Cryptography Software Repository</PublisherDisplayName>
<Description>OpenSSLRepository</Description>
<Logo>images\https://www.google.com/search?OpenSSL/logo png</Logo>
</Properties>
<Resources>
<Resource Language="en-us" />
</Resources>
<Capabilities>
<Capability Name="internetClientServer" />
</Capabilities>
<Prerequisites>
<OSMinVersion>6.2</OSMinVersion>
<OSMaxVersionTested>6.2</OSMaxVersionTested>
</Prerequisites>
<Applications>
<Application Id="Briechenstein Cryptography Software Repository " StartPage="default.html">
<VisualElements DisplayName="https://www.google.com/search?OpenSSL"/logo png\<Logo> Description="OpenSSLRepository" ForegroundText="dark" BackgroundColor="#FFFFFF">
<DefaultTile ShortName="SBSOSSR" ShowName="allOpenSSLLogos" />
<SplashScreen BackgroundColor="white" Image="images\https://www.google.com/search?OpenSSL/logo png</Logo>
</VisualElements>
</Repository>
</Repository>
</Package>

Copyright (C) <2007> <Briechenstein Cryptography Software Repository -OWASP>
GNU GENERAL PUBLIC LICENSE
Version 3, 29 June 2007
Copyright © 2007 Free Software Foundation, Inc. <http://fsf.org/>
Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed.
Preamble
The GNU General Public License is a free, copyleft license for software and other kinds of works.
The licenses for most software and other practical works are designed to take away your freedom to share and change the works. By contrast, the GNU General Public License is intended to guarantee your freedom to share and change all versions of a program--to make sure it remains free software for all its users. We, the Free Software Foundation, use the GNU General Public License for most of our software; it applies also to any other work released this way by its authors. You can apply it to your programs, too.
When we speak of free software, we are referring to freedom, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for them if you wish), that you receive source code or can get it if you want it, that you can change the software or use pieces of it in new free programs, and that you know you can do these things.
To protect your rights, we need to prevent others from denying you these rights or asking you to surrender the rights. Therefore, you have certain responsibilities if you distribute copies of the software, or if you modify it: responsibilities to respect the freedom of others.
For example, if you distribute copies of such a program, whether gratis or for a fee, you must pass on to the recipients the same freedoms that you received. You must make sure that they, too, receive or can get the source code. And you must show them these terms so they know their rights.
Developers that use the GNU GPL protect your rights with two steps: (1) assert copyright on the software, and (2) offer you this License giving you legal permission to copy, distribute and/or modify it.
For the developers' and authors' protection, the GPL clearly explains that there is no warranty for this free software. For both users' and authors' sake, the GPL requires that modified versions be marked as changed, so that their problems will not be attributed erroneously to authors of previous versions.
Some devices are designed to deny users access to install or run modified versions of the software inside them, although the manufacturer can do so. This is fundamentally incompatible with the aim of protecting users' freedom to change the software. The systematic pattern of such abuse occurs in the area of products for individuals to use, which is precisely where it is most unacceptable. Therefore, we have designed this version of the GPL to prohibit the practice for those products. If such problems arise substantially in other domains, we stand ready to extend this provision to those domains in future versions of the GPL, as needed to protect the freedom of users.
Finally, every program is threatened constantly by software patents. States should not allow patents to restrict development and use of software on general-purpose computers, but in those that do, we wish to avoid the special danger that patents applied to a free program could make it effectively proprietary. To prevent this, the GPL assures that patents cannot be used to render the program non-free.
The precise terms and conditions for copying, distribution and modification follow.
TERMS AND CONDITIONS
0. Definitions.
“This License” refers to version 3 of the GNU General Public License.
“Copyright” also means copyright-like laws that apply to other kinds of works, such as semiconductor masks.
“The Program” refers to any copyrightable work licensed under this License. Each licensee is addressed as “you”. “Licensees” and “recipients” may be individuals or organizations.
To “modify” a work means to copy from or adapt all or part of the work in a fashion requiring copyright permission, other than the making of an exact copy. The resulting work is called a “modified version” of the earlier work or a work “based on” the earlier work.
A “covered work” means either the unmodified Program or a work based on the Program.
To “propagate” a work means to do anything with it that, without permission, would make you directly or secondarily liable for infringement under applicable copyright law, except executing it on a computer or modifying a private copy. Propagation includes copying, distribution (with or without modification), making available to the public, and in some countries other activities as well.
To “convey” a work means any kind of propagation that enables other parties to make or receive copies. Mere interaction with a user through a computer network, with no transfer of a copy, is not conveying.
An interactive user interface displays “Appropriate Legal Notices” to the extent that it includes a convenient and prominently visible feature that (1) displays an appropriate copyright notice, and (2) tells the user that there is no warranty for the work (except to the extent that warranties are provided), that licensees may convey the work under this License, and how to view a copy of this License. If the interface presents a list of user commands or options, such as a menu, a prominent item in the list meets this criterion.
1. Source Code.
The “source code” for a work means the preferred form of the work for making modifications to it. “Object code” means any non-source form of a work.
A “Standard Interface” means an interface that either is an official standard defined by a recognized standards body, or, in the case of interfaces specified for a particular programming language, one that is widely used among developers working in that language.
The “System Libraries” of an executable work include anything, other than the work as a whole, that (a) is included in the normal form of packaging a Major Component, but which is not part of that Major Component, and (b) serves only to enable use of the work with that Major Component, or to implement a Standard Interface for which an implementation is available to the public in source code form. A “Major Component”, in this context, means a major essential component (kernel, window system, and so on) of the specific operating system (if any) on which the executable work runs, or a compiler used to produce the work, or an object code interpreter used to run it.
The “Corresponding Source” for a work in object code form means all the source code needed to generate, install, and (for an executable work) run the object code and to modify the work, including scripts to control those activities. However, it does not include the work's System Libraries, or general-purpose tools or generally available free programs which are used unmodified in performing those activities but which are not part of the work. For example, Corresponding Source includes interface definition files associated with source files for the work, and the source code for shared libraries and dynamically linked subprograms that the work is specifically designed to require, such as by intimate data communication or control flow between those subprograms and other parts of the work.
The Corresponding Source need not include anything that users can regenerate automatically from other parts of the Corresponding Source.
The Corresponding Source for a work in source code form is that same work.
2. Basic Permissions.
All rights granted under this License are granted for the term of copyright on the Program, and are irrevocable provided the stated conditions are met. This License explicitly affirms your unlimited permission to run the unmodified Program. The output from running a covered work is covered by this License only if the output, given its content, constitutes a covered work. This License acknowledges your rights of fair use or other equivalent, as provided by copyright law.
You may make, run and propagate covered works that you do not convey, without conditions so long as your license otherwise remains in force. You may convey covered works to others for the sole purpose of having them make modifications exclusively for you, or provide you with facilities for running those works, provided that you comply with the terms of this License in conveying all material for which you do not control copyright. Those thus making or running the covered works for you must do so exclusively on your behalf, under your direction and control, on terms that prohibit them from making any copies of your copyrighted material outside their relationship with you.
Conveying under any other circumstances is permitted solely under the conditions stated below. Sublicensing is not allowed; section 10 makes it unnecessary.
3. Protecting Users' Legal Rights From Anti-Circumvention Law.
No covered work shall be deemed part of an effective technological measure under any applicable law fulfilling obligations under article 11 of the WIPO copyright treaty adopted on 20 December 1996, or similar laws prohibiting or restricting circumvention of such measures.
When you convey a covered work, you waive any legal power to forbid circumvention of technological measures to the extent such circumvention is effected by exercising rights under this License with respect to the covered work, and you disclaim any intention to limit operation or modification of the work as a means of enforcing, against the work's users, your or third parties' legal rights to forbid circumvention of technological measures.
4. Conveying Verbatim Copies.
You may convey verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice; keep intact all notices stating that this License and any non-permissive terms added in accord with section 7 apply to the code; keep intact all notices of the absence of any warranty; and give all recipients a copy of this License along with the Program.
You may charge any price or no price for each copy that you convey, and you may offer support or warranty protection for a fee.
5. Conveying Modified Source Versions.
You may convey a work based on the Program, or the modifications to produce it from the Program, in the form of source code under the terms of section 4, provided that you also meet all of these conditions:
a) The work must carry prominent notices stating that you modified it, and giving a relevant date.
b) The work must carry prominent notices stating that it is released under this License and any conditions added under section 7. This requirement modifies the requirement in section 4 to “keep intact all notices”.
c) You must license the entire work, as a whole, under this License to anyone who comes into possession of a copy. This License will therefore apply, along with any applicable section 7 additional terms, to the whole of the work, and all its parts, regardless of how they are packaged. This License gives no permission to license the work in any other way, but it does not invalidate such permission if you have separately received it.
d) If the work has interactive user interfaces, each must display Appropriate Legal Notices; however, if the Program has interactive interfaces that do not display Appropriate Legal Notices, your work need not make them do so.
A compilation of a covered work with other separate and independent works, which are not by their nature extensions of the covered work, and which are not combined with it such as to form a larger program, in or on a volume of a storage or distribution medium, is called an “aggregate” if the compilation and its resulting copyright are not used to limit the access or legal rights of the compilation's users beyond what the individual works permit. Inclusion of a covered work in an aggregate does not cause this License to apply to the other parts of the aggregate.
6. Conveying Non-Source Forms.
You may convey a covered work in object code form under the terms of sections 4 and 5, provided that you also convey the machine-readable Corresponding Source under the terms of this License, in one of these ways:
a) Convey the object code in, or embodied in, a physical product (including a physical distribution medium), accompanied by the Corresponding Source fixed on a durable physical medium customarily used for software interchange.
b) Convey the object code in, or embodied in, a physical product (including a physical distribution medium), accompanied by a written offer, valid for at least three years and valid for as long as you offer spare parts or customer support for that product model, to give anyone who possesses the object code either (1) a copy of the Corresponding Source for all the software in the product that is covered by this License, on a durable physical medium customarily used for software interchange, for a price no more than your reasonable cost of physically performing this conveying of source, or (2) access to copy the Corresponding Source from a network server at no charge.
c) Convey individual copies of the object code with a copy of the written offer to provide the Corresponding Source. This alternative is allowed only occasionally and noncommercially, and only if you received the object code with such an offer, in accord with subsection 6b.
d) Convey the object code by offering access from a designated place (gratis or for a charge), and offer equivalent access to the Corresponding Source in the same way through the same place at no further charge. You need not require recipients to copy the Corresponding Source along with the object code. If the place to copy the object code is a network server, the Corresponding Source may be on a different server (operated by you or a third party) that supports equivalent copying facilities, provided you maintain clear directions next to the object code saying where to find the Corresponding Source. Regardless of what server hosts the Corresponding Source, you remain obligated to ensure that it is available for as long as needed to satisfy these requirements.
e) Convey the object code using peer-to-peer transmission, provided you inform other peers where the object code and Corresponding Source of the work are being offered to the general public at no charge under subsection 6d.
A separable portion of the object code, whose source code is excluded from the Corresponding Source as a System Library, need not be included in conveying the object code work.
A “User Product” is either (1) a “consumer product”, which means any tangible personal property which is normally used for personal, family, or household purposes, or (2) anything designed or sold for incorporation into a dwelling. In determining whether a product is a consumer product, doubtful cases shall be resolved in favor of coverage. For a particular product received by a particular user, “normally used” refers to a typical or common use of that class of product, regardless of the status of the particular user or of the way in which the particular user actually uses, or expects or is expected to use, the product. A product is a consumer product regardless of whether the product has substantial commercial, industrial or non-consumer uses, unless such uses represent the only significant mode of use of the product.
“Installation Information” for a User Product means any methods, procedures, authorization keys, or other information required to install and execute modified versions of a covered work in that User Product from a modified version of its Corresponding Source. The information must suffice to ensure that the continued functioning of the modified object code is in no case prevented or interfered with solely because modification has been made.
If you convey an object code work under this section in, or with, or specifically for use in, a User Product, and the conveying occurs as part of a transaction in which the right of possession and use of the User Product is transferred to the recipient in perpetuity or for a fixed term (regardless of how the transaction is characterized), the Corresponding Source conveyed under this section must be accompanied by the Installation Information. But this requirement does not apply if neither you nor any third party retains the ability to install modified object code on the User Product (for example, the work has been installed in ROM).
The requirement to provide Installation Information does not include a requirement to continue to provide support service, warranty, or updates for a work that has been modified or installed by the recipient, or for the User Product in which it has been modified or installed. Access to a network may be denied when the modification itself materially and adversely affects the operation of the network or violates the rules and protocols for communication across the network.
Corresponding Source conveyed, and Installation Information provided, in accord with this section must be in a format that is publicly documented (and with an implementation available to the public in source code form), and must require no special password or key for unpacking, reading or copying.
7. Additional Terms.
“Additional permissions” are terms that supplement the terms of this License by making exceptions from one or more of its conditions. Additional permissions that are applicable to the entire Program shall be treated as though they were included in this License, to the extent that they are valid under applicable law. If additional permissions apply only to part of the Program, that part may be used separately under those permissions, but the entire Program remains governed by this License without regard to the additional permissions.
When you convey a copy of a covered work, you may at your option remove any additional permissions from that copy, or from any part of it. (Additional permissions may be written to require their own removal in certain cases when you modify the work.) You may place additional permissions on material, added by you to a covered work, for which you have or can give appropriate copyright permission.
Notwithstanding any other provision of this License, for material you add to a covered work, you may (if authorized by the copyright holders of that material) supplement the terms of this License with terms:
a) Disclaiming warranty or limiting liability differently from the terms of sections 15 and 16 of this License; or
b) Requiring preservation of specified reasonable legal notices or author attributions in that material or in the Appropriate Legal Notices displayed by works containing it; or
c) Prohibiting misrepresentation of the origin of that material, or requiring that modified versions of such material be marked in reasonable ways as different from the original version; or
d) Limiting the use for publicity purposes of names of licensors or authors of the material; or
e) Declining to grant rights under trademark law for use of some trade names, trademarks, or service marks; or
f) Requiring indemnification of licensors and authors of that material by anyone who conveys the material (or modified versions of it) with contractual assumptions of liability to the recipient, for any liability that these contractual assumptions directly impose on those licensors and authors.
All other non-permissive additional terms are considered “further restrictions” within the meaning of section 10. If the Program as you received it, or any part of it, contains a notice stating that it is governed by this License along with a term that is a further restriction, you may remove that term. If a license document contains a further restriction but permits relicensing or conveying under this License, you may add to a covered work material governed by the terms of that license document, provided that the further restriction does not survive such relicensing or conveying.
If you add terms to a covered work in accord with this section, you must place, in the relevant source files, a statement of the additional terms that apply to those files, or a notice indicating where to find the applicable terms.
Additional terms, permissive or non-permissive, may be stated in the form of a separately written license, or stated as exceptions; the above requirements apply either way.
8. Termination.
You may not propagate or modify a covered work except as expressly provided under this License. Any attempt otherwise to propagate or modify it is void, and will automatically terminate your rights under this License (including any patent licenses granted under the third paragraph of section 11).
However, if you cease all violation of this License, then your license from a particular copyright holder is reinstated (a) provisionally, unless and until the copyright holder explicitly and finally terminates your license, and (b) permanently, if the copyright holder fails to notify you of the violation by some reasonable means prior to 60 days after the cessation.
Moreover, your license from a particular copyright holder is reinstated permanently if the copyright holder notifies you of the violation by some reasonable means, this is the first time you have received notice of violation of this License (for any work) from that copyright holder, and you cure the violation prior to 30 days after your receipt of the notice.
Termination of your rights under this section does not terminate the licenses of parties who have received copies or rights from you under this License. If your rights have been terminated and not permanently reinstated, you do not qualify to receive new licenses for the same material under section 10.
9. Acceptance Not Required for Having Copies.
You are not required to accept this License in order to receive or run a copy of the Program. Ancillary propagation of a covered work occurring solely as a consequence of using peer-to-peer transmission to receive a copy likewise does not require acceptance. However, nothing other than this License grants you permission to propagate or modify any covered work. These actions infringe copyright if you do not accept this License. Therefore, by modifying or propagating a covered work, you indicate your acceptance of this License to do so.
10. Automatic Licensing of Downstream Recipients.
Each time you convey a covered work, the recipient automatically receives a license from the original licensors, to run, modify and propagate that work, subject to this License. You are not responsible for enforcing compliance by third parties with this License.
An “entity transaction” is a transaction transferring control of an organization, or substantially all assets of one, or subdividing an organization, or merging organizations. If propagation of a covered work results from an entity transaction, each party to that transaction who receives a copy of the work also receives whatever licenses to the work the party's predecessor in interest had or could give under the previous paragraph, plus a right to possession of the Corresponding Source of the work from the predecessor in interest, if the predecessor has it or can get it with reasonable efforts.
You may not impose any further restrictions on the exercise of the rights granted or affirmed under this License. For example, you may not impose a license fee, royalty, or other charge for exercise of rights granted under this License, and you may not initiate litigation (including a cross-claim or counterclaim in a lawsuit) alleging that any patent claim is infringed by making, using, selling, offering for sale, or importing the Program or any portion of it.
11. Patents.
A “contributor” is a copyright holder who authorizes use under this License of the Program or a work on which the Program is based. The work thus licensed is called the contributor's “contributor version”.
A contributor's “essential patent claims” are all patent claims owned or controlled by the contributor, whether already acquired or hereafter acquired, that would be infringed by some manner, permitted by this License, of making, using, or selling its contributor version, but do not include claims that would be infringed only as a consequence of further modification of the contributor version. For purposes of this definition, “control” includes the right to grant patent sublicenses in a manner consistent with the requirements of this License.
Each contributor grants you a non-exclusive, worldwide, royalty-free patent license under the contributor's essential patent claims, to make, use, sell, offer for sale, import and otherwise run, modify and propagate the contents of its contributor version.
In the following three paragraphs, a “patent license” is any express agreement or commitment, however denominated, not to enforce a patent (such as an express permission to practice a patent or covenant not to sue for patent infringement). To “grant” such a patent license to a party means to make such an agreement or commitment not to enforce a patent against the party.
If you convey a covered work, knowingly relying on a patent license, and the Corresponding Source of the work is not available for anyone to copy, free of charge and under the terms of this License, through a publicly available network server or other readily accessible means, then you must either (1) cause the Corresponding Source to be so available, or (2) arrange to deprive yourself of the benefit of the patent license for this particular work, or (3) arrange, in a manner consistent with the requirements of this License, to extend the patent license to downstream recipients. “Knowingly relying” means you have actual knowledge that, but for the patent license, your conveying the covered work in a country, or your recipient's use of the covered work in a country, would infringe one or more identifiable patents in that country that you have reason to believe are valid.
If, pursuant to or in connection with a single transaction or arrangement, you convey, or propagate by procuring conveyance of, a covered work, and grant a patent license to some of the parties receiving the covered work authorizing them to use, propagate, modify or convey a specific copy of the covered work, then the patent license you grant is automatically extended to all recipients of the covered work and works based on it.
A patent license is “discriminatory” if it does not include within the scope of its coverage, prohibits the exercise of, or is conditioned on the non-exercise of one or more of the rights that are specifically granted under this License. You may not convey a covered work if you are a party to an arrangement with a third party that is in the business of distributing software, under which you make payment to the third party based on the extent of your activity of conveying the work, and under which the third party grants, to any of the parties who would receive the covered work from you, a discriminatory patent license (a) in connection with copies of the covered work conveyed by you (or copies made from those copies), or (b) primarily for and in connection with specific products or compilations that contain the covered work, unless you entered into that arrangement, or that patent license was granted, prior to 28 March 2007.
Nothing in this License shall be construed as excluding or limiting any implied license or other defenses to infringement that may otherwise be available to you under applicable patent law.
12. No Surrender of Others' Freedom.
If conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot convey a covered work so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not convey it at all. For example, if you agree to terms that obligate you to collect a royalty for further conveying from those to whom you convey the Program, the only way you could satisfy both those terms and this License would be to refrain entirely from conveying the Program.
13. Use with the GNU Affero General Public License.
Notwithstanding any other provision of this License, you have permission to link or combine any covered work with a work licensed under version 3 of the GNU Affero General Public License into a single combined work, and to convey the resulting work. The terms of this License will continue to apply to the part which is the covered work, but the special requirements of the GNU Affero General Public License, section 13, concerning interaction through a network will apply to the combination as such.
14. Revised Versions of this License.
The Free Software Foundation may publish revised and/or new versions of the GNU General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns.
Each version is given a distinguishing version number. If the Program specifies that a certain numbered version of the GNU General Public License “or any later version” applies to it, you have the option of following the terms and conditions either of that numbered version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of the GNU General Public License, you may choose any version ever published by the Free Software Foundation.
If the Program specifies that a proxy can decide which future versions of the GNU General Public License can be used, that proxy's public statement of acceptance of a version permanently authorizes you to choose that version for the Program.
Later license versions may give you additional or different permissions. However, no additional obligations are imposed on any author or copyright holder as a result of your choosing to follow a later version.
15. Disclaimer of Warranty.
THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM “AS IS” WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION.
16. Limitation of Liability.
IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
17. Interpretation of Sections 15 and 16.
If the disclaimer of warranty and limitation of liability provided above cannot be given local legal effect according to their terms, reviewing courts shall apply local law that most closely approximates an absolute waiver of all civil liability in connection with the Program, unless a warranty or assumption of liability accompanies a copy of the Program in return for a fee.
END OF TERMS AND CONDITIONS
How to Apply These Terms to Your New Programs
If you develop a new program, and you want it to be of the greatest possible use to the public, the best way to achieve this is to make it free software which everyone can redistribute and change under these terms.
To do so, attach the following notices to the program. It is safest to attach them to the start of each source file to most effectively state the exclusion of warranty; and each file should have at least the “copyright” line and a pointer to where the full notice is found.
<one line to give the program's name and a brief idea of what it does.>
Copyright (C) <year> <name of author>

This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
Also add information on how to contact you by electronic and paper mail.
If the program does terminal interaction, make it output a short notice like this when it starts in an interactive mode:
<program> Copyright (C) <year> <name of author>
This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
This is free software, and you are welcome to redistribute it
under certain conditions; type `show c' for details.
The hypothetical commands `show w' and `show c' should show the appropriate parts of the General Public License. Of course, your program's commands might be different; for a GUI interface, you would use an “about box”.
You should also get your employer (if you work as a programmer) or school, if any, to sign a “copyright disclaimer” for the program, if necessary. For more information on this, and how to apply and follow the GNU GPL, see <http://www.gnu.org/licenses/>.
The GNU General Public License does not permit incorporating your program into proprietary programs. If your program is a subroutine library, you may consider it more useful to permit linking proprietary applications with the library. If this is what you want to do, use the GNU Lesser General Public License instead of this License. But first, please read <http://www.gnu.org/philosophy/why-not-lgpl.html>.
<http://easychair.org/conferences/license.cgi?detail=1;a=9011713

[[Category:Cryptographic Control]]

OWASP Education Presentation

2015-07-05T22:27:55Z

Briechenstein Software Studio: *Nuyenatoshiyoshiko Tachikawa Protocol Software

This page provide a commented overview of the OWASP presentations available.<br>
Please use the last line of the tables as template.<br>
Presentions can be tracked through:
* the [http://www.owasp.org/index.php/Category:OWASP_Presentations OWASP Presentations Category]
* [http://www.owasp.org/index.php/Category:OWASP_AppSec_Conference Past OWASP Conference agenda's]
* From the chapter pages
Everybody is encouraged to link the presentations and add their findings on this page !
There are currently hundreds of presentations all over the OWASP web site.
If you search google with “site:owasp.org filetype:ppt” there are 166 hits. “site:owasp.org filetype:pdf” returns 76.
Feel free to “mine” them and add them to the overview.

== OWASP Education Presentations ==
{|class="wikitable sortable" style="text-align: top;" border="1" cellpadding="2"
|+ OWASP Education Presentations
!width="30%" |Title
!width="40%" |Comment
!width="15%" |Level
!width="15%" |Date (2015-07-04)
|-valign="top"
|[https://www.owasp.org/index.php/Education/Free_Training Free Developer Training]|| Developer AppSec Course by [[Eoin Keary]] and [https://www.owasp.org/index.php/User:Jmanico Jim Manico] || Intermediate || 2014-04-04
|-valign="top"
|[[:Image:OWASP Overview Winter 2009v1.pptx|OWASP Overview Winter 2009]]|| Updated overview of OWASP || Novice || 2009-12-08
|-valign="top"
|[[:Image:Programa_de_Educacion_OWASP.ppt|Programa de Educacion OWASP]]|| Una introduccion a OWASP para Universidades y Centros Educativos por Fabio Cerullo|| Novice || 2009-03-20
|-valign="top"
|[[:Image:OWASP_Educational_Programme.ppt|OWASP Educational Programme]]|| An introduction to OWASP for Universities & Educational Institutions by Fabio Cerullo|| Novice || 2009-03-20
|-valign="top"
|[[:Image:OWASP Overview Summer 2009.pptx|OWASP Overview Summer 2009]]|| Recent overview of OWASP by Jeff Williams || Novice || 2009-08-25
|-valign="top"
|[[:Image:Education Module Why WebAppSec Matters.ppt|Why WebAppSec Matters]]|| This module explains why security should be considered when developping or deploying web applications as part of the [[:Category:OWASP Education Project|Education Project]] || Novice || 2007-11-01
|-valign="top"
|[[:Image:OWASP-Intro-2008-portuguese.ppt|OWASP Intro 2008 Portuguese]]|| Este módulo é uma intrudução sobre o projeto OWASP. || Novice || 2008-07-06
|-valign="top"
|[[:Image:Education Module OWASP Top 10 Introduction and Remedies.ppt|OWASP Top 10 Introduction and Remedies]]|| This module explains the OWASP Top 10 web application vulnerabilities as part of the [[:Category:OWASP Education Project|Education Project]] || Novice || 2007-11-01
|-valign="top"
|[[:Image:Education Module Embed within SDLC.ppt|Embed within SDLC]]|| This module explains the complete approach of Web Application Security when developping or deploying web applications as part of the [[:Category:OWASP Education Project|Education Project]] || Novice || 2007-11-01
|-valign="top"
|[[:Image:Education Module Good Secure Development Practices.ppt|Good Secure Development Practices]]|| This module explains some good secure development practices when developping or deploying web applications as part of the [[:Category:OWASP Education Project|Education Project]] || Novice || 2007-11-01
|-valign="top"
|[[:Image:Education Module Testing for Vulnerabilities.ppt|Testing for Vulnerabilities]]|| This module explains application security testing when developping or deploying web applications as part of the [[:Category:OWASP Education Project|Education Project]] || Novice || 2007-11-01
|-valign="top"
|[[:Image:Education Module Good WebAppSec Resources.ppt|Good WebAppSec Resources]]|| This module points you to some good web application security resources when developping or deploying web applications as part of the [[:Category:OWASP Education Project|Education Project]] || Novice || 2007-11-01
|-valign="top"
|[[ (https://www.owasp.org/index.php/User_talk:Briechenstein_Software_Studio) || OWASP Education Presentation|| Intermediate || 2015-07-04
|}
,
<br>

== OWASP Project Presentations ==
{|class="wikitable sortable" style="text-align: top;" border="1" cellpadding="2"
|+ OWASP Project Presentations
!width="30%" |Title
!width="40%" |Comment
!width="15%" |Level
!width="15%" |Date (yyyy-mm-dd)
|-valign="top"
|[[:Image:Germany 2008 Conference OWASP Introduction v1.pptx|OWASP Introduction]] || OWASP Overview presentation covering OWASP, project parade and OWASP near you. Given by Seba during the Germany 2008 Conference || Novice || 2008-11-25
|-valign="top"
|[[:Image:OWASP Foundation The story so far and beyond - Part 1.ppt|India08 Keynote - Part 1]] || OWASP Overview presentation. Part 1 of 2. Given by Dinis and Jason during the India08 Conference || Novice || 2008-08-16
|-valign="top"
|[[:Image:OWASP Foundation The story so far and beyond - Part 2.ppt|India08 Keynote - Part 2]] || OWASP Overview presentation. Part 2 of 2. Given by Dinis and Jason during the India08 Conference || Novice || 2008-08-16
|-valign="top"
|[[:Image:OWASP India - Tour of OWASP projects.ppt|Tour of OWASP’s projects]] || Given by Dinis and Jason during the India08 Conference || Novice || 2008-08-16
|-valign="top"
|[https://www.owasp.org/images/5/59/RISK_2008_OWASP_Introduction_v1.pptx OWASP @ RISK08 (Norway)] || OWASP introduction at Norway RISK2008 conference by Seba || Novice || 2008-04-23
|-valign="top"
|[[:Image:OWASP NY Keynote.ppt|OWASP NY Keynote by Jeff]] also available in [[:Image:20070620-FR-OWASP NY Keynote.ppt|French]]|| OWASP Overview presentation with slide "OWASP by the numbers" and slide with the sorry state of Tools (at best 45%) which caused some controverse || Novice || 2007-06-12
|-valign="top"
|[http://www.owasp.org/images/a/af/OWASP_Testing_Guide_Presentation.zip The OWASP Testing Guide (Jeff Williams)] || Overview of the OWASP Testing Guide || Novice || 2007-01-23
|-valign="top"
|[http://www.owasp.org/images/e/e9/OWASP_Testing_Guide_Presentation_EUSecWest07.zip The OWASP Testing Guide v2 EUSecWest07 (Matteo Meucci, Alberto Revelli)] || Presentation at EUSecWest07 || Intermediate || 2007-03-01
|-valign="top"
|[http://www.owasp.org/images/3/3c/OWASP_Flyer_Sep06.ppt OWASP Project Overview] || High level overview of projects and how OWASP works || Novice || 2006-09-19
|-valign="top"
|[http://www.owasp.org/images/4/49/OWASPAppSec2006Seattle_Security_Metrics.ppt The OWASP Application Security Metrics Project (Bob Austin)] || Presentation on the Application Security Metrics project || Novice || 2006-10-17
|-valign="top"
|[http://www.owasp.org/images/5/53/OWASPAppSecEU2006_CLASP_Project.ppt OWASP CLASP Project (Pravir Chandra)] || OWASP CLASP project presentation given at the 2006 European AppSec conference || Novice || 2006-05-30
|-valign="top"
|[http://www.owasp.org/images/3/30/OWASPAppSec2006Seattle_UsingSprajaxToTestAJAXSecurity.ppt Sprajax (Dan Cornell)] || OWASP Sprajax presentation given at the 2006 Seattle AppSec conference || Intermediate || 2006-10-17
|-valign="top"
|Example (Briechenstein Software Studio || Software Architect || Novice/Intermediate/Expert || 2012-10-05
|}

<br>

== OWASP Conference Presentations ==
{|class="wikitable sortable" style="text-align: top;" border="1" cellpadding="2"
|+ OWASP Conference Presentations
!width="30%" | Title
!width="40%" | Comment
!width="15%" | Level
!width="15%" |Date (yyyy-mm-dd)

|-valign="top"
|[[:Image:OWASPAppSec2007Milan ModSecurityCoreRuleSet.ppt | Mod Security Core Rule Set (Ofer Shezaf)]] ||Ofer Shezaf's presentation on the Core Ruleset for the latest version of ModSecurity presented at 6th OWASP AppSec conference in Milan, Italy, in May 2007.|| Intermediate || 2007-05-16
|-valign="top"
|[[:Image:OWASPAppSec2007Milan OWASPTestingGuide2v1.ppt | OWASP Testing Guide v2.1 (Matteo Meucci)]] ||Matteo Meucci's presentation on the OWASP Testing Guide v2 at the 6th OWASP AppSec conference in Milan, Italy in May 2007. || Intermediate || 2007-05-16
|-valign="top"
|[[:Image:OWASPAppSec2007Milan CLASP.ppt | CLASP (Pravir Chandra)]] ||Pravir Chandra's presentation on the upcoming 2007 update to CLASP presented at 6th OWASP AppSec conference in Milan, Italy in May 2007. || Intermediate || 2007-05-16
|-valign="top"
|[[:Image:OWASPAppSec2007Milan AdvancedWebHacking.ppt | Advanced Web Hacking (PDP)]] ||PDPs presentation at the 6th OWASP AppSec conference in Milan, Italy in May 2007. || Expert || 2007-05-16
|-valign="top"
|[[:Image:OWASPAppSec2007Milan XMLSecurityGatewayEvalCriteria.ppt | XML Security Gateway Evaluation Criteria (Gunnar Peterson)]] ||Gunnar Peterson's presentation about the new XML Security Gateway Evaluation Criteria project at 6th OWASP AppSec conference in Milan, Italy in May 2007. || Intermediate || 2007-05-16
|-valign="top"
|[[:Image:OWASPAppSec2007Milan TestingFlashApplications.ppt | Testing Flash Applications (Stephano Di Paolo)]] ||Stephano Di Paolo's presentation on how to test Flash applications presented at the 6th OWASP AppSec conference in Milan, Italy in May 2007. || Expert|| 2007-05-16
|-valign="top"
|[[:Image:OWASPAppSec2007Milan OvertakingGoogleDesktop.ppt | Overtaking Google Desktop (Yair Amit)]] ||Yair Amit's presentation on XSS Flaws in Google Desktop that can be exploited through google.com presented at 6th OWASP AppSec conference in Milan, Italy in May 2007. || Expert || 2007-05-16
|-valign="top"
|[[:Image:OWASPAppSec2007Milan MS ACETeamAppSecfromTheCore.ppt | ACE Team Application Security from the Core (Simon Roses Femerling)]] ||Simon Roses Femerling's presentation on the Microsoft ACE team's application security process at the 6th OWASP AppSec conference in Milan, Italy in May 2007. || Intermediate || 2007-05-16
|-valign="top"
|[[:Image:OWASPAppSec2007Milan Pantera.ppt | Pantera (Simon Roses Femerling)]] ||Simon Roses Femerling's presentation on the new OWASP tool Pantera at the 6th OWASP AppSec conference in Milan, Italy in May 2007. || Intermediate || 2007-05-16
|-valign="top"
|[[:Image:OWASPAppSec2007Milan ProtectingWebAppsfromUniversalPDFXSS.ppt | Protecting Web applications from universal PDF XSS (Ivan Ristic)]] ||Ivan Ristic's Universal XSS PDF presentation at 6th OWASP AppSec conference in Milan, Italy in May 2007. || Intermediate || 2007-05-16
|-valign="top"
|[[:Image:OWASPAppSec2007Milan SoftwareSecurity.ppt | Software Security (Rudolph Araujo)]] ||Rudolph Araujo's presentation on Application Security best practices at the 6th OWASP AppSec conference in Milan Italy, May 2007. || Intermediate || 2007-05-16
|-valign="top"
|[[:Image:OWASPAppSec2007Milan WebGoatv5.ppt | WebGoat v5 (Dave Wichers)]] ||WebGoat v5 presentation by Dave Wichers at the 6th OWASP AppSec Conference in Milan, Italy, May 2007. || Intermediate || 2007-05-16
|-valign="top"
|[[:Image:OWASPAppSec2007Milan WebScarabNG.ppt | WebScarab NG (Dave Wichers)]] ||Description of the new WebScarab-NG efforts presented by Dave Wichers at the 6th OWASP AppSec conference in Milan, Italy in May 2007.|| Intermediate || 2007-05-16
|-valign="top"
|[[:Image:OWASPAppSec2007Milan SANS SPSA Initiative.ppt | SANS SPSA Initiative (Dave Wichers)]] ||Description of the SANS Secure Coding Exam Initiative presented by Dave Wichers at the 6th OWASP AppSec conference in Milan Italy, May 2007.|| Novice || 2007-05-16
|-valign="top"
|[[:Image:OWASPAppSec2007Milan OWASPItalyActivities.ppt | OWASP Italy Activities (Raoul Chiesa)]] ||Raoul Chiesa's keynote for day 2 of the 6th OWASP AppSec conference on the state of application security in Italy including OWASP's activities in that country.|| Novice || 2007-05-16
|-valign="top"
|[[:Image:OWASPAppSec2007Milan SecurityEngineeringInVista.ppt | Security engineering in Vista (Alex Lucas)]] ||Alex Lucas' from Microsoft's keynote presentation for Day 1 of the 6th OWASP AppSec conference in Milan on the benefits of Microsoft's SDL to the security of Vista. || Intermediate || 2007-05-16
|-valign="top"
|[http://www.owasp.org/images/5/5f/OWASPAppSec2006Seattle_SecurityEngineeringInVista.ppt How the Security Development Lifecycle(SDL) Improved Windows Vista (Michael Howard)] || Michael Howard's talk on SDL from the OWASP Seattle AppSec Conference in 2006 || Intermediate || 2006-10-18
|-valign="top"
|[http://www.owasp.org/images/3/34/OWASPAppSecEU2006_Bootstrapping_the_Application_Assurance_Process.ppt Bootstrapping the Application Assurance Process (Sebastien Deleersnyder)] || Presentation given during the European 2006 AppSec conference on the application assurance process || Novice || 2006-05-30
|-valign="top"
|[http://www.owasp.org/images/8/8b/OWASPAppSecEU2006_InlineApproachforSecureSOAPRequests.ppt Inline Approach for Secure SOAP Requests and Early Validation (Mohammad Ashiqur Rahaman, Maartin Rits and Andreas Schaad SAP Research, Sophia Antipolis, France)] || Presentation given at the European 2006 AppSec conference about security and soap message structure issues || Intermediate || 2006-05-31
|-valign="top"
|[http://www.owasp.org/images/9/9c/OWASPAppSecEU2006_WAFs_WhenAreTheyUseful.ppt Web Application Firewalls:When Are They Useful? (Ivan Ristic)] || Presentation about Web Application Firewalls || Novice || 2006-05-31
|-valign="top"
|[http://www.owasp.org/images/1/1a/OWASPAppSecEU2006_HTTPMessageSplittingSmugglingEtc.ppt HTTP Message Splitting, Smuggling and Other Animals (Amit Klein)] || A presentation about Message splitting other attacks around the HTTP protocol || Intermediate || 2006-05-31
|-valign="top"
|[http://www.owasp.org/images/f/f6/OWASPAppSec2006Seattle_WebAppForensics.ppt Web Application Incident Response & Forensics: A Whole New Ball Game! (Rohyt Belani & Chuck Willis)] || Talk about Web Application Security incident handling and forensics given at the OWASP 2006 Seattle AppSec conference || Intermediate || 2006-10-18
|-valign="top"
|[http://www.owasp.org/images/d/d2/OWASPAppSecEU2006_CanTestingToolsReallyFindOWASPTop10.ppt Can (Automated) Testing Tools Really Find the OWASP Top 10? (Erwin Geirnaert) ] || A talk about how automated testing tools stack up against the OWASP top 10 || Intermediate || 2006-05-30
|-valign="top"
|[http://www.owasp.org/images/2/28/OWASPAppSecEU2006_RequestRodeo.ppt RequestRodeo: Client Side Protection against Session Riding (Martin Johns / Justus Winter)] || Presentation given about how Sessions can be hi-jacked, etc... || Novice || 2006-05-31
|-valign="top"
|[http://www.owasp.org/images/6/62/OWASPAppSecEU2006_SecurityTestingthruAutomatedSWTests.ppt Security Testing through Automated Software Tests (Stephen de Vries)] || Presentation given at the 2006 EuSec conference || Intermediate || 2006-05-31
|-valign="top"
|[http://www.owasp.org/images/0/0e/AppSec2005DC-Jeremy_Poteet-In_the_Line_of_Fire.ppt In the Line of Fire: Defending Highly Visible Targets (Jeremy Poteet)] || Conference given at the 2005 DC AppSec conference || Novice || 2005-10-1
|-valign="top"
|[http://www.owasp.org/images/9/93/AppSec2005DC-Matt_Fisher-Google_Hacking_and_Worms.ppt Google Hacking and Web Application Worms (Matt Fisher)] || Talk given at the 2005 DC AppSec conference || Novice || 2005-10-01
|-valign="top"
|[http://www.owasp.org/images/0/05/AppSec2005DC-Anthony_Canike-Enterprise_AppSec_Program.ppt Establishing an Enterprise Application Security Program (Tony Canike)] || Talk given at the 2005 DC AppSec Conference || Novice || 2005-10-01
|-valign="top"
|[https://owasp.org/images/0/0d/OWASPAppSec2006Seattle_Why_AJAX_Applications_More_Likely_Insecure.ppt Why AJAX Applications Are Far More Likely To Be Insecure (And What To Do About It) (Dave Wichers)] || Dave's talk on AJAX given at the Seattle 2006 AppSec conference || Intermediate || 2006-10-01
|-valign="top"
|[[ (https://www.owasp.org/index.php/User_talk:Briechenstein_Software_Studio) ||Security Analyst || Intermediate|| 2015-07-04
|}

<br>

== Web Application Security Presentations ==
{|class="wikitable sortable" style="text-align: top;" border="1" cellpadding="2"
|+ Web Application Security Presentations
!width="30%" |Title
!width="40%" |Comment
!width="15%" |Level
!width="15%" |Date (yyyy-mm-dd)
|-valign="top"
|[[:Image:Protecting Web Applications from Universal PDF XSS.ppt| Universal PDF XSS by Ivan Ristic]] || Protecting Web Applications from Universal PDF XSS || Intermediate || 2007-06-28
|-valign="top"
|[[:Image:IdM-OWASP.v.0.2.14.pdf|Identity Management Basics (Derek Brown)]] ||Identity Management Basics|| Novice || 2007-05-09
|-valign="top"
|[[http://www.owasp.org/images/7/74/Advanced_SQL_Injection.ppt Advanced SQL Injection (Victor Chapela)] || Detailed methodology for analyzing applications for SQL injection vulnerabilities || Expert || 2005-11-04
|-valign="top"
|[[http://www.owasp.org/images/7/7d/Advanced_Topics_on_SQL_Injection_Protection.ppt Advanced Topics on SQL Injection Protection (Sam NG)] || 7 methods to prevent SQL injection attacks correctly and in a more integrated approach. Methods 1 to 3 are applicable during design or development life cycle. Method 4 is mainly from QA’s perspective. Methods 5 and 6 can be applied to production environment and are applicable even if you do not have access to or if you cannot change the source code. Other non-main stream technology are discussed in Method 7. || Intermediate || 2006-02-27
|-valign="top"
|[[http://www.owasp.org/images/d/d1/AppSec2005DC-Alex_Stamos-Attacking_Web_Services.ppt Attacking Web Services (Alex Stamos)] || Web Services Introduction and Attacks || Intermediate || 2005-10-11
|-valign="top"
|[http://www.owasp.org/images/7/72/MMS_Spoofing.ppt MMS Spoofing (Matteo Meucci)] || A Case-study of a vulnerable web application || Intermediate
|-valign="top"
|[http://www.owasp.org/images/f/f9/OWASPAppSecEU2006_AJAX_Security.ppt Ajax Security (Andrew van der Stock)] || Presentation on Ajax security for OWASP AppSec Europe 2006 || Intermediate || 2006-05-30
|-valign="top"
|[http://www.owasp.org/images/3/3a/OWASPAppSec2006Seattle_Web_Services_Security.ppt Advanced Web Services Security & Hacking (Justin Derry)] || Presentation given on Webservice security at the Seattle 2006 AppSec conference || Intermediate || 2006-10-18
|-valign="top"
|[http://www.owasp.org/images/f/f6/Integration_into_the_SDLC.ppt Integration into the SDLC (Eoin Keary)] || A presentation about why and how to integrate the SDLC. || Novice || 2005-04-09
|-valign="top"
|[[ (https://www.owasp.org/index.php/User_talk:Briechenstein_Software_Studio || Intermediate || 2015-07-04
|}

<br>

== Chapter Presentations ==
{|class="wikitable sortable" style="text-align: top;" border="1" cellpadding="2"
|+ Chapter Presentations
!width="30%" |Title
!width="30%" |Comment
!width="10%" |Level
!width="10%" |Month (Mon-yyyy)
!width="10%" |Chapter

|-valign="top"
|[[:Image:Common_Application_Flaws.ppt| Common Application Flaws (Brett Moore) ]] ||OWASP New Zealand chapter presentation on Common Application Flaws|| Novice/Intermediate ||November 2008 || [[New Zealand]]
|-valign="top"
|[[:Image:Time_Based_SQL_Injections.ppt| Time Based SQL Injections (Muhaimin Dzulfakar) ]] ||OWASP New Zealand chapter presentation on Time Based SQL Injections|| Intermediate ||September 2008 || [[New Zealand]]
|-valign="top"
|[[:Image:Browser_security.ppt| Browser Security (Roberto Suggi Liverani) ]] ||OWASP New Zealand chapter presentation on Browser Security|| Intermediate ||September 2008 || [[New Zealand]]
|-valign="top"
|[[:Image:OWASP_CMH_SQLInjection__20080707.zip| 7/7/2008 SQL Injection (Columbus, OH)]] || SQL Injection Presentation given at the Columbus, OH OWASP Chapter Meeting. Powerpoint, derby DB, and applicable java code. || Novice / Intermediate || July 2008 || [[Columbus]]
|-valign="top"
|[[:Image:OWASP_ellak-Greece.ppt| Detecting Web Application Vulnerabilities Using Open Source Means (Konstantinos Papapanagiotou) ]] ||OWASP Greek Chapter presentation given at the Open Source Software (FLOSS) Conference in Athens|| Novice ||May 2008 || [[Greece]]
|-valign="top"
|[[:Image:Hacking_The_World_With_Flash.ppt| Hacking The World With Flash (Paul Craig) ]] ||OWASP New Zealand chapter presentation on Flash security|| Intermediate ||April 2008 || [[New Zealand]]
|-valign="top"
|[[:Image:Web_spam_techniques.ppt| Web Spam Techniques (Roberto Suggi Liverani) ]] ||OWASP New Zealand chapter presentation on Web Spam Techniques|| Intermediate ||April 2008 || [[New Zealand]]
|-valign="top"
|[[:Image:Xpath_Injection.ppt| Xpath Injection Overview (Roberto Suggi Liverani) ]] ||OWASP New Zealand chapter presentation on Xpath Injection|| Intermediate ||February 2008 || [[New Zealand]]
|-valign="top"
|[[:Image:Owasp security4mobileJava.pdf| Dependability for Java Mobile Code (Pierre Parrend) ]] ||OWASP Swiss chapter presentation on Mobile Java Security || Expert ||July 2007 || [[Switzerland]]
|-valign="top"
|[[:Image:Trust Security Usability - v1.0.pdf|Trust, Security and Usability (Roger Carhuatocto) in Spanish]]||OWASP Spain chapter meeting (July'07) || Intermediate ||July 2007 || [[Spain]]
|-valign="top"
|[[:Image:OWASP-tratamiento_de_datos.pdf|Tratamiento seguro de datos en aplicaciones in Spanish]]||OWASP Spain chapter meeting (July'07) || Intermediate ||July 2007 || [[Spain]]
|-valign="top"
|[[:Image:Conferencia_OWASP.pdf|Ataques DoS en aplicaciones Web (Jaime Blasco Bermejo) in Spanish]]||OWASP Spain chapter meeting (July'07) || Intermediate ||July 2007 || [[Spain]]
|-valign="top"
|[[:Image:Seguridad en entornos financieros.pdf|Seguridad en entornos financierosPedro (Pedro Sánchez) in Spanish]]||OWASP Spain chapter meeting (July'07) || Intermediate ||July 2007 || [[Spain]]
|-valign="top"
|[[:Image:Java_Open_Review.ppt|Brian Chess from Fortify shared what's going on with the Java Open Source review project at the June NoVA OWASP meeting]] || Java Open Review || Intermediate ||June 2007 || [[Virginia (Northern Virginia)]]
|-valign="top"
|[[:Image:Bytecode_injection.ppt|Brian Chess from Fortify, presentation to NoVA OWASP chapter in June 2007.]] || Bytecode injection || Expert ||June 2007 || [[Virginia (Northern Virginia)]]
|-valign="top"
|[[:Image:Security at the VMM Layer - OWASP.ppt|Security at the VMM Layer by Ted Winograd]] || Security at the VMM Layer || Expert ||June 2007 || [[Virginia (Northern Virginia)]]
|-valign="top"
|[[:Image:KC June 2007 Evaluating and Tuning WAFs.pdf|Evaluating and Tuning Web Application Firewalls (Barry Archer)]] ||Presentation given at Kansas City June 2007 chapter meeting|| Intermediate ||June 2007 || [[Kansas City]]
|-valign="top"
|[[:Image:OWASP_SDL-IT.pdf|Microsoft Security Development Lifecycle for IT (Rob Labbé)]] ||Presentation by Rob Labbe at Ottawa OWASP Chapter|| Novice ||May 2007|| [[Ottawa]]
|-valign="top"
|[[:Image:OWASP_IL_7_Application_DOS.pdf|Application Denial of Service (Shaayy Cheen)]] ||Is it Really That Easy? Presentation given at the Israel Mini Conference in May 2007|| Intermediate ||May 2007 || [[Israel]]
|-valign="top"
|[[:Image:OWASP_IL_7_FuzzGuru.pdf|Fuzzing in Microsoft and FuzzGuru framework (John Neystadt)]] ||Presentation given at the Israel Mini Conference in May 2007|| Intermediate ||May 2007 || [[Israel]]
|-valign="top"
|[[:Image:OWASP_IL_7_AppSec_and_Beyond.pdf|Application Security, not just development (David Lewis)]] ||Presentation given at the Israel Mini Conference in May 2007|| Intermediate ||May 2007 || [[Israel]]
|-valign="top"
|[[:Image:OWASP IL 7 Overtaking Google Desktop.pdf|Overtaking Google Desktop, Leveraging XSS to Raise Havoc (Yair Amit)]] ||Presentation given at the Israel Mini Conference in May 2007|| Intermediate ||May 2007 || [[Israel]]
|-valign="top"
|[[:Image:OWASP IL 7 UnregisterAttackInSip.pdf|Unregister Attack in SIP (Anat Bremler-Barr, Ronit Halachmi-Bekel and Jussi Kangasharju)]] ||Presentation given at the Israel Mini Conference in May 2007|| Intermediate ||May 2007 || [[Israel]]
|-valign="top"
|[[:Image:OWASP IL 7 WAF Positive Security.pdf|Positive Security Model for Web Applications, Challenges and Promise (Ofer Shezaf)]] ||Presentation given at the Israel Mini Conference in May 2007|| Intermediate ||May 2007 || [[Israel]]
|-valign="top"
|[[:Image:OWASP IL 7 DOT NET Reverse Engineering.pdf|.NET Reverse Engineering (Erez Metula)]] ||Presentation given at the Israel Mini Conference in May 2007|| Expert ||May 2007 || [[Israel]]
|-valign="top"
|[[:Image:OWASP IL 7 OWASP Introduction.pdf|OWASP introduction (Ofer Shezaf)]] ||2nd OWASP IL mini conference at the Interdisciplinary Center (IDC) Herzliya|| Intermediate ||May 2007 || [[Israel]]
|-valign="top"
|[[:Image:OWASP BeLux 2007-06-22 Update on Internet Attack Statistics for Belgium in 2006.ppt|Update on Internet Attack Statistics for Belgium in 2006 by Hilar Leoste (Zone-H)]] || Update on Internet Attack Statistics for Belgium in 2006 || Novice ||May 2007 || [[Belgium]]
|-valign="top"
|[http://www.owasp.org/index.php/Image:InfoSec_World_2007_-_Web_services_gateways.ppt Securing Web Services using XML Security Gateways by Tim Bond] || Securing Web Services using XML Security Gateways || Intermediate ||May 2007 || [[Virginia (Northern Virginia)]]
|-valign="top"
|[http://www.owasp.org/index.php/Image:SwA_Acquisition_WG_-_Overview.ppt Software Assurance in the Acquisition Process by Stan Wisseman] || Software Assurance in the Acquisition Process || Intermediate ||May 2007 || [[Virginia (Northern Virginia)]]
|-valign="top"
|[http://www.owasp.org/index.php/Image:OWASP_BeLux_2007-05-10_Legal_Aspects_Jos_Dumortier.zip Legal Aspects of (Web) Application Security by Jos Dumortier] || Legal Aspects of (Web) Application Security || Intermediate ||May 2007 || [[Belgium|Belgium]]
|-valign="top"
|[http://www.owasp.org/index.php/Image:OWASP_BeLux_2007-05-10_AppSec_Research_Lieven_Desmet.zip AppSec Research (University Leuven Belgium)] || Formal absence of implementation bugs in web applications: a case study on indirect data sharing by Lieven Desmet || Expert ||May 2007 || [[Belgium|Belgium]]
|-valign="top"
|[[:Image:Scanner-Sparkly.ppt|A Scanner Sparkly]] || A Scanner Sparkly, taken from the Phoenix OWASP presentations on Application Security Tools, May 2007 || Intermediate ||May 2007 || [[Phoenix]]
|-valign="top"
|[[:Image:Owasp-lessonslearned.ppt|Grey Box Assessment Lessons Learned]] || "Grey Box Assessment Lessons Learned", taken from the Phoenix OWASP presentations, Application Security Tools, May 2007 || Intermediate ||May 2007 || [[Phoenix]]
|-valign="top"
|[http://www.owasp.org/index.php/Image:OWASP_BeLux_2007-05-10_OWASP_Update.zip OWASP Update and OWASP BeLux Board Presentation (Seba)] || OWASP Update and OWASP BeLux Board Presentation || Novice||May 2007 || [[Belgium|Belgium]]
|-valign="top"
|[[:Image:Security Metics- What can we measure- Zed Abbadi.pdf|Metics- What can we measure (Zed Abbadi)]] ||19 April NoVa chapter meeting presentation on Security Metrics || Novice ||April 2007 || [[Virginia (Northern Virginia)]]
|-valign="top"
|[[:Image:Web Services Hacking and Hardening.pdf| Web Services Hacking and Hardening (Adam Vincent) ]] ||3/8/07 NoVA chapter meeting, Adam Vincent from Layer7 || Expert ||March 2007 || [[Virginia (Northern Virginia)]]
|-valign="top"
|[http://www.owasp.org/index.php/Image:OWASP_BE_2007-01-23_OWASP_Update.zip OWASP Update (Seba)] || OWASP Update || Novice||Jan 2007 || [[Belgium|Belgium]]
|-valign="top"
|[http://www.owasp.org/images/f/fe/Pres_20070206_04_svetsch_xss_worms_owasp.zip XSS Worms (Sven Vetsch)] || XSS Worms || Intermediate ||Feb 2007 || [[Switzerland|Switzerland]]
|-valign="top"
|[http://www.owasp.org/index.php/Image:OWASP_BE_2007-01-23_OWASP_Update.zip OWASP Update (Seba)] || OWASP Update || Novice||Jan 2007 || [[Belgium|Belgium]]
|-valign="top"
|[http://www.owasp.org/index.php/Image:OWASP_BE_2007-01-23_WebGoat-Pantera.zip WebGoat and Pantera presentation (Philippe Bogaerts)] || WebGoat and Pantera presentation || Novice || Jan 2007 || [[Belgium|Belgium]]
|-valign="top"
|[http://www.owasp.org/index.php/Image:OWASP_BE_2007-01-23_AOP_security.zip Security implications of AOP for secure software (Bart De Win)] || Security implications of AOP for secure software || Expert || Jan 2007 || [[Belgium|Belgium]]
|-valign="top"
|[http://www.owasp.org/images/1/12/OWASP_Denver_Nov-06_presentation.ppt testing for common security flaws (David Byrne)] || testing for common security flaws || Intermediate || Nov 2006 || [[Denver|Denver]]
|-valign="top"
|[http://www.owasp.org/images/7/7c/Owasp-olli.pdf 40-ish slides on analyzing threats (Olli)] || Analyzing Threats || Novice || Dec 2006 || [[Helsinki|Helsinki]]
|-valign="top"
|[http://www.owasp.org/images/2/2c/KC_Dec2006_Attacking_The_App.pdf Attacking the Application (Dave Ferguson)] || Vulnerabilities, attacks and coding suggestions || Intermediate || Dec 2006 || [[Kansas City|Kansas City]]
|-valign="top"
|[http://www.owasp.org/images/6/6a/KC_Dec2006_Ajax_Security_Concerns.pdf Ajax Security Concerns (Rohini Sulatycki)] || Ajax Security Concerns || Intermediate ||Dec 2006 || [[Kansas City|Kansas City]]
|-valign="top"
|[http://www.owasp.org/images/8/8c/Anatomy_of_2_Web_App_Testing.zip Anatomy of 2 Web Application Testing (Matteo Meucci)] || Anatomy of 2 Web Application Testing || Intermediate || Mar 2006 || [[Italy|Italy]]

|-valign="top"

|[https://www.owasp.org/images/9/99/WTE-Cloud-Austin-2012-02.pdf Testing From the Cloud: Is the Sky Falling? ] || WTE Cloud-based Testing || Intermediate || Feb 2012 || [[Austin|Austin]]
|-valign="top"

|(https://www.owasp.org/index.php/User_talk:Briechenstein_Software_Studio) || Open Web application Security Project|| Intermediate|| 2015-07-04 ||

Chapter 4

Specification Language

This formal specification by language example presents cybersecurity studies (of over 10 projects) of how successful OWASP educational presentations test develop design and deliver cybersecurity software efficiently supporting formal methods as mathematically based techniquesthat are needed to assist in the design and implementation of reliable cybersecurity software.

Specification by language example is a must read for anyone serious about delivering translated cybersecurity language software that matters It is the result of a research on how teams internationally specify test develop design and deliver the right cybersecurity software without defects in very short computational delivery cycles With cybersecurity case studies and real examples this presentation helps you understand how successful teams implement mathematical cybersecurity by example denoting
acceptable testing and behavior driven development to bridge the communication gap between committees stakeholders and contributing teams build quality into cybersecurity from the start by testing developing designing and delivering supported languagfor syntax highlighting purposes It presents the collective knowledge of about 50 cybersecurity projects ranging from high traffic websites to virtual back office cybersecurity systems implemented by teams as diverse as small startups to groups spread across different continents working in a range of processes including Extreme programming Kanban Scrum and similar processes often bundled together under the names Lean and Agile This protocol is for testers software developers business analysts and project managers working on Syntax and Agile projects or teams moving to an Agile development method that want to improve quality reduce correction of defective cybersecurity software and collaborate better with the OWASP committee.
Smith

*Retrieved notes from Categories Specification languages and Formal specification
For the last past decade computer systems have become increasingly more powerful as a result becoming more impactful to society Established engineering disciplines use mathematical analysis as the foundation of creating and validating product design Formal language specifications are one im such a way for achievement in software engineering as reliability once predicted Other methods such as testing are more commonly used to enhance code quality

Usability given as such a specification it is possible to use formal verification techniques to demonstrate that a system design is correct with respect to its specification This allows incorrect system designs to be revised before any major investments have been made into an actual implementation Another approach is to use provably correct refinement steps to transform a specification into a design which is ultimately transformed into an implementation that is correct by construction.

*It is important to note that a formal specification is not an implementation but rather it may be used to develop an implementation Formal specifications describe what a system should do not how the system should do it A good specification must have some of the following attributes: adequate internally consistent unambiguous complete satisfied constructability manageability and evolvability Usability Communicability Powerful and efficient analysis which is one of the main reasons there is interest in formal specifications that will provide an ability to perform proofs on cybersecurity software implementations These proofs may be used to validate a specification verify correctness of design, or to prove that a program satisfies a specification.

Limitations
A design (or implementation) cannot ever be declared “correct” on its own. It can only ever be “corrected with respect to a given specification Whether the formal specification correctly describes the problem to be solved is a separate issue It is also a difficult issue to address since it ultimately concerns the problem constructing abstracted formal representations of an informal concrete problem domain and such an abstraction step is not amenable to formal proof. However, it is possible to validate a specification by proving “challenge” theorems concerning properties that the specification is expected to exhibit.o_O If correct Olloclip In these theorems reinforce the specifier's understanding of the specification and its relationship with the underlying problem domain If not the specification probably needs to be changed to better reflect the domain understanding of those involved with producing (and implementing) the specification.

Flexibility
As far as flexibility goes a lot of software companies use agile methodologies that focus on flexibility Doing a formal specification of the whole system up front is often perceived as being the opposite of flexible However there is some research into the benefits of using formal specifications with "agile" development
Complexity is a requirement that is a high level of mathematical expertise and the analytical skills to understand and apply them effectively
I have a solution to develop resources and models that allow for these techniques to be implemented but hide underlying mathematics

I hope to accomplish a good job of specifying user interfaces and user interaction that is Not cost-effective

Formal specification techniques have existed in various domains and on various scales for quite some time Implementations of formal specifications will differ depending on what kind of system they are attempting to model how they are applied and at what point in the software life cycle they have been introduced These types of models can be categorized into the following specification paradigms:

History-based specification

behavior based system histories
assertions are interpreted over time
State-based Specification
behavior based on system states
series of sequential steps (e.g. a financial transaction)
languages such as Z, VDM or B rely on this paradigm+
Transition-based specification
behavior based on transitions from state-to-state of the system
best used with a reactive system
languages such as Statecharts PROMELA STeP-SPL RSML or SCR rely on this paradigm
Functional specification
specify a system as a structure of mathematical functions
OBJ, ASL, PLUSS, LARCH, HOL or PVS rely on this paradigm
Operational Specification
early languages such as Paisley GIST Petri nets or process algebras rely on this paradigm
In addition to the above paradigms there are ways to apply certain heuristics to help improve the creation of these specifications The protocol referenced here best discusses heuristics to use when designing a specification.Heuristics= a rule or method that helps you solve problems faster than you would if you did all the computing

Resources:
Algebraic specification= Providing a mathematical software engineering technique

References:
^ a b c d e f g h i j k l m n o Lamsweerde, A. V. (2000). "Formal specification". Proceedings of the conference on the future of Software engineering - ICSE '00. p. 147. doi:10.1145/336512.336546. ISBN
^ a b c d Sommerville, Ian (2009). "Formal Specification" (PDF). Software Engineering. Retrieved
^ a b c Nummenmaa, Timo; Tiensuu, Aleksi; Berki, Eleni; Mikkonen, Tommi; Kuittinen, Jussi; Kultima, Annakaisa (4 August 2011). "Supporting agile development by facilitating natural user interaction with executable formal specifications". ACM SIGSOFT Software Engineering Notes 36 (4): 1–10. doi:10.1145/1988997.2003643. edit

Best Wishes,
Brenda Smith
a55dayidream@gmail.com

[[Category:Specification languages]]
[[Category:OWASP Education Project]]
[[Category:OWASP Presentations]]
[[Category:Chapter Resources]]

About The Open Web Application Security Project

2015-07-01T16:26:36Z

Briechenstein Software Studio: /* Participation and Membership */

Last revision (mm/dd/yy): '''{{REVISIONMONTH}}/{{REVISIONDAY}}/{{REVISIONYEAR}}'''
__TOC__

==The OWASP Foundation==
The OWASP Foundation came online on [http://wayback.archive.org/web/*/http://www.owasp.org December 1st 2001] it was established as a not-for-profit charitable organization in the United States on April 21, 2004 to ensure the ongoing availability and support for our work at [[Main Page|OWASP]]. OWASP is an international organization and the OWASP Foundation supports OWASP efforts around the world. OWASP is an open community dedicated to enabling organizations to conceive, develop, acquire, operate, and maintain applications that can be trusted. All of the OWASP tools, documents, forums, and chapters are free and open to anyone interested in improving application security. We advocate approaching application security as a people, process, and technology problem because the most effective approaches to application security include improvements in all of these areas. We can be found at [[Main Page|www.owasp.org]].

OWASP is a new kind of organization. Our freedom from commercial pressures allows us to provide unbiased, practical, cost-effective information about application security. OWASP is not affiliated with any technology company, although we support the informed use of commercial security technology. Similar to many open-source software projects, OWASP produces many types of materials in a collaborative and open way. The [[OWASP Foundation]] is a not-for-profit entity that ensures the project's long-term success.

[http://www.linkedin.com/companies/owasp https://www.owasp.org/images/9/98/Btn_cofollow_badge.png]

===OWASP Foundation Bylaws===

The business of the OWASP Foundation Inc. is outlined in the organizational [http://en.wikipedia.org/wiki/By-law by-laws]. These by-laws govern the organization worldwide and allow the participants to understand the established process for doing so.

[[OWASP Foundation ByLaws]]

[https://www.owasp.org/images/9/90/126741_OWASP_vzw_modelstatuten_v0.9_EN_REV.pdf OWASP EU Foundation ByLaws (English Translation)]

[[Local Chapter ByLaws]]

== Core Values ==
<b>OPEN</b>
Everything at OWASP is radically transparent from our finances to our code.

<b>INNOVATION</b>
OWASP encourages and supports innovation and experiments for solutions to software security challenges.

<b>GLOBAL</b>
Anyone around the world is encouraged to participate in the OWASP community.

<b>INTEGRITY</b>
OWASP is an honest and truthful, vendor neutral, global community.

== Core Purpose ==
Be the thriving global community that drives visibility and evolution in the safety and security of the world’s software.

== Code of Ethics ==
Each of us is expected to behave according to the principles contained in the following Code of Ethics. Breaches of the Code of Ethics may result in the foundation taking disciplinary action.
[https://www.owasp.org/index.php/Membership_Revocation Membership Revocation]

* Perform all professional activities and duties in accordance with all applicable laws and the highest ethical principles;
* Promote the implementation of and promote compliance with standards, procedures, controls for application security;
* Maintain appropriate confidentiality of proprietary or otherwise sensitive information encountered in the course of professional activities;
* Discharge professional responsibilities with diligence and honesty;
* To communicate openly and honestly;
* Refrain from any activities which might constitute a conflict of interest or otherwise damage the reputation of employers, the information security profession, or the Association;
* To maintain and affirm our objectivity and independence;
* To reject inappropriate pressure from industry or others;
* Not intentionally injure or impugn the professional reputation of practice of colleagues, clients, or employers;
* Treat everyone with respect and dignity; and
* To avoid relationships that impair — or may appear to impair — OWASP's objectivity and independence.

== Principles ==

* Free & Open
* Governed by rough consensus & running code
* Abide by a code of ethics (see ethics)
* Not-for-profit
* Not driven by commercial interests
* Risk based approach

==2015 Global Board Members==

====Chairman: [[User:tgondrom|Tobias Gondrom]]====

====Vice Chairman: [[User:jsokol|Josh Sokol]]====

====Treasurer: [[User:Fabio.e.cerullo|Fabio Cerullo]]====

====Secretary: [[User:Matt_Konda |Matt Konda]]====

====Board Member: [[User:vanderaj |Andrew van der Stock]]====

====Board Member: [[User:MichaelCoates|Michael Coates]]====

====Board Member: [[User:Jmanico|Jim Manico]]====

==Employees and Contractors of the OWASP Foundation==

{{:About_OWASP/HR}}

* Additional [https://www.owasp.org/index.php/About_OWASP/HR staff and HR info]

==Meeting Minutes==
The OWASP Foundation Board meets monthly.

[[OWASP_Board_Meetings | Board meeting minutes for the record.]]

[https://docs.google.com/folder/d/0B5Z9zE0hx0LNOWFIRG9reTUwOXM/edit Staff Meetings]

[https://docs.google.com/folder/d/0B5Z9zE0hx0LNZ0pqZC1QWWRTM28/edit Global Initiatives Meetings]

== Operational Procedures ==
[https://www.owasp.org/index.php/About_OWASP/Operational-Procedures Standard Operations Procedures (SOP)]

==Licensing==
All OWASP materials are available under an approved [[OWASP Licenses|FLOSS license]]. For more information, please see the '''[[OWASP Licenses]]''' page.

==Participation and Membership==
Everyone is welcome to participate in our [https://lists.owasp.org/mailman/listinfo forums], [[projects]], [[chapters]], and [[conferences]]. OWASP is a fantastic place to learn about application security, to network, and even to build your reputation as an expert.

If you find the OWASP materials valuable, please consider supporting our cause by becoming an OWASP member. All monies received by the OWASP Foundation go directly into supporting OWASP projects.

For more information, please see the '''[[Membership]]''' page.

==Projects==
OWASP's projects cover many aspects of application security. We build documents, tools, teaching environments, guidelines, checklists, and other materials to help organizations improve their capability to produce secure code.

For details on all the OWASP projects, please see the '''[[:Category:OWASP Project|OWASP Project]]''' page.

==Privacy Policy==
Given OWASP’s mission to help organizations with application security, you have the right to expect protection of any personal information that we might collect about our members.

In general, we do not require authentication or ask visitors to reveal personal information when visiting our website. We collect Internet addresses, not the e-mail addresses, of visitors solely for use in calculating various website statistics.

We may ask for certain personal information, including name and email address from persons downloading OWASP products. This information is not divulged to any third party and is used only for the purposes of:
* Communicating urgent fixes in the OWASP Materials
* Seeking advice and feedback about OWASP Materials
* Inviting participation in OWASP’s consensus process and AppSec conferences

OWASP publishes a list of member organizations and individual members. Listing is purely voluntary and "opt-in." Listed members can request not to be listed at any time.

All information about you or your organization that you send us by fax or mail is physically protected. If you have any questions or concerns about our privacy policy, please contact us at [http://sl.owasp.org/contactus Submit a Inquiry]

==Membership or Donations==
If you are interested in joining OWASP as a member, or donating funds for OWASP's efforts, please check out the [[Membership|OWASP Membership Page]].

{{:About_OWASP/Financial_Transparency}}

<br/>

==Contacting OWASP==
The easiest way to contact the [[OWASP Foundation]] is via e-mail. If you have a question concerning a particular project, we <b>strongly</b> recommend using the [https://lists.owasp.org/mailman/listinfo mailing list] for that project. Many questions can also be answered by [https://www.owasp.org/google/results.html searching] the [[Main Page|OWASP]] web site, so please check there first.

Our global address for general correspondence and faxes can be sent to our physical office address, to the attention of [[User:Kate_Hartmann|Kate Hartmann]], at:

OWASP Foundation
1200-C Agora Drive, #232
Bel Air, MD 21014
US
+1 951-692-7703 (tel)
+1 443-283-4021(fax)
[http://sl.owasp.org/contactus Contact Us]

The European correspondence address is below.
More information is available on the OWASP [[Europe]] page.

OWASP Europe VZW
Leinstraat 104A
B-9660 Opbrakel
Belgium
+1 951-692-7703 (tel)
[http://sl.owasp.org/contactus Contact Us]

OWASP Norway Chapter
[http://w2.brreg.no/enhet/sok/detalj.jsp?orgnr=994253085 Entity Record]
v/Kåre Presttun
c/o Mnemonic as
Wergelandsveien 25
0167 OSLO

Want to chat on IRC?
The official #owasp channel is now live on http://irc.freenode.net ! Come on in and chat with us!

For more information, please see the pages listed below:

* [[Contributions]] for details about how to make contributions
* [[Advertising]] if you're interested in advertising on the OWASP site
* [[How OWASP Works]] for more information about projects and governance
* [[OWASP brand usage rules]] for information about using the OWASP brand

[[Category:Popular]]

Category:OWASP Application Security Verification Standard Project Proposal

2015-06-25T16:47:12Z

Briechenstein Software Studio: /* Classifications */

[[:Category:OWASP Project|Click here to return to OWASP Projects page.]]<br>
[[:Project Information:template Application Security Verification Standard - Proposal|Click here to see (& edit, if wanted) the template.]]
{{:Project Information:template Application Security Verification Standard - Proposal}}

== Overview ==
'''What is ASVS?'''

Whereas the OWASP Top Ten is a tool that provides web application security awareness, the OWASP Application Security Verification Standard (ASVS) is a commercially-workable open standard that defines ranges in coverage and levels of rigor that can be used to perform application security verifications. It is the very first standard that OWASP has published! There are currently versions only in English.

The primary aim of the OWASP ASVS Project is to normalize the range in the coverage and level of rigor available in the market when it comes to performing application security verification using a commercially-workable open standard. This standard can be used to establish a level of confidence in the security of web applications.

'''Where did ASVS come from?'''

The OWASP ASVS project is led by Mike Boberski (Booz Allen Hamilton). The primary authors are Mike, Jeff Williams (Aspect Security), and Dave Wichers (Aspect Security). The ASVS is the result of the collection and consolidation of decades of collective subject matter expertise in application security. If you’d like to volunteer to help on the project, you can contact Mike at boberski_michael[at]bah.com.

More information about the ASVS can be found [https://www.owasp.org/images/5/52/About_OWASP_ASVS_Web_Edition.ppt here - OWASP ASVS Project's PowerPoint Presentation].

== Announcements ==
* 12/8/2008 - OWASP ASVS Final assistance required! Please join the mailing list for more information and assignments.

* 12/5/2008 - OWASP ASVS exits the Summer of Code 2008! The Beta draft of the Web Application Edition is released! Mike Boberski, Jeff Williams, and Dave Wichers are the primary authors.

* 10/3/2008 - OWASP ASVS Alpha draft is released! Mike Boberski is the primary author.

* 4/16/2008 - [https://www.owasp.org/index.php/OWASP_Summer_of_Code_2008_Applications#OWASP_Application_Security_Verification_Standard OWASP ASVS Summer of Code 2008 proposal] submitted by Mike Boberski wins!

== Methodology ==
'''How does ASVS work?'''

The OWASP ASVS standard uses the term the ‘verifier’ to indicate the person or team that is reviewing the application against these requirements.

It is a verifier’s responsibility to determine if an application meets all of the requirements at the level targeted by a review. If the application meets all the requirements for that level, then it can be considered an OWASP ASVS Level N application, where N is the verification level that application complied with.

If the application does not meet all the requirements for a particular level, but does meet all the requirements for a lower level of this standard, then it can be considered to have passed that level of verification.

The OWASP ASVS defines verification and documentation requirements that are grouped on the basis of related coverage and level of rigor. Web application security verification is performed from a logical point of view by following (or attempting to follow) paths into and out of the application and performing analysis along those paths. The Standard defines four hierarchical levels (e.g., Level 2 requires more coverage and rigor than Level 1) as depicted in the figure below.

{| style="width:80%" border="0" align="center"
| align="center" |
|-
| style="width:100%; align="center"|[[Image:Levels.JPG]]
|}

The Standard further defines constituent components for Levels 1 and 2 (e.g., verification at Level 1 requires meeting both Level 1A and 1B requirements). Applications may claim compliance to either Level 1A or 1B instead of Level 1, but making such claims is weaker than claiming Level 1. Similarly, applications may claim compliance to either Level 2A or 2B instead of Level 2, but making such claims is weaker than claiming Level 2.

== OWASP ASVS – Web Application Edition (Beta) Downloads ==
* [[:Image:OWASP ASVS Web Edition 2008 Beta.pdf|PDF (530 KB)]]
* [[:Image:OWASP ASVS Web Edition 2008 Beta.doc|Word (903 KB)]]

== OWASP ASVS – Web Application Edition (Alpha) Downloads ==
OWASP ASVS Alpha (English)

* [[:Image:OWASP ASVS Web Edition 2008 Alpha.pdf|PDF (477 KB)]]
* [[:Image:OWASP ASVS Web Edition 2008 Alpha.doc|Word (868 KB)]]

== Feedback ==
Please let us know how your organization is using the OWASP ASVS. Include your name, organization's name, and brief description of how you are using the ASVS. Thanks for supporting OWASP!

We hope you find the information in the OWASP ASVS useful. Please contribute back to the project by sending your comments, questions, and suggestions to [mailto:Owasp-Application-Security-Verification-Standard(at)lists.owasp.org '''owasp-application-security-verification-standard(at)lists.owasp.org''']. Thanks!

To join the OWASP ASVS mailing list or view the archives, please visit the [https://lists.owasp.org/mailman/listinfo/owasp-application-security-verification-standard '''subscription page'''].

== Project Sponsors ==
The OWASP ASVS project is co-sponsored by:

{| style="width:100%" border="0" align="center"
| align="left" |
|-
| style="width:100%; align="left"|[[Image:Aspect logo.jpg]] [[Image:Bah logo 1.jpg]] [[Image:SoC 08 Logo Mike Project.jpg]]
|}

[[:Project Information:template Application Security Verification Standard|Click here to see this project's full SoC 2008 status.]]
[[Category:OWASP Project|Application Security Verification Standard Project]]
[[Category:OWASP Certification Criteria Project]]]

Category:OWASP Application Security Verification Standard Project Proposal

2015-06-25T16:45:19Z

Briechenstein Software Studio: *Briechenstein_Software Protocol

Category:OWASP Application Security Verification Standard Project Proposal

2015-06-25T16:40:26Z

Briechenstein Software Studio: *Briechenstein_Software Protocol

Category:OWASP Application Security Verification Standard Project Proposal

2015-06-25T16:34:20Z

Briechenstein Software Studio: *Briechenstein_Software Protocol

Category:OWASP .NET Project

2015-06-25T16:03:48Z

Briechenstein Software Studio: /* Classifications */

=Main=

<div style="width:100%;height:160px;border:0,margin:0;overflow: hidden;">[[File:OWASP_Project_Header.jpg|link=]]</div>

{| style="padding: 0;margin:0;margin-top:10px;text-align:left;" |-
| valign="top" style="border-right: 1px dotted gray;padding-right:25px;" |

==OWASP .NET Project==

The OWASP.NET Project is the clearinghouse for all information related to building secure .NET web applications and services. The goal of the project is to provide deep content for all roles related to .NET web applications and services.

The focus of the project is on guidance for developers using the framework, OWASP Components that use .NET, and participation in OWASP projects that use .NET.

Community content is key to security information. The project depends on content from developers throughout the .NET world. Check out the [[OWASP .Net Project Roadmap]] for ways to get involved.

==Purpose==

* Provide deep, rich guidance for .NET developers in using the security features of .NET
* Create guidance for use of OWASP components that are designed for use with .NET
* Focus on information about working with and on OWASP tools built using .NET

==Licensing==
OWASP .NET Project is free to use. It is licensed under the http://creativecommons.org/licenses/by-sa/3.0/ Creative Commons Attribution-ShareAlike 3.0 license], so you can copy, distribute and transmit the work, and you can adapt it, and use it commercially, but all provided that you attribute the work and if you alter, transform, or build upon this work, you may distribute the resulting work only under the same or similar license to this one.

| valign="top" style="padding-left:25px;width:200px;border-right: 1px dotted gray;padding-right:25px;" |

== What is the OWASP .NET Project? ==

* Deep, rich guidance for .NET developers in using the security features of .NET
* Guidance for use of OWASP components that are designed for use with .NET
* Information about working with and on OWASP tools built using .NET

== Project Leader ==

[https://www.owasp.org/index.php/User:Bill_Sempf Bill Sempf]

== Related Projects ==

* [[OWASP_Java_Project]]

| valign="top" style="padding-left:25px;width:200px;" |

== News and Events ==
* [16 Feb 2015] Two more articles promoted. Want to build one? See the Roadmap!
* [22 Jan 2015] Three completed articles, and four in progress
* [29 Oct 2014] Promoted our first guidance article from Draft
* [18 Sep 2014] AppSec USA .NET Project Summit
* [30 Mar 2014] Project roadmap
* [5 Feb 2014] Project reboot

== Mailing List ==
[https://lists.owasp.org/mailman/listinfo/owasp-dotnet OWASP .NET Mailing List]

==Classifications==

{| width="200" cellpadding="2"
|-
| align="center" valign="top" width="50%" rowspan="2"| [[File:Owasp-incubator-trans-85.png|link=https://www.owasp.org/index.php/OWASP_Project_Stages#tab=Incubator_Projects]]
| align="center" valign="top" width="50%"| [[File:Owasp-builders-small.png|link=]]
|-
| align="center" valign="top" width="50%"| [[File:Owasp-defenders-small.png|link=]]
|-
| colspan="2" align="center" | [[File:Cc-button-y-sa-small.png|link=http://creativecommons.org/licenses/by-sa/3.0/]]
|-
| colspan="2" align="center" | [[File:Project_Type_Files_DOC.jpg|link=]]
|}

|}

[[Category:OWASP Guide Project]]

=Resources=

The .NET Project is principally about creating deep, rich guidance for NET developers using the Microsoft .NET Framework's security resources.

== Security Guidance ==
The following sections include general content that can be useful for a specific role in securing .NET web applications and services:

* [[.NET Security Cheat Sheet| .NET Security Cheat Sheet]]
* [[.NET Penetration Testing| .NET Penetration Testing]]

The following sections include specific guidance for particular technological problems related to .NET web applications and services:

* [[Exception Handling]]
* [[ASP.NET Request Validation]]
* [[ASP.NET Output Encoding]]

== Recommended Resources ==
Check out the OWASP .NET Recommended Resources wiki page for a quick list of resources available now for secure .NET development:

; [[OWASP .NET Recommended Resources| OWASP .NET Recommended Resources]]

== Active Projects ==
; [[OWASP .NET Active Projects]]

== Research Projects ==
; [[OWASP .NET Research]]

=Joining the Project=
==Get involved==
To get involved join the mailing list (see [[How to join Owasp.Net Mailing List]])
==Project Roadmap==
The project's high level roadmap can be found at the [[OWASP .Net Project Roadmap]]
* Please submit your ideas for articles, content and general feedback to the [[.NET Project Wishlist]].
* If you'd like to contribute:
# visit the [[Tutorial]],
# and pick a topic from the [[.NET Project Wishlist]] or suggest a new topic
# or check out our active projects list, [[OWASP .NET Active Projects]], and join one today.
<br />
'''Remember to add the tag: <nowiki>[[Category:OWASP .NET Project]]</nowiki> to the end of new articles so that they're properly categorized.'''
<br />
=Project Tracker=
==Timeline==
* November 2014 Four completed articles, six in process.
* September 2014 AppSec USA
* March 2014 Project Roadmap
* February 2014 Project Reboot
* May 2009 - Updated tabs, added content recommended by Andre Gironda
* March 2009 - Converted to new tab format, added Project Tracker tab
* February 2009 Added [[OWASP .NET Research]] and removed [[OWASP .NET Vulnerability Research]] from project page.

==Roadmap==
You can find the project roadmap here: [[OWASP .Net Project Roadmap]]

=FAQs=
==Questions and answers==
; Q1: Why are there so many empty projects?
; A1: Because YOU haven't worked on them! We need your help!

; Q2: Why the focus on specific implementation, rather than on general security? I just need general guidance!
; A2: General guidance is platform independent. You should start with the awesome Cheat Sheets for general information. We are focused on specific implementation because these are the tough, unanswered questions that lead to the high risk vulnerabilities.

; Q3: Where are the .NET specific security tools.
; A3: Nearly everything you need is already in the .NET Framework. It's just a matter of learning where it is and how to use it. That's where the .NET project comes in.

=Volunteers=

==Get involved==
To get involved join the mailing list (see [[How to join Owasp.Net Mailing List]])

==Already involved==
The OWASP .NET project is developed by a worldwide team of volunteers. The original primary contributor is Daniel Brzozowski. Currently the team of advisers and authoors includes:

* Kevin Basista
* Brice Williams
* Marion Nepomuceno
* Dan Wilson
* Jess Vermont
* Jeff Knutson
* Robert Ginsburg
* Kyle Johnson
* Troy Hunt
* Dinis Cruz
* Shamir Charania
* Mohammed Al-Taweel
* Daniel Brzozowski
* Bill Sempf
* Barry Dorrans (Microsoft)
* Reid Borsuk (Microsoft)

We need more help. Please join the low volume mailing list at [https://lists.owasp.org/mailman/listinfo/owasp-dotnet this address] to get project announcements.

= Road Map and Getting Involved =
==What we're doing==
The themes of the .NET Project include:
* Deep, rich guidance for .NET developers in using the security features of .NET
* Guidance for use of OWASP components that are designed for use with .NET
* Information about working with and on OWASP tools built using .NET
==Roadmap==
The [[OWASP .Net Project Roadmap]] has the latest guidance for the project's future. As with all Wiki documents, it is a work in progress.

We need help, especially with content creation and identifying OWASP projects that are .NET related. If you would like to get involved, please join the [https://lists.owasp.org/mailman/listinfo/owasp-dotnet mailing list] and introduce yourself, or email [https://www.owasp.org/index.php/User:Bill_Sempf Bill Sempf]

__NOTOC__ <headertabs />

[[Category:OWASP Project]] [[Category:OWASP_Builders]] [[Category:OWASP_Defenders]] [[Category:OWASP_Document]] [[Category:Technology]]

Electronic design automation

2015-06-24T04:14:13Z

Briechenstein Software Studio: $Briechenstein_Electronic_Design_Automation (BEAD)

Briechenstein Electronic Design Automation (BEDA)
https://www.owasp.org/index.php/User:_talk:Briechenstein_Software_Studio)

[[Category:Design]]

Electronic design automation

2015-06-24T03:53:44Z

Briechenstein Software Studio: $Briechenstein_Electronic_Design_Automation (BEAD)

Briechenstein Electronic Design Automation (BEDA)
https://www.owasp.org/index.php/User:_talk:Briechenstein_Software_Studio)

[[Category:Design]] [[Category:Electronic design automation]] [[Category:Semiconductor device fabrication]]

Electronic design automation

2015-06-24T02:19:36Z

Briechenstein Software Studio: $Briechenstein_Electronic_Design_Automation (BEAD)

'''Bold text'''Briechenstein Electronic Design Automation (BEDA)
https://www.owasp.org/index.php/User:_talk:Briechenstein_Software_Studio)

[[Category:Design]]

Electronic design automation

2015-06-23T23:27:44Z

Briechenstein Software Studio: $Briechenstein_Electronic_Design_Automation (BEAD)

'''Bold text'''Briechenstein Electronic Design Automation (BEDA)
https://www.owasp.org/index.php/User:_talk:Briechenstein_Software_Studio)

[[Category:Electronic design]]

Electronic design automation

2015-06-23T23:26:25Z

Briechenstein Software Studio: $Briechenstein_Electronic_Design_Automation (BEAD)

'''Bold text'''Briechenstein Electronic Design Automation (BEDA)
https://www.owasp.org/index.php/User:_talk:Briechenstein_Software_Studio)

[[Category:Electronic Design]]

Electronic design automation

2015-06-23T23:25:13Z

Briechenstein Software Studio: $Briechenstein_Electronic_Design_Automation (BEAD)

'''Bold text'''Briechenstein Electronic Design Automation (BEDA)
https://www.owasp.org/index.php/User:_talk:Briechenstein_Software_Studio)

[[Category:Electronic Design Automation]]

Electronic design automation

2015-06-23T23:21:48Z

Briechenstein Software Studio: $Briechenstein_Electronic_Design_Automation (BEAD)

'''Bold text'''Briechenstein Electronic Design Automation (BEDA)
https://www.owasp.org/index.php/User:_talk:Briechenstein_Software_Studio)

[[Category:Portal:Electronics]]

Electronic design automation

2015-06-23T23:12:15Z

Briechenstein Software Studio: Briechenstein_Electronic_Design_Automation (BEDA)

'''Bold text'''Briechenstein Electronic Design Automation (BEDA)
https://www.owasp.org/index.php/User:_talk:Briechenstein_Software_Studio)

[[Category:Computer-aided design]]

User talk:Briechenstein Software Studio

2015-06-17T18:09:32Z

Briechenstein Software Studio: *Nuyenatoshiyoshiko Tachikawa Protocol Software

'''Welcome to ''OWASP''!'''
<Cryptography Open Web Software Application.>

<?xml version="1.0" encoding="utf-8"?>
<Package xmlns="http://saturnrembitcoinstocks.instafx-world.com/appx/2007/manifest">
<Identity Name="Saturnrem.BitcoinStocksOpenSSLRepository."http://sourceforge.net/projects/moneymanagerex/>
<Properties>
<DisplayName>SaturnremBitcoinStocksOpenSSLRepository</DisplayName>
<PublisherDisplayName>SaturnremBitcoinStocksOpenSSLRepository</PublisherDisplayName>
<Description>SaturnremBitcoinStocksOpenSSLRepository</Description>
<Logo>images\https://www.google.com/search?OpenSSL/logo png</Logo>
</Properties>
<Resources>
<Resource Language="en-us" />
</Resources>
<Capabilities>
<Capability Name="internetClientServer" />
</Capabilities>
<Prerequisites>
<OSMinVersion>6.2</OSMinVersion>
<OSMaxVersionTested>6.2</OSMaxVersionTested>
</Prerequisites>
<Applications>
<Application Id="SaturnremBitcoinStocksOpenSSLRepository" StartPage="default.html">
<VisualElements DisplayName="https://www.google.com/search?OpenSSL"/logo png\<Logo> Description="OpenSSLRepository" ForegroundText="dark" BackgroundColor="#FFFFFF">
<DefaultTile ShortName="SBSOSSR" ShowName="allOpenSSLLogos" />
<SplashScreen BackgroundColor="white" Image="images\https://www.google.com/search?OpenSSL/logo png</Logo>
</VisualElements>
</Repository>
</Repository>
</Package>

Copyright (C) <2007> <Briechenstein Software Studio-OWASP>
GNU GENERAL PUBLIC LICENSE
Version 3, 29 June 2007
Copyright © 2007 Free Software Foundation, Inc. <http://fsf.org/>
Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed.
Preamble
The GNU General Public License is a free, copyleft license for software and other kinds of works.
The licenses for most software and other practical works are designed to take away your freedom to share and change the works. By contrast, the GNU General Public License is intended to guarantee your freedom to share and change all versions of a program--to make sure it remains free software for all its users. We, the Free Software Foundation, use the GNU General Public License for most of our software; it applies also to any other work released this way by its authors. You can apply it to your programs, too.
When we speak of free software, we are referring to freedom, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for them if you wish), that you receive source code or can get it if you want it, that you can change the software or use pieces of it in new free programs, and that you know you can do these things.
To protect your rights, we need to prevent others from denying you these rights or asking you to surrender the rights. Therefore, you have certain responsibilities if you distribute copies of the software, or if you modify it: responsibilities to respect the freedom of others.
For example, if you distribute copies of such a program, whether gratis or for a fee, you must pass on to the recipients the same freedoms that you received. You must make sure that they, too, receive or can get the source code. And you must show them these terms so they know their rights.
Developers that use the GNU GPL protect your rights with two steps: (1) assert copyright on the software, and (2) offer you this License giving you legal permission to copy, distribute and/or modify it.
For the developers' and authors' protection, the GPL clearly explains that there is no warranty for this free software. For both users' and authors' sake, the GPL requires that modified versions be marked as changed, so that their problems will not be attributed erroneously to authors of previous versions.
Some devices are designed to deny users access to install or run modified versions of the software inside them, although the manufacturer can do so. This is fundamentally incompatible with the aim of protecting users' freedom to change the software. The systematic pattern of such abuse occurs in the area of products for individuals to use, which is precisely where it is most unacceptable. Therefore, we have designed this version of the GPL to prohibit the practice for those products. If such problems arise substantially in other domains, we stand ready to extend this provision to those domains in future versions of the GPL, as needed to protect the freedom of users.
Finally, every program is threatened constantly by software patents. States should not allow patents to restrict development and use of software on general-purpose computers, but in those that do, we wish to avoid the special danger that patents applied to a free program could make it effectively proprietary. To prevent this, the GPL assures that patents cannot be used to render the program non-free.
The precise terms and conditions for copying, distribution and modification follow.
TERMS AND CONDITIONS
0. Definitions.
“This License” refers to version 3 of the GNU General Public License.
“Copyright” also means copyright-like laws that apply to other kinds of works, such as semiconductor masks.
“The Program” refers to any copyrightable work licensed under this License. Each licensee is addressed as “you”. “Licensees” and “recipients” may be individuals or organizations.
To “modify” a work means to copy from or adapt all or part of the work in a fashion requiring copyright permission, other than the making of an exact copy. The resulting work is called a “modified version” of the earlier work or a work “based on” the earlier work.
A “covered work” means either the unmodified Program or a work based on the Program.
To “propagate” a work means to do anything with it that, without permission, would make you directly or secondarily liable for infringement under applicable copyright law, except executing it on a computer or modifying a private copy. Propagation includes copying, distribution (with or without modification), making available to the public, and in some countries other activities as well.
To “convey” a work means any kind of propagation that enables other parties to make or receive copies. Mere interaction with a user through a computer network, with no transfer of a copy, is not conveying.
An interactive user interface displays “Appropriate Legal Notices” to the extent that it includes a convenient and prominently visible feature that (1) displays an appropriate copyright notice, and (2) tells the user that there is no warranty for the work (except to the extent that warranties are provided), that licensees may convey the work under this License, and how to view a copy of this License. If the interface presents a list of user commands or options, such as a menu, a prominent item in the list meets this criterion.
1. Source Code.
The “source code” for a work means the preferred form of the work for making modifications to it. “Object code” means any non-source form of a work.
A “Standard Interface” means an interface that either is an official standard defined by a recognized standards body, or, in the case of interfaces specified for a particular programming language, one that is widely used among developers working in that language.
The “System Libraries” of an executable work include anything, other than the work as a whole, that (a) is included in the normal form of packaging a Major Component, but which is not part of that Major Component, and (b) serves only to enable use of the work with that Major Component, or to implement a Standard Interface for which an implementation is available to the public in source code form. A “Major Component”, in this context, means a major essential component (kernel, window system, and so on) of the specific operating system (if any) on which the executable work runs, or a compiler used to produce the work, or an object code interpreter used to run it.
The “Corresponding Source” for a work in object code form means all the source code needed to generate, install, and (for an executable work) run the object code and to modify the work, including scripts to control those activities. However, it does not include the work's System Libraries, or general-purpose tools or generally available free programs which are used unmodified in performing those activities but which are not part of the work. For example, Corresponding Source includes interface definition files associated with source files for the work, and the source code for shared libraries and dynamically linked subprograms that the work is specifically designed to require, such as by intimate data communication or control flow between those subprograms and other parts of the work.
The Corresponding Source need not include anything that users can regenerate automatically from other parts of the Corresponding Source.
The Corresponding Source for a work in source code form is that same work.
2. Basic Permissions.
All rights granted under this License are granted for the term of copyright on the Program, and are irrevocable provided the stated conditions are met. This License explicitly affirms your unlimited permission to run the unmodified Program. The output from running a covered work is covered by this License only if the output, given its content, constitutes a covered work. This License acknowledges your rights of fair use or other equivalent, as provided by copyright law.
You may make, run and propagate covered works that you do not convey, without conditions so long as your license otherwise remains in force. You may convey covered works to others for the sole purpose of having them make modifications exclusively for you, or provide you with facilities for running those works, provided that you comply with the terms of this License in conveying all material for which you do not control copyright. Those thus making or running the covered works for you must do so exclusively on your behalf, under your direction and control, on terms that prohibit them from making any copies of your copyrighted material outside their relationship with you.
Conveying under any other circumstances is permitted solely under the conditions stated below. Sublicensing is not allowed; section 10 makes it unnecessary.
3. Protecting Users' Legal Rights From Anti-Circumvention Law.
No covered work shall be deemed part of an effective technological measure under any applicable law fulfilling obligations under article 11 of the WIPO copyright treaty adopted on 20 December 1996, or similar laws prohibiting or restricting circumvention of such measures.
When you convey a covered work, you waive any legal power to forbid circumvention of technological measures to the extent such circumvention is effected by exercising rights under this License with respect to the covered work, and you disclaim any intention to limit operation or modification of the work as a means of enforcing, against the work's users, your or third parties' legal rights to forbid circumvention of technological measures.
4. Conveying Verbatim Copies.
You may convey verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice; keep intact all notices stating that this License and any non-permissive terms added in accord with section 7 apply to the code; keep intact all notices of the absence of any warranty; and give all recipients a copy of this License along with the Program.
You may charge any price or no price for each copy that you convey, and you may offer support or warranty protection for a fee.
5. Conveying Modified Source Versions.
You may convey a work based on the Program, or the modifications to produce it from the Program, in the form of source code under the terms of section 4, provided that you also meet all of these conditions:
a) The work must carry prominent notices stating that you modified it, and giving a relevant date.
b) The work must carry prominent notices stating that it is released under this License and any conditions added under section 7. This requirement modifies the requirement in section 4 to “keep intact all notices”.
c) You must license the entire work, as a whole, under this License to anyone who comes into possession of a copy. This License will therefore apply, along with any applicable section 7 additional terms, to the whole of the work, and all its parts, regardless of how they are packaged. This License gives no permission to license the work in any other way, but it does not invalidate such permission if you have separately received it.
d) If the work has interactive user interfaces, each must display Appropriate Legal Notices; however, if the Program has interactive interfaces that do not display Appropriate Legal Notices, your work need not make them do so.
A compilation of a covered work with other separate and independent works, which are not by their nature extensions of the covered work, and which are not combined with it such as to form a larger program, in or on a volume of a storage or distribution medium, is called an “aggregate” if the compilation and its resulting copyright are not used to limit the access or legal rights of the compilation's users beyond what the individual works permit. Inclusion of a covered work in an aggregate does not cause this License to apply to the other parts of the aggregate.
6. Conveying Non-Source Forms.
You may convey a covered work in object code form under the terms of sections 4 and 5, provided that you also convey the machine-readable Corresponding Source under the terms of this License, in one of these ways:
a) Convey the object code in, or embodied in, a physical product (including a physical distribution medium), accompanied by the Corresponding Source fixed on a durable physical medium customarily used for software interchange.
b) Convey the object code in, or embodied in, a physical product (including a physical distribution medium), accompanied by a written offer, valid for at least three years and valid for as long as you offer spare parts or customer support for that product model, to give anyone who possesses the object code either (1) a copy of the Corresponding Source for all the software in the product that is covered by this License, on a durable physical medium customarily used for software interchange, for a price no more than your reasonable cost of physically performing this conveying of source, or (2) access to copy the Corresponding Source from a network server at no charge.
c) Convey individual copies of the object code with a copy of the written offer to provide the Corresponding Source. This alternative is allowed only occasionally and noncommercially, and only if you received the object code with such an offer, in accord with subsection 6b.
d) Convey the object code by offering access from a designated place (gratis or for a charge), and offer equivalent access to the Corresponding Source in the same way through the same place at no further charge. You need not require recipients to copy the Corresponding Source along with the object code. If the place to copy the object code is a network server, the Corresponding Source may be on a different server (operated by you or a third party) that supports equivalent copying facilities, provided you maintain clear directions next to the object code saying where to find the Corresponding Source. Regardless of what server hosts the Corresponding Source, you remain obligated to ensure that it is available for as long as needed to satisfy these requirements.
e) Convey the object code using peer-to-peer transmission, provided you inform other peers where the object code and Corresponding Source of the work are being offered to the general public at no charge under subsection 6d.
A separable portion of the object code, whose source code is excluded from the Corresponding Source as a System Library, need not be included in conveying the object code work.
A “User Product” is either (1) a “consumer product”, which means any tangible personal property which is normally used for personal, family, or household purposes, or (2) anything designed or sold for incorporation into a dwelling. In determining whether a product is a consumer product, doubtful cases shall be resolved in favor of coverage. For a particular product received by a particular user, “normally used” refers to a typical or common use of that class of product, regardless of the status of the particular user or of the way in which the particular user actually uses, or expects or is expected to use, the product. A product is a consumer product regardless of whether the product has substantial commercial, industrial or non-consumer uses, unless such uses represent the only significant mode of use of the product.
“Installation Information” for a User Product means any methods, procedures, authorization keys, or other information required to install and execute modified versions of a covered work in that User Product from a modified version of its Corresponding Source. The information must suffice to ensure that the continued functioning of the modified object code is in no case prevented or interfered with solely because modification has been made.
If you convey an object code work under this section in, or with, or specifically for use in, a User Product, and the conveying occurs as part of a transaction in which the right of possession and use of the User Product is transferred to the recipient in perpetuity or for a fixed term (regardless of how the transaction is characterized), the Corresponding Source conveyed under this section must be accompanied by the Installation Information. But this requirement does not apply if neither you nor any third party retains the ability to install modified object code on the User Product (for example, the work has been installed in ROM).
The requirement to provide Installation Information does not include a requirement to continue to provide support service, warranty, or updates for a work that has been modified or installed by the recipient, or for the User Product in which it has been modified or installed. Access to a network may be denied when the modification itself materially and adversely affects the operation of the network or violates the rules and protocols for communication across the network.
Corresponding Source conveyed, and Installation Information provided, in accord with this section must be in a format that is publicly documented (and with an implementation available to the public in source code form), and must require no special password or key for unpacking, reading or copying.
7. Additional Terms.
“Additional permissions” are terms that supplement the terms of this License by making exceptions from one or more of its conditions. Additional permissions that are applicable to the entire Program shall be treated as though they were included in this License, to the extent that they are valid under applicable law. If additional permissions apply only to part of the Program, that part may be used separately under those permissions, but the entire Program remains governed by this License without regard to the additional permissions.
When you convey a copy of a covered work, you may at your option remove any additional permissions from that copy, or from any part of it. (Additional permissions may be written to require their own removal in certain cases when you modify the work.) You may place additional permissions on material, added by you to a covered work, for which you have or can give appropriate copyright permission.
Notwithstanding any other provision of this License, for material you add to a covered work, you may (if authorized by the copyright holders of that material) supplement the terms of this License with terms:
a) Disclaiming warranty or limiting liability differently from the terms of sections 15 and 16 of this License; or
b) Requiring preservation of specified reasonable legal notices or author attributions in that material or in the Appropriate Legal Notices displayed by works containing it; or
c) Prohibiting misrepresentation of the origin of that material, or requiring that modified versions of such material be marked in reasonable ways as different from the original version; or
d) Limiting the use for publicity purposes of names of licensors or authors of the material; or
e) Declining to grant rights under trademark law for use of some trade names, trademarks, or service marks; or
f) Requiring indemnification of licensors and authors of that material by anyone who conveys the material (or modified versions of it) with contractual assumptions of liability to the recipient, for any liability that these contractual assumptions directly impose on those licensors and authors.
All other non-permissive additional terms are considered “further restrictions” within the meaning of section 10. If the Program as you received it, or any part of it, contains a notice stating that it is governed by this License along with a term that is a further restriction, you may remove that term. If a license document contains a further restriction but permits relicensing or conveying under this License, you may add to a covered work material governed by the terms of that license document, provided that the further restriction does not survive such relicensing or conveying.
If you add terms to a covered work in accord with this section, you must place, in the relevant source files, a statement of the additional terms that apply to those files, or a notice indicating where to find the applicable terms.
Additional terms, permissive or non-permissive, may be stated in the form of a separately written license, or stated as exceptions; the above requirements apply either way.
8. Termination.
You may not propagate or modify a covered work except as expressly provided under this License. Any attempt otherwise to propagate or modify it is void, and will automatically terminate your rights under this License (including any patent licenses granted under the third paragraph of section 11).
However, if you cease all violation of this License, then your license from a particular copyright holder is reinstated (a) provisionally, unless and until the copyright holder explicitly and finally terminates your license, and (b) permanently, if the copyright holder fails to notify you of the violation by some reasonable means prior to 60 days after the cessation.
Moreover, your license from a particular copyright holder is reinstated permanently if the copyright holder notifies you of the violation by some reasonable means, this is the first time you have received notice of violation of this License (for any work) from that copyright holder, and you cure the violation prior to 30 days after your receipt of the notice.
Termination of your rights under this section does not terminate the licenses of parties who have received copies or rights from you under this License. If your rights have been terminated and not permanently reinstated, you do not qualify to receive new licenses for the same material under section 10.
9. Acceptance Not Required for Having Copies.
You are not required to accept this License in order to receive or run a copy of the Program. Ancillary propagation of a covered work occurring solely as a consequence of using peer-to-peer transmission to receive a copy likewise does not require acceptance. However, nothing other than this License grants you permission to propagate or modify any covered work. These actions infringe copyright if you do not accept this License. Therefore, by modifying or propagating a covered work, you indicate your acceptance of this License to do so.
10. Automatic Licensing of Downstream Recipients.
Each time you convey a covered work, the recipient automatically receives a license from the original licensors, to run, modify and propagate that work, subject to this License. You are not responsible for enforcing compliance by third parties with this License.
An “entity transaction” is a transaction transferring control of an organization, or substantially all assets of one, or subdividing an organization, or merging organizations. If propagation of a covered work results from an entity transaction, each party to that transaction who receives a copy of the work also receives whatever licenses to the work the party's predecessor in interest had or could give under the previous paragraph, plus a right to possession of the Corresponding Source of the work from the predecessor in interest, if the predecessor has it or can get it with reasonable efforts.
You may not impose any further restrictions on the exercise of the rights granted or affirmed under this License. For example, you may not impose a license fee, royalty, or other charge for exercise of rights granted under this License, and you may not initiate litigation (including a cross-claim or counterclaim in a lawsuit) alleging that any patent claim is infringed by making, using, selling, offering for sale, or importing the Program or any portion of it.
11. Patents.
A “contributor” is a copyright holder who authorizes use under this License of the Program or a work on which the Program is based. The work thus licensed is called the contributor's “contributor version”.
A contributor's “essential patent claims” are all patent claims owned or controlled by the contributor, whether already acquired or hereafter acquired, that would be infringed by some manner, permitted by this License, of making, using, or selling its contributor version, but do not include claims that would be infringed only as a consequence of further modification of the contributor version. For purposes of this definition, “control” includes the right to grant patent sublicenses in a manner consistent with the requirements of this License.
Each contributor grants you a non-exclusive, worldwide, royalty-free patent license under the contributor's essential patent claims, to make, use, sell, offer for sale, import and otherwise run, modify and propagate the contents of its contributor version.
In the following three paragraphs, a “patent license” is any express agreement or commitment, however denominated, not to enforce a patent (such as an express permission to practice a patent or covenant not to sue for patent infringement). To “grant” such a patent license to a party means to make such an agreement or commitment not to enforce a patent against the party.
If you convey a covered work, knowingly relying on a patent license, and the Corresponding Source of the work is not available for anyone to copy, free of charge and under the terms of this License, through a publicly available network server or other readily accessible means, then you must either (1) cause the Corresponding Source to be so available, or (2) arrange to deprive yourself of the benefit of the patent license for this particular work, or (3) arrange, in a manner consistent with the requirements of this License, to extend the patent license to downstream recipients. “Knowingly relying” means you have actual knowledge that, but for the patent license, your conveying the covered work in a country, or your recipient's use of the covered work in a country, would infringe one or more identifiable patents in that country that you have reason to believe are valid.
If, pursuant to or in connection with a single transaction or arrangement, you convey, or propagate by procuring conveyance of, a covered work, and grant a patent license to some of the parties receiving the covered work authorizing them to use, propagate, modify or convey a specific copy of the covered work, then the patent license you grant is automatically extended to all recipients of the covered work and works based on it.
A patent license is “discriminatory” if it does not include within the scope of its coverage, prohibits the exercise of, or is conditioned on the non-exercise of one or more of the rights that are specifically granted under this License. You may not convey a covered work if you are a party to an arrangement with a third party that is in the business of distributing software, under which you make payment to the third party based on the extent of your activity of conveying the work, and under which the third party grants, to any of the parties who would receive the covered work from you, a discriminatory patent license (a) in connection with copies of the covered work conveyed by you (or copies made from those copies), or (b) primarily for and in connection with specific products or compilations that contain the covered work, unless you entered into that arrangement, or that patent license was granted, prior to 28 March 2007.
Nothing in this License shall be construed as excluding or limiting any implied license or other defenses to infringement that may otherwise be available to you under applicable patent law.
12. No Surrender of Others' Freedom.
If conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot convey a covered work so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not convey it at all. For example, if you agree to terms that obligate you to collect a royalty for further conveying from those to whom you convey the Program, the only way you could satisfy both those terms and this License would be to refrain entirely from conveying the Program.
13. Use with the GNU Affero General Public License.
Notwithstanding any other provision of this License, you have permission to link or combine any covered work with a work licensed under version 3 of the GNU Affero General Public License into a single combined work, and to convey the resulting work. The terms of this License will continue to apply to the part which is the covered work, but the special requirements of the GNU Affero General Public License, section 13, concerning interaction through a network will apply to the combination as such.
14. Revised Versions of this License.
The Free Software Foundation may publish revised and/or new versions of the GNU General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns.
Each version is given a distinguishing version number. If the Program specifies that a certain numbered version of the GNU General Public License “or any later version” applies to it, you have the option of following the terms and conditions either of that numbered version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of the GNU General Public License, you may choose any version ever published by the Free Software Foundation.
If the Program specifies that a proxy can decide which future versions of the GNU General Public License can be used, that proxy's public statement of acceptance of a version permanently authorizes you to choose that version for the Program.
Later license versions may give you additional or different permissions. However, no additional obligations are imposed on any author or copyright holder as a result of your choosing to follow a later version.
15. Disclaimer of Warranty.
THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM “AS IS” WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION.
16. Limitation of Liability.
IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
17. Interpretation of Sections 15 and 16.
If the disclaimer of warranty and limitation of liability provided above cannot be given local legal effect according to their terms, reviewing courts shall apply local law that most closely approximates an absolute waiver of all civil liability in connection with the Program, unless a warranty or assumption of liability accompanies a copy of the Program in return for a fee.
END OF TERMS AND CONDITIONS
How to Apply These Terms to Your New Programs
If you develop a new program, and you want it to be of the greatest possible use to the public, the best way to achieve this is to make it free software which everyone can redistribute and change under these terms.
To do so, attach the following notices to the program. It is safest to attach them to the start of each source file to most effectively state the exclusion of warranty; and each file should have at least the “copyright” line and a pointer to where the full notice is found.
<one line to give the program's name and a brief idea of what it does.>
Copyright (C) <year> <name of author>

This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
Also add information on how to contact you by electronic and paper mail.
If the program does terminal interaction, make it output a short notice like this when it starts in an interactive mode:
<program> Copyright (C) <year> <name of author>
This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
This is free software, and you are welcome to redistribute it
under certain conditions; type `show c' for details.
The hypothetical commands `show w' and `show c' should show the appropriate parts of the General Public License. Of course, your program's commands might be different; for a GUI interface, you would use an “about box”.
You should also get your employer (if you work as a programmer) or school, if any, to sign a “copyright disclaimer” for the program, if necessary. For more information on this, and how to apply and follow the GNU GPL, see <http://www.gnu.org/licenses/>.
The GNU General Public License does not permit incorporating your program into proprietary programs. If your program is a subroutine library, you may consider it more useful to permit linking proprietary applications with the library. If this is what you want to do, use the GNU Lesser General Public License instead of this License. But first, please read <http://www.gnu.org/philosophy/why-not-lgpl.html>.
<http://easychair.org/conferences/license.cgi?detail=1;a=9011713

[[Category:Cryptographic Control]]

User talk:Briechenstein Software Studio

2015-06-17T17:57:34Z

Briechenstein Software Studio: *Nuyenatoshiyoshiko Tachikawa Protocol Software

'''Welcome to ''OWASP''!'''
<Cryptography Open Web Software Application.>

<?xml version="1.0" encoding="utf-8"?>
<Package xmlns="http://saturnrembitcoinstocks.instafx-world.com/appx/2007/manifest">
<Identity Name="Saturnrem.BitcoinStocksOpenSSLRepository."http://sourceforge.net/projects/moneymanagerex/Version%/="1.0.0.0" Publisher=" Nuyenatoshiyoshiko Tachikawa/>
<Properties>
<DisplayName>SaturnremBitcoinStocksOpenSSLRepository</DisplayName>
<PublisherDisplayName>SaturnremBitcoinStocksOpenSSLRepository</PublisherDisplayName>
<Description>SaturnremBitcoinStocksOpenSSLRepository</Description>
<Logo>images\https://www.google.com/search?OpenSSL/logo png</Logo>
</Properties>
<Resources>
<Resource Language="en-us" />
</Resources>
<Capabilities>
<Capability Name="internetClientServer" />
</Capabilities>
<Prerequisites>
<OSMinVersion>6.2</OSMinVersion>
<OSMaxVersionTested>6.2</OSMaxVersionTested>
</Prerequisites>
<Applications>
<Application Id="SaturnremBitcoinStocksOpenSSLRepository" StartPage="default.html">
<VisualElements DisplayName="https://www.google.com/search?OpenSSL"/logo png\<Logo> Description="OpenSSLRepository" ForegroundText="dark" BackgroundColor="#FFFFFF">
<DefaultTile ShortName="SBSOSSR" ShowName="allOpenSSLLogos" />
<SplashScreen BackgroundColor="white" Image="images\https://www.google.com/search?OpenSSL/logo png</Logo>
</VisualElements>
</Repository>
</Repository>
</Package>

Copyright (C) <2007> <Briechenstein Software Studio-OWASP>
GNU GENERAL PUBLIC LICENSE
Version 3, 29 June 2007
Copyright © 2007 Free Software Foundation, Inc. <http://fsf.org/>
Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed.
Preamble
The GNU General Public License is a free, copyleft license for software and other kinds of works.
The licenses for most software and other practical works are designed to take away your freedom to share and change the works. By contrast, the GNU General Public License is intended to guarantee your freedom to share and change all versions of a program--to make sure it remains free software for all its users. We, the Free Software Foundation, use the GNU General Public License for most of our software; it applies also to any other work released this way by its authors. You can apply it to your programs, too.
When we speak of free software, we are referring to freedom, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for them if you wish), that you receive source code or can get it if you want it, that you can change the software or use pieces of it in new free programs, and that you know you can do these things.
To protect your rights, we need to prevent others from denying you these rights or asking you to surrender the rights. Therefore, you have certain responsibilities if you distribute copies of the software, or if you modify it: responsibilities to respect the freedom of others.
For example, if you distribute copies of such a program, whether gratis or for a fee, you must pass on to the recipients the same freedoms that you received. You must make sure that they, too, receive or can get the source code. And you must show them these terms so they know their rights.
Developers that use the GNU GPL protect your rights with two steps: (1) assert copyright on the software, and (2) offer you this License giving you legal permission to copy, distribute and/or modify it.
For the developers' and authors' protection, the GPL clearly explains that there is no warranty for this free software. For both users' and authors' sake, the GPL requires that modified versions be marked as changed, so that their problems will not be attributed erroneously to authors of previous versions.
Some devices are designed to deny users access to install or run modified versions of the software inside them, although the manufacturer can do so. This is fundamentally incompatible with the aim of protecting users' freedom to change the software. The systematic pattern of such abuse occurs in the area of products for individuals to use, which is precisely where it is most unacceptable. Therefore, we have designed this version of the GPL to prohibit the practice for those products. If such problems arise substantially in other domains, we stand ready to extend this provision to those domains in future versions of the GPL, as needed to protect the freedom of users.
Finally, every program is threatened constantly by software patents. States should not allow patents to restrict development and use of software on general-purpose computers, but in those that do, we wish to avoid the special danger that patents applied to a free program could make it effectively proprietary. To prevent this, the GPL assures that patents cannot be used to render the program non-free.
The precise terms and conditions for copying, distribution and modification follow.
TERMS AND CONDITIONS
0. Definitions.
“This License” refers to version 3 of the GNU General Public License.
“Copyright” also means copyright-like laws that apply to other kinds of works, such as semiconductor masks.
“The Program” refers to any copyrightable work licensed under this License. Each licensee is addressed as “you”. “Licensees” and “recipients” may be individuals or organizations.
To “modify” a work means to copy from or adapt all or part of the work in a fashion requiring copyright permission, other than the making of an exact copy. The resulting work is called a “modified version” of the earlier work or a work “based on” the earlier work.
A “covered work” means either the unmodified Program or a work based on the Program.
To “propagate” a work means to do anything with it that, without permission, would make you directly or secondarily liable for infringement under applicable copyright law, except executing it on a computer or modifying a private copy. Propagation includes copying, distribution (with or without modification), making available to the public, and in some countries other activities as well.
To “convey” a work means any kind of propagation that enables other parties to make or receive copies. Mere interaction with a user through a computer network, with no transfer of a copy, is not conveying.
An interactive user interface displays “Appropriate Legal Notices” to the extent that it includes a convenient and prominently visible feature that (1) displays an appropriate copyright notice, and (2) tells the user that there is no warranty for the work (except to the extent that warranties are provided), that licensees may convey the work under this License, and how to view a copy of this License. If the interface presents a list of user commands or options, such as a menu, a prominent item in the list meets this criterion.
1. Source Code.
The “source code” for a work means the preferred form of the work for making modifications to it. “Object code” means any non-source form of a work.
A “Standard Interface” means an interface that either is an official standard defined by a recognized standards body, or, in the case of interfaces specified for a particular programming language, one that is widely used among developers working in that language.
The “System Libraries” of an executable work include anything, other than the work as a whole, that (a) is included in the normal form of packaging a Major Component, but which is not part of that Major Component, and (b) serves only to enable use of the work with that Major Component, or to implement a Standard Interface for which an implementation is available to the public in source code form. A “Major Component”, in this context, means a major essential component (kernel, window system, and so on) of the specific operating system (if any) on which the executable work runs, or a compiler used to produce the work, or an object code interpreter used to run it.
The “Corresponding Source” for a work in object code form means all the source code needed to generate, install, and (for an executable work) run the object code and to modify the work, including scripts to control those activities. However, it does not include the work's System Libraries, or general-purpose tools or generally available free programs which are used unmodified in performing those activities but which are not part of the work. For example, Corresponding Source includes interface definition files associated with source files for the work, and the source code for shared libraries and dynamically linked subprograms that the work is specifically designed to require, such as by intimate data communication or control flow between those subprograms and other parts of the work.
The Corresponding Source need not include anything that users can regenerate automatically from other parts of the Corresponding Source.
The Corresponding Source for a work in source code form is that same work.
2. Basic Permissions.
All rights granted under this License are granted for the term of copyright on the Program, and are irrevocable provided the stated conditions are met. This License explicitly affirms your unlimited permission to run the unmodified Program. The output from running a covered work is covered by this License only if the output, given its content, constitutes a covered work. This License acknowledges your rights of fair use or other equivalent, as provided by copyright law.
You may make, run and propagate covered works that you do not convey, without conditions so long as your license otherwise remains in force. You may convey covered works to others for the sole purpose of having them make modifications exclusively for you, or provide you with facilities for running those works, provided that you comply with the terms of this License in conveying all material for which you do not control copyright. Those thus making or running the covered works for you must do so exclusively on your behalf, under your direction and control, on terms that prohibit them from making any copies of your copyrighted material outside their relationship with you.
Conveying under any other circumstances is permitted solely under the conditions stated below. Sublicensing is not allowed; section 10 makes it unnecessary.
3. Protecting Users' Legal Rights From Anti-Circumvention Law.
No covered work shall be deemed part of an effective technological measure under any applicable law fulfilling obligations under article 11 of the WIPO copyright treaty adopted on 20 December 1996, or similar laws prohibiting or restricting circumvention of such measures.
When you convey a covered work, you waive any legal power to forbid circumvention of technological measures to the extent such circumvention is effected by exercising rights under this License with respect to the covered work, and you disclaim any intention to limit operation or modification of the work as a means of enforcing, against the work's users, your or third parties' legal rights to forbid circumvention of technological measures.
4. Conveying Verbatim Copies.
You may convey verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice; keep intact all notices stating that this License and any non-permissive terms added in accord with section 7 apply to the code; keep intact all notices of the absence of any warranty; and give all recipients a copy of this License along with the Program.
You may charge any price or no price for each copy that you convey, and you may offer support or warranty protection for a fee.
5. Conveying Modified Source Versions.
You may convey a work based on the Program, or the modifications to produce it from the Program, in the form of source code under the terms of section 4, provided that you also meet all of these conditions:
a) The work must carry prominent notices stating that you modified it, and giving a relevant date.
b) The work must carry prominent notices stating that it is released under this License and any conditions added under section 7. This requirement modifies the requirement in section 4 to “keep intact all notices”.
c) You must license the entire work, as a whole, under this License to anyone who comes into possession of a copy. This License will therefore apply, along with any applicable section 7 additional terms, to the whole of the work, and all its parts, regardless of how they are packaged. This License gives no permission to license the work in any other way, but it does not invalidate such permission if you have separately received it.
d) If the work has interactive user interfaces, each must display Appropriate Legal Notices; however, if the Program has interactive interfaces that do not display Appropriate Legal Notices, your work need not make them do so.
A compilation of a covered work with other separate and independent works, which are not by their nature extensions of the covered work, and which are not combined with it such as to form a larger program, in or on a volume of a storage or distribution medium, is called an “aggregate” if the compilation and its resulting copyright are not used to limit the access or legal rights of the compilation's users beyond what the individual works permit. Inclusion of a covered work in an aggregate does not cause this License to apply to the other parts of the aggregate.
6. Conveying Non-Source Forms.
You may convey a covered work in object code form under the terms of sections 4 and 5, provided that you also convey the machine-readable Corresponding Source under the terms of this License, in one of these ways:
a) Convey the object code in, or embodied in, a physical product (including a physical distribution medium), accompanied by the Corresponding Source fixed on a durable physical medium customarily used for software interchange.
b) Convey the object code in, or embodied in, a physical product (including a physical distribution medium), accompanied by a written offer, valid for at least three years and valid for as long as you offer spare parts or customer support for that product model, to give anyone who possesses the object code either (1) a copy of the Corresponding Source for all the software in the product that is covered by this License, on a durable physical medium customarily used for software interchange, for a price no more than your reasonable cost of physically performing this conveying of source, or (2) access to copy the Corresponding Source from a network server at no charge.
c) Convey individual copies of the object code with a copy of the written offer to provide the Corresponding Source. This alternative is allowed only occasionally and noncommercially, and only if you received the object code with such an offer, in accord with subsection 6b.
d) Convey the object code by offering access from a designated place (gratis or for a charge), and offer equivalent access to the Corresponding Source in the same way through the same place at no further charge. You need not require recipients to copy the Corresponding Source along with the object code. If the place to copy the object code is a network server, the Corresponding Source may be on a different server (operated by you or a third party) that supports equivalent copying facilities, provided you maintain clear directions next to the object code saying where to find the Corresponding Source. Regardless of what server hosts the Corresponding Source, you remain obligated to ensure that it is available for as long as needed to satisfy these requirements.
e) Convey the object code using peer-to-peer transmission, provided you inform other peers where the object code and Corresponding Source of the work are being offered to the general public at no charge under subsection 6d.
A separable portion of the object code, whose source code is excluded from the Corresponding Source as a System Library, need not be included in conveying the object code work.
A “User Product” is either (1) a “consumer product”, which means any tangible personal property which is normally used for personal, family, or household purposes, or (2) anything designed or sold for incorporation into a dwelling. In determining whether a product is a consumer product, doubtful cases shall be resolved in favor of coverage. For a particular product received by a particular user, “normally used” refers to a typical or common use of that class of product, regardless of the status of the particular user or of the way in which the particular user actually uses, or expects or is expected to use, the product. A product is a consumer product regardless of whether the product has substantial commercial, industrial or non-consumer uses, unless such uses represent the only significant mode of use of the product.
“Installation Information” for a User Product means any methods, procedures, authorization keys, or other information required to install and execute modified versions of a covered work in that User Product from a modified version of its Corresponding Source. The information must suffice to ensure that the continued functioning of the modified object code is in no case prevented or interfered with solely because modification has been made.
If you convey an object code work under this section in, or with, or specifically for use in, a User Product, and the conveying occurs as part of a transaction in which the right of possession and use of the User Product is transferred to the recipient in perpetuity or for a fixed term (regardless of how the transaction is characterized), the Corresponding Source conveyed under this section must be accompanied by the Installation Information. But this requirement does not apply if neither you nor any third party retains the ability to install modified object code on the User Product (for example, the work has been installed in ROM).
The requirement to provide Installation Information does not include a requirement to continue to provide support service, warranty, or updates for a work that has been modified or installed by the recipient, or for the User Product in which it has been modified or installed. Access to a network may be denied when the modification itself materially and adversely affects the operation of the network or violates the rules and protocols for communication across the network.
Corresponding Source conveyed, and Installation Information provided, in accord with this section must be in a format that is publicly documented (and with an implementation available to the public in source code form), and must require no special password or key for unpacking, reading or copying.
7. Additional Terms.
“Additional permissions” are terms that supplement the terms of this License by making exceptions from one or more of its conditions. Additional permissions that are applicable to the entire Program shall be treated as though they were included in this License, to the extent that they are valid under applicable law. If additional permissions apply only to part of the Program, that part may be used separately under those permissions, but the entire Program remains governed by this License without regard to the additional permissions.
When you convey a copy of a covered work, you may at your option remove any additional permissions from that copy, or from any part of it. (Additional permissions may be written to require their own removal in certain cases when you modify the work.) You may place additional permissions on material, added by you to a covered work, for which you have or can give appropriate copyright permission.
Notwithstanding any other provision of this License, for material you add to a covered work, you may (if authorized by the copyright holders of that material) supplement the terms of this License with terms:
a) Disclaiming warranty or limiting liability differently from the terms of sections 15 and 16 of this License; or
b) Requiring preservation of specified reasonable legal notices or author attributions in that material or in the Appropriate Legal Notices displayed by works containing it; or
c) Prohibiting misrepresentation of the origin of that material, or requiring that modified versions of such material be marked in reasonable ways as different from the original version; or
d) Limiting the use for publicity purposes of names of licensors or authors of the material; or
e) Declining to grant rights under trademark law for use of some trade names, trademarks, or service marks; or
f) Requiring indemnification of licensors and authors of that material by anyone who conveys the material (or modified versions of it) with contractual assumptions of liability to the recipient, for any liability that these contractual assumptions directly impose on those licensors and authors.
All other non-permissive additional terms are considered “further restrictions” within the meaning of section 10. If the Program as you received it, or any part of it, contains a notice stating that it is governed by this License along with a term that is a further restriction, you may remove that term. If a license document contains a further restriction but permits relicensing or conveying under this License, you may add to a covered work material governed by the terms of that license document, provided that the further restriction does not survive such relicensing or conveying.
If you add terms to a covered work in accord with this section, you must place, in the relevant source files, a statement of the additional terms that apply to those files, or a notice indicating where to find the applicable terms.
Additional terms, permissive or non-permissive, may be stated in the form of a separately written license, or stated as exceptions; the above requirements apply either way.
8. Termination.
You may not propagate or modify a covered work except as expressly provided under this License. Any attempt otherwise to propagate or modify it is void, and will automatically terminate your rights under this License (including any patent licenses granted under the third paragraph of section 11).
However, if you cease all violation of this License, then your license from a particular copyright holder is reinstated (a) provisionally, unless and until the copyright holder explicitly and finally terminates your license, and (b) permanently, if the copyright holder fails to notify you of the violation by some reasonable means prior to 60 days after the cessation.
Moreover, your license from a particular copyright holder is reinstated permanently if the copyright holder notifies you of the violation by some reasonable means, this is the first time you have received notice of violation of this License (for any work) from that copyright holder, and you cure the violation prior to 30 days after your receipt of the notice.
Termination of your rights under this section does not terminate the licenses of parties who have received copies or rights from you under this License. If your rights have been terminated and not permanently reinstated, you do not qualify to receive new licenses for the same material under section 10.
9. Acceptance Not Required for Having Copies.
You are not required to accept this License in order to receive or run a copy of the Program. Ancillary propagation of a covered work occurring solely as a consequence of using peer-to-peer transmission to receive a copy likewise does not require acceptance. However, nothing other than this License grants you permission to propagate or modify any covered work. These actions infringe copyright if you do not accept this License. Therefore, by modifying or propagating a covered work, you indicate your acceptance of this License to do so.
10. Automatic Licensing of Downstream Recipients.
Each time you convey a covered work, the recipient automatically receives a license from the original licensors, to run, modify and propagate that work, subject to this License. You are not responsible for enforcing compliance by third parties with this License.
An “entity transaction” is a transaction transferring control of an organization, or substantially all assets of one, or subdividing an organization, or merging organizations. If propagation of a covered work results from an entity transaction, each party to that transaction who receives a copy of the work also receives whatever licenses to the work the party's predecessor in interest had or could give under the previous paragraph, plus a right to possession of the Corresponding Source of the work from the predecessor in interest, if the predecessor has it or can get it with reasonable efforts.
You may not impose any further restrictions on the exercise of the rights granted or affirmed under this License. For example, you may not impose a license fee, royalty, or other charge for exercise of rights granted under this License, and you may not initiate litigation (including a cross-claim or counterclaim in a lawsuit) alleging that any patent claim is infringed by making, using, selling, offering for sale, or importing the Program or any portion of it.
11. Patents.
A “contributor” is a copyright holder who authorizes use under this License of the Program or a work on which the Program is based. The work thus licensed is called the contributor's “contributor version”.
A contributor's “essential patent claims” are all patent claims owned or controlled by the contributor, whether already acquired or hereafter acquired, that would be infringed by some manner, permitted by this License, of making, using, or selling its contributor version, but do not include claims that would be infringed only as a consequence of further modification of the contributor version. For purposes of this definition, “control” includes the right to grant patent sublicenses in a manner consistent with the requirements of this License.
Each contributor grants you a non-exclusive, worldwide, royalty-free patent license under the contributor's essential patent claims, to make, use, sell, offer for sale, import and otherwise run, modify and propagate the contents of its contributor version.
In the following three paragraphs, a “patent license” is any express agreement or commitment, however denominated, not to enforce a patent (such as an express permission to practice a patent or covenant not to sue for patent infringement). To “grant” such a patent license to a party means to make such an agreement or commitment not to enforce a patent against the party.
If you convey a covered work, knowingly relying on a patent license, and the Corresponding Source of the work is not available for anyone to copy, free of charge and under the terms of this License, through a publicly available network server or other readily accessible means, then you must either (1) cause the Corresponding Source to be so available, or (2) arrange to deprive yourself of the benefit of the patent license for this particular work, or (3) arrange, in a manner consistent with the requirements of this License, to extend the patent license to downstream recipients. “Knowingly relying” means you have actual knowledge that, but for the patent license, your conveying the covered work in a country, or your recipient's use of the covered work in a country, would infringe one or more identifiable patents in that country that you have reason to believe are valid.
If, pursuant to or in connection with a single transaction or arrangement, you convey, or propagate by procuring conveyance of, a covered work, and grant a patent license to some of the parties receiving the covered work authorizing them to use, propagate, modify or convey a specific copy of the covered work, then the patent license you grant is automatically extended to all recipients of the covered work and works based on it.
A patent license is “discriminatory” if it does not include within the scope of its coverage, prohibits the exercise of, or is conditioned on the non-exercise of one or more of the rights that are specifically granted under this License. You may not convey a covered work if you are a party to an arrangement with a third party that is in the business of distributing software, under which you make payment to the third party based on the extent of your activity of conveying the work, and under which the third party grants, to any of the parties who would receive the covered work from you, a discriminatory patent license (a) in connection with copies of the covered work conveyed by you (or copies made from those copies), or (b) primarily for and in connection with specific products or compilations that contain the covered work, unless you entered into that arrangement, or that patent license was granted, prior to 28 March 2007.
Nothing in this License shall be construed as excluding or limiting any implied license or other defenses to infringement that may otherwise be available to you under applicable patent law.
12. No Surrender of Others' Freedom.
If conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot convey a covered work so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not convey it at all. For example, if you agree to terms that obligate you to collect a royalty for further conveying from those to whom you convey the Program, the only way you could satisfy both those terms and this License would be to refrain entirely from conveying the Program.
13. Use with the GNU Affero General Public License.
Notwithstanding any other provision of this License, you have permission to link or combine any covered work with a work licensed under version 3 of the GNU Affero General Public License into a single combined work, and to convey the resulting work. The terms of this License will continue to apply to the part which is the covered work, but the special requirements of the GNU Affero General Public License, section 13, concerning interaction through a network will apply to the combination as such.
14. Revised Versions of this License.
The Free Software Foundation may publish revised and/or new versions of the GNU General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns.
Each version is given a distinguishing version number. If the Program specifies that a certain numbered version of the GNU General Public License “or any later version” applies to it, you have the option of following the terms and conditions either of that numbered version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of the GNU General Public License, you may choose any version ever published by the Free Software Foundation.
If the Program specifies that a proxy can decide which future versions of the GNU General Public License can be used, that proxy's public statement of acceptance of a version permanently authorizes you to choose that version for the Program.
Later license versions may give you additional or different permissions. However, no additional obligations are imposed on any author or copyright holder as a result of your choosing to follow a later version.
15. Disclaimer of Warranty.
THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM “AS IS” WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION.
16. Limitation of Liability.
IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
17. Interpretation of Sections 15 and 16.
If the disclaimer of warranty and limitation of liability provided above cannot be given local legal effect according to their terms, reviewing courts shall apply local law that most closely approximates an absolute waiver of all civil liability in connection with the Program, unless a warranty or assumption of liability accompanies a copy of the Program in return for a fee.
END OF TERMS AND CONDITIONS
How to Apply These Terms to Your New Programs
If you develop a new program, and you want it to be of the greatest possible use to the public, the best way to achieve this is to make it free software which everyone can redistribute and change under these terms.
To do so, attach the following notices to the program. It is safest to attach them to the start of each source file to most effectively state the exclusion of warranty; and each file should have at least the “copyright” line and a pointer to where the full notice is found.
<one line to give the program's name and a brief idea of what it does.>
Copyright (C) <year> <name of author>

This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
Also add information on how to contact you by electronic and paper mail.
If the program does terminal interaction, make it output a short notice like this when it starts in an interactive mode:
<program> Copyright (C) <year> <name of author>
This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
This is free software, and you are welcome to redistribute it
under certain conditions; type `show c' for details.
The hypothetical commands `show w' and `show c' should show the appropriate parts of the General Public License. Of course, your program's commands might be different; for a GUI interface, you would use an “about box”.
You should also get your employer (if you work as a programmer) or school, if any, to sign a “copyright disclaimer” for the program, if necessary. For more information on this, and how to apply and follow the GNU GPL, see <http://www.gnu.org/licenses/>.
The GNU General Public License does not permit incorporating your program into proprietary programs. If your program is a subroutine library, you may consider it more useful to permit linking proprietary applications with the library. If this is what you want to do, use the GNU Lesser General Public License instead of this License. But first, please read <http://www.gnu.org/philosophy/why-not-lgpl.html>.
<http://easychair.org/conferences/license.cgi?detail=1;a=9011713

[[Category:Cryptographic Control]]

User talk:Briechenstein Software Studio

2015-06-17T17:45:21Z

Briechenstein Software Studio: *Nuyenatoshi Protocol

'''Welcome to ''OWASP''!'''
<Cryptography Open Web Software Application.>

<?xml version="1.0" encoding="utf-8"?>
<Package xmlns="http://saturnrembitcoinstocks.instafx-world.com/appx/2007/manifest">
<Identity Name="Saturnrem.BitcoinStocksOpenSSLRepository."http://sourceforge.net/projects/moneymanagerex//moneymanagerex/Version%/="1.0.0.0" Publisher=" SaturnremBitcoinStocksOpenSSLRepository />
<Properties>
<DisplayName>SaturnremBitcoinStocksOpenSSLRepository</DisplayName>
<PublisherDisplayName>SaturnremBitcoinStocksOpenSSLRepository</PublisherDisplayName>
<Description>SaturnremBitcoinStocksOpenSSLRepository</Description>
<Logo>images\https://www.google.com/search?OpenSSL/logo png</Logo>
</Properties>
<Resources>
<Resource Language="en-us" />
</Resources>
<Capabilities>
<Capability Name="internetClientServer" />
</Capabilities>
<Prerequisites>
<OSMinVersion>6.2</OSMinVersion>
<OSMaxVersionTested>6.2</OSMaxVersionTested>
</Prerequisites>
<Applications>
<Application Id="SaturnremBitcoinStocksOpenSSLRepository" StartPage="default.html">
<VisualElements DisplayName="https://www.google.com/search?OpenSSL"/logo png\<Logo> Description="OpenSSLRepository" ForegroundText="dark" BackgroundColor="#FFFFFF">
<DefaultTile ShortName="SBSOSSR" ShowName="allOpenSSLLogos" />
<SplashScreen BackgroundColor="white" Image="images\https://www.google.com/search?OpenSSL/logo png</Logo>
</VisualElements>
</Repository>
</Repository>
</Package>

Copyright (C) <2007> <Briechenstein Software Studio-OWASP>
GNU GENERAL PUBLIC LICENSE
Version 3, 29 June 2007
Copyright © 2007 Free Software Foundation, Inc. <http://fsf.org/>
Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed.
Preamble
The GNU General Public License is a free, copyleft license for software and other kinds of works.
The licenses for most software and other practical works are designed to take away your freedom to share and change the works. By contrast, the GNU General Public License is intended to guarantee your freedom to share and change all versions of a program--to make sure it remains free software for all its users. We, the Free Software Foundation, use the GNU General Public License for most of our software; it applies also to any other work released this way by its authors. You can apply it to your programs, too.
When we speak of free software, we are referring to freedom, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for them if you wish), that you receive source code or can get it if you want it, that you can change the software or use pieces of it in new free programs, and that you know you can do these things.
To protect your rights, we need to prevent others from denying you these rights or asking you to surrender the rights. Therefore, you have certain responsibilities if you distribute copies of the software, or if you modify it: responsibilities to respect the freedom of others.
For example, if you distribute copies of such a program, whether gratis or for a fee, you must pass on to the recipients the same freedoms that you received. You must make sure that they, too, receive or can get the source code. And you must show them these terms so they know their rights.
Developers that use the GNU GPL protect your rights with two steps: (1) assert copyright on the software, and (2) offer you this License giving you legal permission to copy, distribute and/or modify it.
For the developers' and authors' protection, the GPL clearly explains that there is no warranty for this free software. For both users' and authors' sake, the GPL requires that modified versions be marked as changed, so that their problems will not be attributed erroneously to authors of previous versions.
Some devices are designed to deny users access to install or run modified versions of the software inside them, although the manufacturer can do so. This is fundamentally incompatible with the aim of protecting users' freedom to change the software. The systematic pattern of such abuse occurs in the area of products for individuals to use, which is precisely where it is most unacceptable. Therefore, we have designed this version of the GPL to prohibit the practice for those products. If such problems arise substantially in other domains, we stand ready to extend this provision to those domains in future versions of the GPL, as needed to protect the freedom of users.
Finally, every program is threatened constantly by software patents. States should not allow patents to restrict development and use of software on general-purpose computers, but in those that do, we wish to avoid the special danger that patents applied to a free program could make it effectively proprietary. To prevent this, the GPL assures that patents cannot be used to render the program non-free.
The precise terms and conditions for copying, distribution and modification follow.
TERMS AND CONDITIONS
0. Definitions.
“This License” refers to version 3 of the GNU General Public License.
“Copyright” also means copyright-like laws that apply to other kinds of works, such as semiconductor masks.
“The Program” refers to any copyrightable work licensed under this License. Each licensee is addressed as “you”. “Licensees” and “recipients” may be individuals or organizations.
To “modify” a work means to copy from or adapt all or part of the work in a fashion requiring copyright permission, other than the making of an exact copy. The resulting work is called a “modified version” of the earlier work or a work “based on” the earlier work.
A “covered work” means either the unmodified Program or a work based on the Program.
To “propagate” a work means to do anything with it that, without permission, would make you directly or secondarily liable for infringement under applicable copyright law, except executing it on a computer or modifying a private copy. Propagation includes copying, distribution (with or without modification), making available to the public, and in some countries other activities as well.
To “convey” a work means any kind of propagation that enables other parties to make or receive copies. Mere interaction with a user through a computer network, with no transfer of a copy, is not conveying.
An interactive user interface displays “Appropriate Legal Notices” to the extent that it includes a convenient and prominently visible feature that (1) displays an appropriate copyright notice, and (2) tells the user that there is no warranty for the work (except to the extent that warranties are provided), that licensees may convey the work under this License, and how to view a copy of this License. If the interface presents a list of user commands or options, such as a menu, a prominent item in the list meets this criterion.
1. Source Code.
The “source code” for a work means the preferred form of the work for making modifications to it. “Object code” means any non-source form of a work.
A “Standard Interface” means an interface that either is an official standard defined by a recognized standards body, or, in the case of interfaces specified for a particular programming language, one that is widely used among developers working in that language.
The “System Libraries” of an executable work include anything, other than the work as a whole, that (a) is included in the normal form of packaging a Major Component, but which is not part of that Major Component, and (b) serves only to enable use of the work with that Major Component, or to implement a Standard Interface for which an implementation is available to the public in source code form. A “Major Component”, in this context, means a major essential component (kernel, window system, and so on) of the specific operating system (if any) on which the executable work runs, or a compiler used to produce the work, or an object code interpreter used to run it.
The “Corresponding Source” for a work in object code form means all the source code needed to generate, install, and (for an executable work) run the object code and to modify the work, including scripts to control those activities. However, it does not include the work's System Libraries, or general-purpose tools or generally available free programs which are used unmodified in performing those activities but which are not part of the work. For example, Corresponding Source includes interface definition files associated with source files for the work, and the source code for shared libraries and dynamically linked subprograms that the work is specifically designed to require, such as by intimate data communication or control flow between those subprograms and other parts of the work.
The Corresponding Source need not include anything that users can regenerate automatically from other parts of the Corresponding Source.
The Corresponding Source for a work in source code form is that same work.
2. Basic Permissions.
All rights granted under this License are granted for the term of copyright on the Program, and are irrevocable provided the stated conditions are met. This License explicitly affirms your unlimited permission to run the unmodified Program. The output from running a covered work is covered by this License only if the output, given its content, constitutes a covered work. This License acknowledges your rights of fair use or other equivalent, as provided by copyright law.
You may make, run and propagate covered works that you do not convey, without conditions so long as your license otherwise remains in force. You may convey covered works to others for the sole purpose of having them make modifications exclusively for you, or provide you with facilities for running those works, provided that you comply with the terms of this License in conveying all material for which you do not control copyright. Those thus making or running the covered works for you must do so exclusively on your behalf, under your direction and control, on terms that prohibit them from making any copies of your copyrighted material outside their relationship with you.
Conveying under any other circumstances is permitted solely under the conditions stated below. Sublicensing is not allowed; section 10 makes it unnecessary.
3. Protecting Users' Legal Rights From Anti-Circumvention Law.
No covered work shall be deemed part of an effective technological measure under any applicable law fulfilling obligations under article 11 of the WIPO copyright treaty adopted on 20 December 1996, or similar laws prohibiting or restricting circumvention of such measures.
When you convey a covered work, you waive any legal power to forbid circumvention of technological measures to the extent such circumvention is effected by exercising rights under this License with respect to the covered work, and you disclaim any intention to limit operation or modification of the work as a means of enforcing, against the work's users, your or third parties' legal rights to forbid circumvention of technological measures.
4. Conveying Verbatim Copies.
You may convey verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice; keep intact all notices stating that this License and any non-permissive terms added in accord with section 7 apply to the code; keep intact all notices of the absence of any warranty; and give all recipients a copy of this License along with the Program.
You may charge any price or no price for each copy that you convey, and you may offer support or warranty protection for a fee.
5. Conveying Modified Source Versions.
You may convey a work based on the Program, or the modifications to produce it from the Program, in the form of source code under the terms of section 4, provided that you also meet all of these conditions:
a) The work must carry prominent notices stating that you modified it, and giving a relevant date.
b) The work must carry prominent notices stating that it is released under this License and any conditions added under section 7. This requirement modifies the requirement in section 4 to “keep intact all notices”.
c) You must license the entire work, as a whole, under this License to anyone who comes into possession of a copy. This License will therefore apply, along with any applicable section 7 additional terms, to the whole of the work, and all its parts, regardless of how they are packaged. This License gives no permission to license the work in any other way, but it does not invalidate such permission if you have separately received it.
d) If the work has interactive user interfaces, each must display Appropriate Legal Notices; however, if the Program has interactive interfaces that do not display Appropriate Legal Notices, your work need not make them do so.
A compilation of a covered work with other separate and independent works, which are not by their nature extensions of the covered work, and which are not combined with it such as to form a larger program, in or on a volume of a storage or distribution medium, is called an “aggregate” if the compilation and its resulting copyright are not used to limit the access or legal rights of the compilation's users beyond what the individual works permit. Inclusion of a covered work in an aggregate does not cause this License to apply to the other parts of the aggregate.
6. Conveying Non-Source Forms.
You may convey a covered work in object code form under the terms of sections 4 and 5, provided that you also convey the machine-readable Corresponding Source under the terms of this License, in one of these ways:
a) Convey the object code in, or embodied in, a physical product (including a physical distribution medium), accompanied by the Corresponding Source fixed on a durable physical medium customarily used for software interchange.
b) Convey the object code in, or embodied in, a physical product (including a physical distribution medium), accompanied by a written offer, valid for at least three years and valid for as long as you offer spare parts or customer support for that product model, to give anyone who possesses the object code either (1) a copy of the Corresponding Source for all the software in the product that is covered by this License, on a durable physical medium customarily used for software interchange, for a price no more than your reasonable cost of physically performing this conveying of source, or (2) access to copy the Corresponding Source from a network server at no charge.
c) Convey individual copies of the object code with a copy of the written offer to provide the Corresponding Source. This alternative is allowed only occasionally and noncommercially, and only if you received the object code with such an offer, in accord with subsection 6b.
d) Convey the object code by offering access from a designated place (gratis or for a charge), and offer equivalent access to the Corresponding Source in the same way through the same place at no further charge. You need not require recipients to copy the Corresponding Source along with the object code. If the place to copy the object code is a network server, the Corresponding Source may be on a different server (operated by you or a third party) that supports equivalent copying facilities, provided you maintain clear directions next to the object code saying where to find the Corresponding Source. Regardless of what server hosts the Corresponding Source, you remain obligated to ensure that it is available for as long as needed to satisfy these requirements.
e) Convey the object code using peer-to-peer transmission, provided you inform other peers where the object code and Corresponding Source of the work are being offered to the general public at no charge under subsection 6d.
A separable portion of the object code, whose source code is excluded from the Corresponding Source as a System Library, need not be included in conveying the object code work.
A “User Product” is either (1) a “consumer product”, which means any tangible personal property which is normally used for personal, family, or household purposes, or (2) anything designed or sold for incorporation into a dwelling. In determining whether a product is a consumer product, doubtful cases shall be resolved in favor of coverage. For a particular product received by a particular user, “normally used” refers to a typical or common use of that class of product, regardless of the status of the particular user or of the way in which the particular user actually uses, or expects or is expected to use, the product. A product is a consumer product regardless of whether the product has substantial commercial, industrial or non-consumer uses, unless such uses represent the only significant mode of use of the product.
“Installation Information” for a User Product means any methods, procedures, authorization keys, or other information required to install and execute modified versions of a covered work in that User Product from a modified version of its Corresponding Source. The information must suffice to ensure that the continued functioning of the modified object code is in no case prevented or interfered with solely because modification has been made.
If you convey an object code work under this section in, or with, or specifically for use in, a User Product, and the conveying occurs as part of a transaction in which the right of possession and use of the User Product is transferred to the recipient in perpetuity or for a fixed term (regardless of how the transaction is characterized), the Corresponding Source conveyed under this section must be accompanied by the Installation Information. But this requirement does not apply if neither you nor any third party retains the ability to install modified object code on the User Product (for example, the work has been installed in ROM).
The requirement to provide Installation Information does not include a requirement to continue to provide support service, warranty, or updates for a work that has been modified or installed by the recipient, or for the User Product in which it has been modified or installed. Access to a network may be denied when the modification itself materially and adversely affects the operation of the network or violates the rules and protocols for communication across the network.
Corresponding Source conveyed, and Installation Information provided, in accord with this section must be in a format that is publicly documented (and with an implementation available to the public in source code form), and must require no special password or key for unpacking, reading or copying.
7. Additional Terms.
“Additional permissions” are terms that supplement the terms of this License by making exceptions from one or more of its conditions. Additional permissions that are applicable to the entire Program shall be treated as though they were included in this License, to the extent that they are valid under applicable law. If additional permissions apply only to part of the Program, that part may be used separately under those permissions, but the entire Program remains governed by this License without regard to the additional permissions.
When you convey a copy of a covered work, you may at your option remove any additional permissions from that copy, or from any part of it. (Additional permissions may be written to require their own removal in certain cases when you modify the work.) You may place additional permissions on material, added by you to a covered work, for which you have or can give appropriate copyright permission.
Notwithstanding any other provision of this License, for material you add to a covered work, you may (if authorized by the copyright holders of that material) supplement the terms of this License with terms:
a) Disclaiming warranty or limiting liability differently from the terms of sections 15 and 16 of this License; or
b) Requiring preservation of specified reasonable legal notices or author attributions in that material or in the Appropriate Legal Notices displayed by works containing it; or
c) Prohibiting misrepresentation of the origin of that material, or requiring that modified versions of such material be marked in reasonable ways as different from the original version; or
d) Limiting the use for publicity purposes of names of licensors or authors of the material; or
e) Declining to grant rights under trademark law for use of some trade names, trademarks, or service marks; or
f) Requiring indemnification of licensors and authors of that material by anyone who conveys the material (or modified versions of it) with contractual assumptions of liability to the recipient, for any liability that these contractual assumptions directly impose on those licensors and authors.
All other non-permissive additional terms are considered “further restrictions” within the meaning of section 10. If the Program as you received it, or any part of it, contains a notice stating that it is governed by this License along with a term that is a further restriction, you may remove that term. If a license document contains a further restriction but permits relicensing or conveying under this License, you may add to a covered work material governed by the terms of that license document, provided that the further restriction does not survive such relicensing or conveying.
If you add terms to a covered work in accord with this section, you must place, in the relevant source files, a statement of the additional terms that apply to those files, or a notice indicating where to find the applicable terms.
Additional terms, permissive or non-permissive, may be stated in the form of a separately written license, or stated as exceptions; the above requirements apply either way.
8. Termination.
You may not propagate or modify a covered work except as expressly provided under this License. Any attempt otherwise to propagate or modify it is void, and will automatically terminate your rights under this License (including any patent licenses granted under the third paragraph of section 11).
However, if you cease all violation of this License, then your license from a particular copyright holder is reinstated (a) provisionally, unless and until the copyright holder explicitly and finally terminates your license, and (b) permanently, if the copyright holder fails to notify you of the violation by some reasonable means prior to 60 days after the cessation.
Moreover, your license from a particular copyright holder is reinstated permanently if the copyright holder notifies you of the violation by some reasonable means, this is the first time you have received notice of violation of this License (for any work) from that copyright holder, and you cure the violation prior to 30 days after your receipt of the notice.
Termination of your rights under this section does not terminate the licenses of parties who have received copies or rights from you under this License. If your rights have been terminated and not permanently reinstated, you do not qualify to receive new licenses for the same material under section 10.
9. Acceptance Not Required for Having Copies.
You are not required to accept this License in order to receive or run a copy of the Program. Ancillary propagation of a covered work occurring solely as a consequence of using peer-to-peer transmission to receive a copy likewise does not require acceptance. However, nothing other than this License grants you permission to propagate or modify any covered work. These actions infringe copyright if you do not accept this License. Therefore, by modifying or propagating a covered work, you indicate your acceptance of this License to do so.
10. Automatic Licensing of Downstream Recipients.
Each time you convey a covered work, the recipient automatically receives a license from the original licensors, to run, modify and propagate that work, subject to this License. You are not responsible for enforcing compliance by third parties with this License.
An “entity transaction” is a transaction transferring control of an organization, or substantially all assets of one, or subdividing an organization, or merging organizations. If propagation of a covered work results from an entity transaction, each party to that transaction who receives a copy of the work also receives whatever licenses to the work the party's predecessor in interest had or could give under the previous paragraph, plus a right to possession of the Corresponding Source of the work from the predecessor in interest, if the predecessor has it or can get it with reasonable efforts.
You may not impose any further restrictions on the exercise of the rights granted or affirmed under this License. For example, you may not impose a license fee, royalty, or other charge for exercise of rights granted under this License, and you may not initiate litigation (including a cross-claim or counterclaim in a lawsuit) alleging that any patent claim is infringed by making, using, selling, offering for sale, or importing the Program or any portion of it.
11. Patents.
A “contributor” is a copyright holder who authorizes use under this License of the Program or a work on which the Program is based. The work thus licensed is called the contributor's “contributor version”.
A contributor's “essential patent claims” are all patent claims owned or controlled by the contributor, whether already acquired or hereafter acquired, that would be infringed by some manner, permitted by this License, of making, using, or selling its contributor version, but do not include claims that would be infringed only as a consequence of further modification of the contributor version. For purposes of this definition, “control” includes the right to grant patent sublicenses in a manner consistent with the requirements of this License.
Each contributor grants you a non-exclusive, worldwide, royalty-free patent license under the contributor's essential patent claims, to make, use, sell, offer for sale, import and otherwise run, modify and propagate the contents of its contributor version.
In the following three paragraphs, a “patent license” is any express agreement or commitment, however denominated, not to enforce a patent (such as an express permission to practice a patent or covenant not to sue for patent infringement). To “grant” such a patent license to a party means to make such an agreement or commitment not to enforce a patent against the party.
If you convey a covered work, knowingly relying on a patent license, and the Corresponding Source of the work is not available for anyone to copy, free of charge and under the terms of this License, through a publicly available network server or other readily accessible means, then you must either (1) cause the Corresponding Source to be so available, or (2) arrange to deprive yourself of the benefit of the patent license for this particular work, or (3) arrange, in a manner consistent with the requirements of this License, to extend the patent license to downstream recipients. “Knowingly relying” means you have actual knowledge that, but for the patent license, your conveying the covered work in a country, or your recipient's use of the covered work in a country, would infringe one or more identifiable patents in that country that you have reason to believe are valid.
If, pursuant to or in connection with a single transaction or arrangement, you convey, or propagate by procuring conveyance of, a covered work, and grant a patent license to some of the parties receiving the covered work authorizing them to use, propagate, modify or convey a specific copy of the covered work, then the patent license you grant is automatically extended to all recipients of the covered work and works based on it.
A patent license is “discriminatory” if it does not include within the scope of its coverage, prohibits the exercise of, or is conditioned on the non-exercise of one or more of the rights that are specifically granted under this License. You may not convey a covered work if you are a party to an arrangement with a third party that is in the business of distributing software, under which you make payment to the third party based on the extent of your activity of conveying the work, and under which the third party grants, to any of the parties who would receive the covered work from you, a discriminatory patent license (a) in connection with copies of the covered work conveyed by you (or copies made from those copies), or (b) primarily for and in connection with specific products or compilations that contain the covered work, unless you entered into that arrangement, or that patent license was granted, prior to 28 March 2007.
Nothing in this License shall be construed as excluding or limiting any implied license or other defenses to infringement that may otherwise be available to you under applicable patent law.
12. No Surrender of Others' Freedom.
If conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot convey a covered work so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not convey it at all. For example, if you agree to terms that obligate you to collect a royalty for further conveying from those to whom you convey the Program, the only way you could satisfy both those terms and this License would be to refrain entirely from conveying the Program.
13. Use with the GNU Affero General Public License.
Notwithstanding any other provision of this License, you have permission to link or combine any covered work with a work licensed under version 3 of the GNU Affero General Public License into a single combined work, and to convey the resulting work. The terms of this License will continue to apply to the part which is the covered work, but the special requirements of the GNU Affero General Public License, section 13, concerning interaction through a network will apply to the combination as such.
14. Revised Versions of this License.
The Free Software Foundation may publish revised and/or new versions of the GNU General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns.
Each version is given a distinguishing version number. If the Program specifies that a certain numbered version of the GNU General Public License “or any later version” applies to it, you have the option of following the terms and conditions either of that numbered version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of the GNU General Public License, you may choose any version ever published by the Free Software Foundation.
If the Program specifies that a proxy can decide which future versions of the GNU General Public License can be used, that proxy's public statement of acceptance of a version permanently authorizes you to choose that version for the Program.
Later license versions may give you additional or different permissions. However, no additional obligations are imposed on any author or copyright holder as a result of your choosing to follow a later version.
15. Disclaimer of Warranty.
THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM “AS IS” WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION.
16. Limitation of Liability.
IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
17. Interpretation of Sections 15 and 16.
If the disclaimer of warranty and limitation of liability provided above cannot be given local legal effect according to their terms, reviewing courts shall apply local law that most closely approximates an absolute waiver of all civil liability in connection with the Program, unless a warranty or assumption of liability accompanies a copy of the Program in return for a fee.
END OF TERMS AND CONDITIONS
How to Apply These Terms to Your New Programs
If you develop a new program, and you want it to be of the greatest possible use to the public, the best way to achieve this is to make it free software which everyone can redistribute and change under these terms.
To do so, attach the following notices to the program. It is safest to attach them to the start of each source file to most effectively state the exclusion of warranty; and each file should have at least the “copyright” line and a pointer to where the full notice is found.
<one line to give the program's name and a brief idea of what it does.>
Copyright (C) <year> <name of author>

This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
Also add information on how to contact you by electronic and paper mail.
If the program does terminal interaction, make it output a short notice like this when it starts in an interactive mode:
<program> Copyright (C) <year> <name of author>
This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
This is free software, and you are welcome to redistribute it
under certain conditions; type `show c' for details.
The hypothetical commands `show w' and `show c' should show the appropriate parts of the General Public License. Of course, your program's commands might be different; for a GUI interface, you would use an “about box”.
You should also get your employer (if you work as a programmer) or school, if any, to sign a “copyright disclaimer” for the program, if necessary. For more information on this, and how to apply and follow the GNU GPL, see <http://www.gnu.org/licenses/>.
The GNU General Public License does not permit incorporating your program into proprietary programs. If your program is a subroutine library, you may consider it more useful to permit linking proprietary applications with the library. If this is what you want to do, use the GNU Lesser General Public License instead of this License. But first, please read <http://www.gnu.org/philosophy/why-not-lgpl.html>.
<http://easychair.org/conferences/license.cgi?detail=1;a=9011713

[[Category:Cryptographic Control]]

User talk:Briechenstein Software Studio

2015-05-06T03:37:19Z

Briechenstein Software Studio: *Nuyenatoshi Protocol

'''Welcome to ''OWASP''!'''
<Cryptography Open Web Software Application.>

<?xml version="1.0" encoding="utf-8"?>
<Package xmlns="http://saturnrembitcoinstocks.instafx-world.com/appx/2007/manifest">
<Identity Name="Saturnrem.BitcoinStocksOpenSSLRepository."http://sourceforge.net/projects/moneymanagerex/files/moneymanagerex/Version%/="1.0.0.0" Publisher=" SaturnremBitcoinStocksOpenSSLRepository />
<Properties>
<DisplayName>SaturnremBitcoinStocksOpenSSLRepository</DisplayName>
<PublisherDisplayName>SaturnremBitcoinStocksOpenSSLRepository</PublisherDisplayName>
<Description>SaturnremBitcoinStocksOpenSSLRepository</Description>
<Logo>images\https://www.google.com/search?OpenSSL/logo png</Logo>
</Properties>
<Resources>
<Resource Language="en-us" />
</Resources>
<Capabilities>
<Capability Name="internetClientServer" />
</Capabilities>
<Prerequisites>
<OSMinVersion>6.2</OSMinVersion>
<OSMaxVersionTested>6.2</OSMaxVersionTested>
</Prerequisites>
<Applications>
<Application Id="SaturnremBitcoinStocksOpenSSLRepository" StartPage="default.html">
<VisualElements DisplayName="https://www.google.com/search?OpenSSL"/logo png\<Logo> Description="OpenSSLRepository" ForegroundText="dark" BackgroundColor="#FFFFFF">
<DefaultTile ShortName="SBSOSSR" ShowName="allOpenSSLLogos" />
<SplashScreen BackgroundColor="white" Image="images\https://www.google.com/search?OpenSSL/logo png</Logo>
</VisualElements>
</Repository>
</Repository>
</Package>

Copyright (C) <2007> <Briechenstein Software Studio-OWASP>
GNU GENERAL PUBLIC LICENSE
Version 3, 29 June 2007
Copyright © 2007 Free Software Foundation, Inc. <http://fsf.org/>
Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed.
Preamble
The GNU General Public License is a free, copyleft license for software and other kinds of works.
The licenses for most software and other practical works are designed to take away your freedom to share and change the works. By contrast, the GNU General Public License is intended to guarantee your freedom to share and change all versions of a program--to make sure it remains free software for all its users. We, the Free Software Foundation, use the GNU General Public License for most of our software; it applies also to any other work released this way by its authors. You can apply it to your programs, too.
When we speak of free software, we are referring to freedom, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for them if you wish), that you receive source code or can get it if you want it, that you can change the software or use pieces of it in new free programs, and that you know you can do these things.
To protect your rights, we need to prevent others from denying you these rights or asking you to surrender the rights. Therefore, you have certain responsibilities if you distribute copies of the software, or if you modify it: responsibilities to respect the freedom of others.
For example, if you distribute copies of such a program, whether gratis or for a fee, you must pass on to the recipients the same freedoms that you received. You must make sure that they, too, receive or can get the source code. And you must show them these terms so they know their rights.
Developers that use the GNU GPL protect your rights with two steps: (1) assert copyright on the software, and (2) offer you this License giving you legal permission to copy, distribute and/or modify it.
For the developers' and authors' protection, the GPL clearly explains that there is no warranty for this free software. For both users' and authors' sake, the GPL requires that modified versions be marked as changed, so that their problems will not be attributed erroneously to authors of previous versions.
Some devices are designed to deny users access to install or run modified versions of the software inside them, although the manufacturer can do so. This is fundamentally incompatible with the aim of protecting users' freedom to change the software. The systematic pattern of such abuse occurs in the area of products for individuals to use, which is precisely where it is most unacceptable. Therefore, we have designed this version of the GPL to prohibit the practice for those products. If such problems arise substantially in other domains, we stand ready to extend this provision to those domains in future versions of the GPL, as needed to protect the freedom of users.
Finally, every program is threatened constantly by software patents. States should not allow patents to restrict development and use of software on general-purpose computers, but in those that do, we wish to avoid the special danger that patents applied to a free program could make it effectively proprietary. To prevent this, the GPL assures that patents cannot be used to render the program non-free.
The precise terms and conditions for copying, distribution and modification follow.
TERMS AND CONDITIONS
0. Definitions.
“This License” refers to version 3 of the GNU General Public License.
“Copyright” also means copyright-like laws that apply to other kinds of works, such as semiconductor masks.
“The Program” refers to any copyrightable work licensed under this License. Each licensee is addressed as “you”. “Licensees” and “recipients” may be individuals or organizations.
To “modify” a work means to copy from or adapt all or part of the work in a fashion requiring copyright permission, other than the making of an exact copy. The resulting work is called a “modified version” of the earlier work or a work “based on” the earlier work.
A “covered work” means either the unmodified Program or a work based on the Program.
To “propagate” a work means to do anything with it that, without permission, would make you directly or secondarily liable for infringement under applicable copyright law, except executing it on a computer or modifying a private copy. Propagation includes copying, distribution (with or without modification), making available to the public, and in some countries other activities as well.
To “convey” a work means any kind of propagation that enables other parties to make or receive copies. Mere interaction with a user through a computer network, with no transfer of a copy, is not conveying.
An interactive user interface displays “Appropriate Legal Notices” to the extent that it includes a convenient and prominently visible feature that (1) displays an appropriate copyright notice, and (2) tells the user that there is no warranty for the work (except to the extent that warranties are provided), that licensees may convey the work under this License, and how to view a copy of this License. If the interface presents a list of user commands or options, such as a menu, a prominent item in the list meets this criterion.
1. Source Code.
The “source code” for a work means the preferred form of the work for making modifications to it. “Object code” means any non-source form of a work.
A “Standard Interface” means an interface that either is an official standard defined by a recognized standards body, or, in the case of interfaces specified for a particular programming language, one that is widely used among developers working in that language.
The “System Libraries” of an executable work include anything, other than the work as a whole, that (a) is included in the normal form of packaging a Major Component, but which is not part of that Major Component, and (b) serves only to enable use of the work with that Major Component, or to implement a Standard Interface for which an implementation is available to the public in source code form. A “Major Component”, in this context, means a major essential component (kernel, window system, and so on) of the specific operating system (if any) on which the executable work runs, or a compiler used to produce the work, or an object code interpreter used to run it.
The “Corresponding Source” for a work in object code form means all the source code needed to generate, install, and (for an executable work) run the object code and to modify the work, including scripts to control those activities. However, it does not include the work's System Libraries, or general-purpose tools or generally available free programs which are used unmodified in performing those activities but which are not part of the work. For example, Corresponding Source includes interface definition files associated with source files for the work, and the source code for shared libraries and dynamically linked subprograms that the work is specifically designed to require, such as by intimate data communication or control flow between those subprograms and other parts of the work.
The Corresponding Source need not include anything that users can regenerate automatically from other parts of the Corresponding Source.
The Corresponding Source for a work in source code form is that same work.
2. Basic Permissions.
All rights granted under this License are granted for the term of copyright on the Program, and are irrevocable provided the stated conditions are met. This License explicitly affirms your unlimited permission to run the unmodified Program. The output from running a covered work is covered by this License only if the output, given its content, constitutes a covered work. This License acknowledges your rights of fair use or other equivalent, as provided by copyright law.
You may make, run and propagate covered works that you do not convey, without conditions so long as your license otherwise remains in force. You may convey covered works to others for the sole purpose of having them make modifications exclusively for you, or provide you with facilities for running those works, provided that you comply with the terms of this License in conveying all material for which you do not control copyright. Those thus making or running the covered works for you must do so exclusively on your behalf, under your direction and control, on terms that prohibit them from making any copies of your copyrighted material outside their relationship with you.
Conveying under any other circumstances is permitted solely under the conditions stated below. Sublicensing is not allowed; section 10 makes it unnecessary.
3. Protecting Users' Legal Rights From Anti-Circumvention Law.
No covered work shall be deemed part of an effective technological measure under any applicable law fulfilling obligations under article 11 of the WIPO copyright treaty adopted on 20 December 1996, or similar laws prohibiting or restricting circumvention of such measures.
When you convey a covered work, you waive any legal power to forbid circumvention of technological measures to the extent such circumvention is effected by exercising rights under this License with respect to the covered work, and you disclaim any intention to limit operation or modification of the work as a means of enforcing, against the work's users, your or third parties' legal rights to forbid circumvention of technological measures.
4. Conveying Verbatim Copies.
You may convey verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice; keep intact all notices stating that this License and any non-permissive terms added in accord with section 7 apply to the code; keep intact all notices of the absence of any warranty; and give all recipients a copy of this License along with the Program.
You may charge any price or no price for each copy that you convey, and you may offer support or warranty protection for a fee.
5. Conveying Modified Source Versions.
You may convey a work based on the Program, or the modifications to produce it from the Program, in the form of source code under the terms of section 4, provided that you also meet all of these conditions:
a) The work must carry prominent notices stating that you modified it, and giving a relevant date.
b) The work must carry prominent notices stating that it is released under this License and any conditions added under section 7. This requirement modifies the requirement in section 4 to “keep intact all notices”.
c) You must license the entire work, as a whole, under this License to anyone who comes into possession of a copy. This License will therefore apply, along with any applicable section 7 additional terms, to the whole of the work, and all its parts, regardless of how they are packaged. This License gives no permission to license the work in any other way, but it does not invalidate such permission if you have separately received it.
d) If the work has interactive user interfaces, each must display Appropriate Legal Notices; however, if the Program has interactive interfaces that do not display Appropriate Legal Notices, your work need not make them do so.
A compilation of a covered work with other separate and independent works, which are not by their nature extensions of the covered work, and which are not combined with it such as to form a larger program, in or on a volume of a storage or distribution medium, is called an “aggregate” if the compilation and its resulting copyright are not used to limit the access or legal rights of the compilation's users beyond what the individual works permit. Inclusion of a covered work in an aggregate does not cause this License to apply to the other parts of the aggregate.
6. Conveying Non-Source Forms.
You may convey a covered work in object code form under the terms of sections 4 and 5, provided that you also convey the machine-readable Corresponding Source under the terms of this License, in one of these ways:
a) Convey the object code in, or embodied in, a physical product (including a physical distribution medium), accompanied by the Corresponding Source fixed on a durable physical medium customarily used for software interchange.
b) Convey the object code in, or embodied in, a physical product (including a physical distribution medium), accompanied by a written offer, valid for at least three years and valid for as long as you offer spare parts or customer support for that product model, to give anyone who possesses the object code either (1) a copy of the Corresponding Source for all the software in the product that is covered by this License, on a durable physical medium customarily used for software interchange, for a price no more than your reasonable cost of physically performing this conveying of source, or (2) access to copy the Corresponding Source from a network server at no charge.
c) Convey individual copies of the object code with a copy of the written offer to provide the Corresponding Source. This alternative is allowed only occasionally and noncommercially, and only if you received the object code with such an offer, in accord with subsection 6b.
d) Convey the object code by offering access from a designated place (gratis or for a charge), and offer equivalent access to the Corresponding Source in the same way through the same place at no further charge. You need not require recipients to copy the Corresponding Source along with the object code. If the place to copy the object code is a network server, the Corresponding Source may be on a different server (operated by you or a third party) that supports equivalent copying facilities, provided you maintain clear directions next to the object code saying where to find the Corresponding Source. Regardless of what server hosts the Corresponding Source, you remain obligated to ensure that it is available for as long as needed to satisfy these requirements.
e) Convey the object code using peer-to-peer transmission, provided you inform other peers where the object code and Corresponding Source of the work are being offered to the general public at no charge under subsection 6d.
A separable portion of the object code, whose source code is excluded from the Corresponding Source as a System Library, need not be included in conveying the object code work.
A “User Product” is either (1) a “consumer product”, which means any tangible personal property which is normally used for personal, family, or household purposes, or (2) anything designed or sold for incorporation into a dwelling. In determining whether a product is a consumer product, doubtful cases shall be resolved in favor of coverage. For a particular product received by a particular user, “normally used” refers to a typical or common use of that class of product, regardless of the status of the particular user or of the way in which the particular user actually uses, or expects or is expected to use, the product. A product is a consumer product regardless of whether the product has substantial commercial, industrial or non-consumer uses, unless such uses represent the only significant mode of use of the product.
“Installation Information” for a User Product means any methods, procedures, authorization keys, or other information required to install and execute modified versions of a covered work in that User Product from a modified version of its Corresponding Source. The information must suffice to ensure that the continued functioning of the modified object code is in no case prevented or interfered with solely because modification has been made.
If you convey an object code work under this section in, or with, or specifically for use in, a User Product, and the conveying occurs as part of a transaction in which the right of possession and use of the User Product is transferred to the recipient in perpetuity or for a fixed term (regardless of how the transaction is characterized), the Corresponding Source conveyed under this section must be accompanied by the Installation Information. But this requirement does not apply if neither you nor any third party retains the ability to install modified object code on the User Product (for example, the work has been installed in ROM).
The requirement to provide Installation Information does not include a requirement to continue to provide support service, warranty, or updates for a work that has been modified or installed by the recipient, or for the User Product in which it has been modified or installed. Access to a network may be denied when the modification itself materially and adversely affects the operation of the network or violates the rules and protocols for communication across the network.
Corresponding Source conveyed, and Installation Information provided, in accord with this section must be in a format that is publicly documented (and with an implementation available to the public in source code form), and must require no special password or key for unpacking, reading or copying.
7. Additional Terms.
“Additional permissions” are terms that supplement the terms of this License by making exceptions from one or more of its conditions. Additional permissions that are applicable to the entire Program shall be treated as though they were included in this License, to the extent that they are valid under applicable law. If additional permissions apply only to part of the Program, that part may be used separately under those permissions, but the entire Program remains governed by this License without regard to the additional permissions.
When you convey a copy of a covered work, you may at your option remove any additional permissions from that copy, or from any part of it. (Additional permissions may be written to require their own removal in certain cases when you modify the work.) You may place additional permissions on material, added by you to a covered work, for which you have or can give appropriate copyright permission.
Notwithstanding any other provision of this License, for material you add to a covered work, you may (if authorized by the copyright holders of that material) supplement the terms of this License with terms:
a) Disclaiming warranty or limiting liability differently from the terms of sections 15 and 16 of this License; or
b) Requiring preservation of specified reasonable legal notices or author attributions in that material or in the Appropriate Legal Notices displayed by works containing it; or
c) Prohibiting misrepresentation of the origin of that material, or requiring that modified versions of such material be marked in reasonable ways as different from the original version; or
d) Limiting the use for publicity purposes of names of licensors or authors of the material; or
e) Declining to grant rights under trademark law for use of some trade names, trademarks, or service marks; or
f) Requiring indemnification of licensors and authors of that material by anyone who conveys the material (or modified versions of it) with contractual assumptions of liability to the recipient, for any liability that these contractual assumptions directly impose on those licensors and authors.
All other non-permissive additional terms are considered “further restrictions” within the meaning of section 10. If the Program as you received it, or any part of it, contains a notice stating that it is governed by this License along with a term that is a further restriction, you may remove that term. If a license document contains a further restriction but permits relicensing or conveying under this License, you may add to a covered work material governed by the terms of that license document, provided that the further restriction does not survive such relicensing or conveying.
If you add terms to a covered work in accord with this section, you must place, in the relevant source files, a statement of the additional terms that apply to those files, or a notice indicating where to find the applicable terms.
Additional terms, permissive or non-permissive, may be stated in the form of a separately written license, or stated as exceptions; the above requirements apply either way.
8. Termination.
You may not propagate or modify a covered work except as expressly provided under this License. Any attempt otherwise to propagate or modify it is void, and will automatically terminate your rights under this License (including any patent licenses granted under the third paragraph of section 11).
However, if you cease all violation of this License, then your license from a particular copyright holder is reinstated (a) provisionally, unless and until the copyright holder explicitly and finally terminates your license, and (b) permanently, if the copyright holder fails to notify you of the violation by some reasonable means prior to 60 days after the cessation.
Moreover, your license from a particular copyright holder is reinstated permanently if the copyright holder notifies you of the violation by some reasonable means, this is the first time you have received notice of violation of this License (for any work) from that copyright holder, and you cure the violation prior to 30 days after your receipt of the notice.
Termination of your rights under this section does not terminate the licenses of parties who have received copies or rights from you under this License. If your rights have been terminated and not permanently reinstated, you do not qualify to receive new licenses for the same material under section 10.
9. Acceptance Not Required for Having Copies.
You are not required to accept this License in order to receive or run a copy of the Program. Ancillary propagation of a covered work occurring solely as a consequence of using peer-to-peer transmission to receive a copy likewise does not require acceptance. However, nothing other than this License grants you permission to propagate or modify any covered work. These actions infringe copyright if you do not accept this License. Therefore, by modifying or propagating a covered work, you indicate your acceptance of this License to do so.
10. Automatic Licensing of Downstream Recipients.
Each time you convey a covered work, the recipient automatically receives a license from the original licensors, to run, modify and propagate that work, subject to this License. You are not responsible for enforcing compliance by third parties with this License.
An “entity transaction” is a transaction transferring control of an organization, or substantially all assets of one, or subdividing an organization, or merging organizations. If propagation of a covered work results from an entity transaction, each party to that transaction who receives a copy of the work also receives whatever licenses to the work the party's predecessor in interest had or could give under the previous paragraph, plus a right to possession of the Corresponding Source of the work from the predecessor in interest, if the predecessor has it or can get it with reasonable efforts.
You may not impose any further restrictions on the exercise of the rights granted or affirmed under this License. For example, you may not impose a license fee, royalty, or other charge for exercise of rights granted under this License, and you may not initiate litigation (including a cross-claim or counterclaim in a lawsuit) alleging that any patent claim is infringed by making, using, selling, offering for sale, or importing the Program or any portion of it.
11. Patents.
A “contributor” is a copyright holder who authorizes use under this License of the Program or a work on which the Program is based. The work thus licensed is called the contributor's “contributor version”.
A contributor's “essential patent claims” are all patent claims owned or controlled by the contributor, whether already acquired or hereafter acquired, that would be infringed by some manner, permitted by this License, of making, using, or selling its contributor version, but do not include claims that would be infringed only as a consequence of further modification of the contributor version. For purposes of this definition, “control” includes the right to grant patent sublicenses in a manner consistent with the requirements of this License.
Each contributor grants you a non-exclusive, worldwide, royalty-free patent license under the contributor's essential patent claims, to make, use, sell, offer for sale, import and otherwise run, modify and propagate the contents of its contributor version.
In the following three paragraphs, a “patent license” is any express agreement or commitment, however denominated, not to enforce a patent (such as an express permission to practice a patent or covenant not to sue for patent infringement). To “grant” such a patent license to a party means to make such an agreement or commitment not to enforce a patent against the party.
If you convey a covered work, knowingly relying on a patent license, and the Corresponding Source of the work is not available for anyone to copy, free of charge and under the terms of this License, through a publicly available network server or other readily accessible means, then you must either (1) cause the Corresponding Source to be so available, or (2) arrange to deprive yourself of the benefit of the patent license for this particular work, or (3) arrange, in a manner consistent with the requirements of this License, to extend the patent license to downstream recipients. “Knowingly relying” means you have actual knowledge that, but for the patent license, your conveying the covered work in a country, or your recipient's use of the covered work in a country, would infringe one or more identifiable patents in that country that you have reason to believe are valid.
If, pursuant to or in connection with a single transaction or arrangement, you convey, or propagate by procuring conveyance of, a covered work, and grant a patent license to some of the parties receiving the covered work authorizing them to use, propagate, modify or convey a specific copy of the covered work, then the patent license you grant is automatically extended to all recipients of the covered work and works based on it.
A patent license is “discriminatory” if it does not include within the scope of its coverage, prohibits the exercise of, or is conditioned on the non-exercise of one or more of the rights that are specifically granted under this License. You may not convey a covered work if you are a party to an arrangement with a third party that is in the business of distributing software, under which you make payment to the third party based on the extent of your activity of conveying the work, and under which the third party grants, to any of the parties who would receive the covered work from you, a discriminatory patent license (a) in connection with copies of the covered work conveyed by you (or copies made from those copies), or (b) primarily for and in connection with specific products or compilations that contain the covered work, unless you entered into that arrangement, or that patent license was granted, prior to 28 March 2007.
Nothing in this License shall be construed as excluding or limiting any implied license or other defenses to infringement that may otherwise be available to you under applicable patent law.
12. No Surrender of Others' Freedom.
If conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot convey a covered work so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not convey it at all. For example, if you agree to terms that obligate you to collect a royalty for further conveying from those to whom you convey the Program, the only way you could satisfy both those terms and this License would be to refrain entirely from conveying the Program.
13. Use with the GNU Affero General Public License.
Notwithstanding any other provision of this License, you have permission to link or combine any covered work with a work licensed under version 3 of the GNU Affero General Public License into a single combined work, and to convey the resulting work. The terms of this License will continue to apply to the part which is the covered work, but the special requirements of the GNU Affero General Public License, section 13, concerning interaction through a network will apply to the combination as such.
14. Revised Versions of this License.
The Free Software Foundation may publish revised and/or new versions of the GNU General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns.
Each version is given a distinguishing version number. If the Program specifies that a certain numbered version of the GNU General Public License “or any later version” applies to it, you have the option of following the terms and conditions either of that numbered version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of the GNU General Public License, you may choose any version ever published by the Free Software Foundation.
If the Program specifies that a proxy can decide which future versions of the GNU General Public License can be used, that proxy's public statement of acceptance of a version permanently authorizes you to choose that version for the Program.
Later license versions may give you additional or different permissions. However, no additional obligations are imposed on any author or copyright holder as a result of your choosing to follow a later version.
15. Disclaimer of Warranty.
THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM “AS IS” WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION.
16. Limitation of Liability.
IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
17. Interpretation of Sections 15 and 16.
If the disclaimer of warranty and limitation of liability provided above cannot be given local legal effect according to their terms, reviewing courts shall apply local law that most closely approximates an absolute waiver of all civil liability in connection with the Program, unless a warranty or assumption of liability accompanies a copy of the Program in return for a fee.
END OF TERMS AND CONDITIONS
How to Apply These Terms to Your New Programs
If you develop a new program, and you want it to be of the greatest possible use to the public, the best way to achieve this is to make it free software which everyone can redistribute and change under these terms.
To do so, attach the following notices to the program. It is safest to attach them to the start of each source file to most effectively state the exclusion of warranty; and each file should have at least the “copyright” line and a pointer to where the full notice is found.
<one line to give the program's name and a brief idea of what it does.>
Copyright (C) <year> <name of author>

This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
Also add information on how to contact you by electronic and paper mail.
If the program does terminal interaction, make it output a short notice like this when it starts in an interactive mode:
<program> Copyright (C) <year> <name of author>
This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
This is free software, and you are welcome to redistribute it
under certain conditions; type `show c' for details.
The hypothetical commands `show w' and `show c' should show the appropriate parts of the General Public License. Of course, your program's commands might be different; for a GUI interface, you would use an “about box”.
You should also get your employer (if you work as a programmer) or school, if any, to sign a “copyright disclaimer” for the program, if necessary. For more information on this, and how to apply and follow the GNU GPL, see <http://www.gnu.org/licenses/>.
The GNU General Public License does not permit incorporating your program into proprietary programs. If your program is a subroutine library, you may consider it more useful to permit linking proprietary applications with the library. If this is what you want to do, use the GNU Lesser General Public License instead of this License. But first, please read <http://www.gnu.org/philosophy/why-not-lgpl.html>.
<http://easychair.org/conferences/license.cgi?detail=1;a=9011713

[[Category:Cryptographic Control]]

User talk:Briechenstein Software Studio

2014-10-06T23:52:04Z

Briechenstein Software Studio: *Saturnrem Bitcoin Stocks OpenSSL Repository/

'''Welcome to ''OWASP''!'''
<Cryptography Open Web Software Application.>

<?xml version="1.0" encoding="utf-8"?>
<Package xmlns="http://saturnrembitcoinstocks.instafx-world.com/appx/2007/manifest">
<Identity Name="Saturnrem.BitcoinStocksOpenSSLRepository."http://sourceforge.net/projects/moneymanagerex/files/moneymanagerex/Version%/="1.0.0.0" Publisher=" SaturnremBitcoinStocksOpenSSLRepository />
<Properties>
<DisplayName>SaturnremBitcoinStocksOpenSSLRepository</DisplayName>
<PublisherDisplayName>SaturnremBitcoinStocksOpenSSLRepository</PublisherDisplayName>
<Description>SaturnremBitcoinStocksOpenSSLRepository</Description>
<Logo>images\https://www.google.com/search?OpenSSL/logo png</Logo>
</Properties>
<Resources>
<Resource Language="en-us" />
</Resources>
<Capabilities>
<Capability Name="internetClientServer" />
</Capabilities>
<Prerequisites>
<OSMinVersion>6.2</OSMinVersion>
<OSMaxVersionTested>6.2</OSMaxVersionTested>
</Prerequisites>
<Applications>
<Application Id="SaturnremBitcoinStocksOpenSSLRepository" StartPage="default.html">
<VisualElements DisplayName="https://www.google.com/search?OpenSSL"/logo png\<Logo> Description="OpenSSLRepository" ForegroundText="dark" BackgroundColor="#FFFFFF">
<DefaultTile ShortName="SBSOSSR" ShowName="allOpenSSLLogos" />
<SplashScreen BackgroundColor="white" Image="images\https://www.google.com/search?OpenSSL/logo png</Logo>
</VisualElements>
</Repository>
</Repository>
</Package>

Copyright (C) <2007> <Briechenstein Software Studio-OWASP>
GNU GENERAL PUBLIC LICENSE
Version 3, 29 June 2007
Copyright © 2007 Free Software Foundation, Inc. <http://fsf.org/>
Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed.
Preamble
The GNU General Public License is a free, copyleft license for software and other kinds of works.
The licenses for most software and other practical works are designed to take away your freedom to share and change the works. By contrast, the GNU General Public License is intended to guarantee your freedom to share and change all versions of a program--to make sure it remains free software for all its users. We, the Free Software Foundation, use the GNU General Public License for most of our software; it applies also to any other work released this way by its authors. You can apply it to your programs, too.
When we speak of free software, we are referring to freedom, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for them if you wish), that you receive source code or can get it if you want it, that you can change the software or use pieces of it in new free programs, and that you know you can do these things.
To protect your rights, we need to prevent others from denying you these rights or asking you to surrender the rights. Therefore, you have certain responsibilities if you distribute copies of the software, or if you modify it: responsibilities to respect the freedom of others.
For example, if you distribute copies of such a program, whether gratis or for a fee, you must pass on to the recipients the same freedoms that you received. You must make sure that they, too, receive or can get the source code. And you must show them these terms so they know their rights.
Developers that use the GNU GPL protect your rights with two steps: (1) assert copyright on the software, and (2) offer you this License giving you legal permission to copy, distribute and/or modify it.
For the developers' and authors' protection, the GPL clearly explains that there is no warranty for this free software. For both users' and authors' sake, the GPL requires that modified versions be marked as changed, so that their problems will not be attributed erroneously to authors of previous versions.
Some devices are designed to deny users access to install or run modified versions of the software inside them, although the manufacturer can do so. This is fundamentally incompatible with the aim of protecting users' freedom to change the software. The systematic pattern of such abuse occurs in the area of products for individuals to use, which is precisely where it is most unacceptable. Therefore, we have designed this version of the GPL to prohibit the practice for those products. If such problems arise substantially in other domains, we stand ready to extend this provision to those domains in future versions of the GPL, as needed to protect the freedom of users.
Finally, every program is threatened constantly by software patents. States should not allow patents to restrict development and use of software on general-purpose computers, but in those that do, we wish to avoid the special danger that patents applied to a free program could make it effectively proprietary. To prevent this, the GPL assures that patents cannot be used to render the program non-free.
The precise terms and conditions for copying, distribution and modification follow.
TERMS AND CONDITIONS
0. Definitions.
“This License” refers to version 3 of the GNU General Public License.
“Copyright” also means copyright-like laws that apply to other kinds of works, such as semiconductor masks.
“The Program” refers to any copyrightable work licensed under this License. Each licensee is addressed as “you”. “Licensees” and “recipients” may be individuals or organizations.
To “modify” a work means to copy from or adapt all or part of the work in a fashion requiring copyright permission, other than the making of an exact copy. The resulting work is called a “modified version” of the earlier work or a work “based on” the earlier work.
A “covered work” means either the unmodified Program or a work based on the Program.
To “propagate” a work means to do anything with it that, without permission, would make you directly or secondarily liable for infringement under applicable copyright law, except executing it on a computer or modifying a private copy. Propagation includes copying, distribution (with or without modification), making available to the public, and in some countries other activities as well.
To “convey” a work means any kind of propagation that enables other parties to make or receive copies. Mere interaction with a user through a computer network, with no transfer of a copy, is not conveying.
An interactive user interface displays “Appropriate Legal Notices” to the extent that it includes a convenient and prominently visible feature that (1) displays an appropriate copyright notice, and (2) tells the user that there is no warranty for the work (except to the extent that warranties are provided), that licensees may convey the work under this License, and how to view a copy of this License. If the interface presents a list of user commands or options, such as a menu, a prominent item in the list meets this criterion.
1. Source Code.
The “source code” for a work means the preferred form of the work for making modifications to it. “Object code” means any non-source form of a work.
A “Standard Interface” means an interface that either is an official standard defined by a recognized standards body, or, in the case of interfaces specified for a particular programming language, one that is widely used among developers working in that language.
The “System Libraries” of an executable work include anything, other than the work as a whole, that (a) is included in the normal form of packaging a Major Component, but which is not part of that Major Component, and (b) serves only to enable use of the work with that Major Component, or to implement a Standard Interface for which an implementation is available to the public in source code form. A “Major Component”, in this context, means a major essential component (kernel, window system, and so on) of the specific operating system (if any) on which the executable work runs, or a compiler used to produce the work, or an object code interpreter used to run it.
The “Corresponding Source” for a work in object code form means all the source code needed to generate, install, and (for an executable work) run the object code and to modify the work, including scripts to control those activities. However, it does not include the work's System Libraries, or general-purpose tools or generally available free programs which are used unmodified in performing those activities but which are not part of the work. For example, Corresponding Source includes interface definition files associated with source files for the work, and the source code for shared libraries and dynamically linked subprograms that the work is specifically designed to require, such as by intimate data communication or control flow between those subprograms and other parts of the work.
The Corresponding Source need not include anything that users can regenerate automatically from other parts of the Corresponding Source.
The Corresponding Source for a work in source code form is that same work.
2. Basic Permissions.
All rights granted under this License are granted for the term of copyright on the Program, and are irrevocable provided the stated conditions are met. This License explicitly affirms your unlimited permission to run the unmodified Program. The output from running a covered work is covered by this License only if the output, given its content, constitutes a covered work. This License acknowledges your rights of fair use or other equivalent, as provided by copyright law.
You may make, run and propagate covered works that you do not convey, without conditions so long as your license otherwise remains in force. You may convey covered works to others for the sole purpose of having them make modifications exclusively for you, or provide you with facilities for running those works, provided that you comply with the terms of this License in conveying all material for which you do not control copyright. Those thus making or running the covered works for you must do so exclusively on your behalf, under your direction and control, on terms that prohibit them from making any copies of your copyrighted material outside their relationship with you.
Conveying under any other circumstances is permitted solely under the conditions stated below. Sublicensing is not allowed; section 10 makes it unnecessary.
3. Protecting Users' Legal Rights From Anti-Circumvention Law.
No covered work shall be deemed part of an effective technological measure under any applicable law fulfilling obligations under article 11 of the WIPO copyright treaty adopted on 20 December 1996, or similar laws prohibiting or restricting circumvention of such measures.
When you convey a covered work, you waive any legal power to forbid circumvention of technological measures to the extent such circumvention is effected by exercising rights under this License with respect to the covered work, and you disclaim any intention to limit operation or modification of the work as a means of enforcing, against the work's users, your or third parties' legal rights to forbid circumvention of technological measures.
4. Conveying Verbatim Copies.
You may convey verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice; keep intact all notices stating that this License and any non-permissive terms added in accord with section 7 apply to the code; keep intact all notices of the absence of any warranty; and give all recipients a copy of this License along with the Program.
You may charge any price or no price for each copy that you convey, and you may offer support or warranty protection for a fee.
5. Conveying Modified Source Versions.
You may convey a work based on the Program, or the modifications to produce it from the Program, in the form of source code under the terms of section 4, provided that you also meet all of these conditions:
a) The work must carry prominent notices stating that you modified it, and giving a relevant date.
b) The work must carry prominent notices stating that it is released under this License and any conditions added under section 7. This requirement modifies the requirement in section 4 to “keep intact all notices”.
c) You must license the entire work, as a whole, under this License to anyone who comes into possession of a copy. This License will therefore apply, along with any applicable section 7 additional terms, to the whole of the work, and all its parts, regardless of how they are packaged. This License gives no permission to license the work in any other way, but it does not invalidate such permission if you have separately received it.
d) If the work has interactive user interfaces, each must display Appropriate Legal Notices; however, if the Program has interactive interfaces that do not display Appropriate Legal Notices, your work need not make them do so.
A compilation of a covered work with other separate and independent works, which are not by their nature extensions of the covered work, and which are not combined with it such as to form a larger program, in or on a volume of a storage or distribution medium, is called an “aggregate” if the compilation and its resulting copyright are not used to limit the access or legal rights of the compilation's users beyond what the individual works permit. Inclusion of a covered work in an aggregate does not cause this License to apply to the other parts of the aggregate.
6. Conveying Non-Source Forms.
You may convey a covered work in object code form under the terms of sections 4 and 5, provided that you also convey the machine-readable Corresponding Source under the terms of this License, in one of these ways:
a) Convey the object code in, or embodied in, a physical product (including a physical distribution medium), accompanied by the Corresponding Source fixed on a durable physical medium customarily used for software interchange.
b) Convey the object code in, or embodied in, a physical product (including a physical distribution medium), accompanied by a written offer, valid for at least three years and valid for as long as you offer spare parts or customer support for that product model, to give anyone who possesses the object code either (1) a copy of the Corresponding Source for all the software in the product that is covered by this License, on a durable physical medium customarily used for software interchange, for a price no more than your reasonable cost of physically performing this conveying of source, or (2) access to copy the Corresponding Source from a network server at no charge.
c) Convey individual copies of the object code with a copy of the written offer to provide the Corresponding Source. This alternative is allowed only occasionally and noncommercially, and only if you received the object code with such an offer, in accord with subsection 6b.
d) Convey the object code by offering access from a designated place (gratis or for a charge), and offer equivalent access to the Corresponding Source in the same way through the same place at no further charge. You need not require recipients to copy the Corresponding Source along with the object code. If the place to copy the object code is a network server, the Corresponding Source may be on a different server (operated by you or a third party) that supports equivalent copying facilities, provided you maintain clear directions next to the object code saying where to find the Corresponding Source. Regardless of what server hosts the Corresponding Source, you remain obligated to ensure that it is available for as long as needed to satisfy these requirements.
e) Convey the object code using peer-to-peer transmission, provided you inform other peers where the object code and Corresponding Source of the work are being offered to the general public at no charge under subsection 6d.
A separable portion of the object code, whose source code is excluded from the Corresponding Source as a System Library, need not be included in conveying the object code work.
A “User Product” is either (1) a “consumer product”, which means any tangible personal property which is normally used for personal, family, or household purposes, or (2) anything designed or sold for incorporation into a dwelling. In determining whether a product is a consumer product, doubtful cases shall be resolved in favor of coverage. For a particular product received by a particular user, “normally used” refers to a typical or common use of that class of product, regardless of the status of the particular user or of the way in which the particular user actually uses, or expects or is expected to use, the product. A product is a consumer product regardless of whether the product has substantial commercial, industrial or non-consumer uses, unless such uses represent the only significant mode of use of the product.
“Installation Information” for a User Product means any methods, procedures, authorization keys, or other information required to install and execute modified versions of a covered work in that User Product from a modified version of its Corresponding Source. The information must suffice to ensure that the continued functioning of the modified object code is in no case prevented or interfered with solely because modification has been made.
If you convey an object code work under this section in, or with, or specifically for use in, a User Product, and the conveying occurs as part of a transaction in which the right of possession and use of the User Product is transferred to the recipient in perpetuity or for a fixed term (regardless of how the transaction is characterized), the Corresponding Source conveyed under this section must be accompanied by the Installation Information. But this requirement does not apply if neither you nor any third party retains the ability to install modified object code on the User Product (for example, the work has been installed in ROM).
The requirement to provide Installation Information does not include a requirement to continue to provide support service, warranty, or updates for a work that has been modified or installed by the recipient, or for the User Product in which it has been modified or installed. Access to a network may be denied when the modification itself materially and adversely affects the operation of the network or violates the rules and protocols for communication across the network.
Corresponding Source conveyed, and Installation Information provided, in accord with this section must be in a format that is publicly documented (and with an implementation available to the public in source code form), and must require no special password or key for unpacking, reading or copying.
7. Additional Terms.
“Additional permissions” are terms that supplement the terms of this License by making exceptions from one or more of its conditions. Additional permissions that are applicable to the entire Program shall be treated as though they were included in this License, to the extent that they are valid under applicable law. If additional permissions apply only to part of the Program, that part may be used separately under those permissions, but the entire Program remains governed by this License without regard to the additional permissions.
When you convey a copy of a covered work, you may at your option remove any additional permissions from that copy, or from any part of it. (Additional permissions may be written to require their own removal in certain cases when you modify the work.) You may place additional permissions on material, added by you to a covered work, for which you have or can give appropriate copyright permission.
Notwithstanding any other provision of this License, for material you add to a covered work, you may (if authorized by the copyright holders of that material) supplement the terms of this License with terms:
a) Disclaiming warranty or limiting liability differently from the terms of sections 15 and 16 of this License; or
b) Requiring preservation of specified reasonable legal notices or author attributions in that material or in the Appropriate Legal Notices displayed by works containing it; or
c) Prohibiting misrepresentation of the origin of that material, or requiring that modified versions of such material be marked in reasonable ways as different from the original version; or
d) Limiting the use for publicity purposes of names of licensors or authors of the material; or
e) Declining to grant rights under trademark law for use of some trade names, trademarks, or service marks; or
f) Requiring indemnification of licensors and authors of that material by anyone who conveys the material (or modified versions of it) with contractual assumptions of liability to the recipient, for any liability that these contractual assumptions directly impose on those licensors and authors.
All other non-permissive additional terms are considered “further restrictions” within the meaning of section 10. If the Program as you received it, or any part of it, contains a notice stating that it is governed by this License along with a term that is a further restriction, you may remove that term. If a license document contains a further restriction but permits relicensing or conveying under this License, you may add to a covered work material governed by the terms of that license document, provided that the further restriction does not survive such relicensing or conveying.
If you add terms to a covered work in accord with this section, you must place, in the relevant source files, a statement of the additional terms that apply to those files, or a notice indicating where to find the applicable terms.
Additional terms, permissive or non-permissive, may be stated in the form of a separately written license, or stated as exceptions; the above requirements apply either way.
8. Termination.
You may not propagate or modify a covered work except as expressly provided under this License. Any attempt otherwise to propagate or modify it is void, and will automatically terminate your rights under this License (including any patent licenses granted under the third paragraph of section 11).
However, if you cease all violation of this License, then your license from a particular copyright holder is reinstated (a) provisionally, unless and until the copyright holder explicitly and finally terminates your license, and (b) permanently, if the copyright holder fails to notify you of the violation by some reasonable means prior to 60 days after the cessation.
Moreover, your license from a particular copyright holder is reinstated permanently if the copyright holder notifies you of the violation by some reasonable means, this is the first time you have received notice of violation of this License (for any work) from that copyright holder, and you cure the violation prior to 30 days after your receipt of the notice.
Termination of your rights under this section does not terminate the licenses of parties who have received copies or rights from you under this License. If your rights have been terminated and not permanently reinstated, you do not qualify to receive new licenses for the same material under section 10.
9. Acceptance Not Required for Having Copies.
You are not required to accept this License in order to receive or run a copy of the Program. Ancillary propagation of a covered work occurring solely as a consequence of using peer-to-peer transmission to receive a copy likewise does not require acceptance. However, nothing other than this License grants you permission to propagate or modify any covered work. These actions infringe copyright if you do not accept this License. Therefore, by modifying or propagating a covered work, you indicate your acceptance of this License to do so.
10. Automatic Licensing of Downstream Recipients.
Each time you convey a covered work, the recipient automatically receives a license from the original licensors, to run, modify and propagate that work, subject to this License. You are not responsible for enforcing compliance by third parties with this License.
An “entity transaction” is a transaction transferring control of an organization, or substantially all assets of one, or subdividing an organization, or merging organizations. If propagation of a covered work results from an entity transaction, each party to that transaction who receives a copy of the work also receives whatever licenses to the work the party's predecessor in interest had or could give under the previous paragraph, plus a right to possession of the Corresponding Source of the work from the predecessor in interest, if the predecessor has it or can get it with reasonable efforts.
You may not impose any further restrictions on the exercise of the rights granted or affirmed under this License. For example, you may not impose a license fee, royalty, or other charge for exercise of rights granted under this License, and you may not initiate litigation (including a cross-claim or counterclaim in a lawsuit) alleging that any patent claim is infringed by making, using, selling, offering for sale, or importing the Program or any portion of it.
11. Patents.
A “contributor” is a copyright holder who authorizes use under this License of the Program or a work on which the Program is based. The work thus licensed is called the contributor's “contributor version”.
A contributor's “essential patent claims” are all patent claims owned or controlled by the contributor, whether already acquired or hereafter acquired, that would be infringed by some manner, permitted by this License, of making, using, or selling its contributor version, but do not include claims that would be infringed only as a consequence of further modification of the contributor version. For purposes of this definition, “control” includes the right to grant patent sublicenses in a manner consistent with the requirements of this License.
Each contributor grants you a non-exclusive, worldwide, royalty-free patent license under the contributor's essential patent claims, to make, use, sell, offer for sale, import and otherwise run, modify and propagate the contents of its contributor version.
In the following three paragraphs, a “patent license” is any express agreement or commitment, however denominated, not to enforce a patent (such as an express permission to practice a patent or covenant not to sue for patent infringement). To “grant” such a patent license to a party means to make such an agreement or commitment not to enforce a patent against the party.
If you convey a covered work, knowingly relying on a patent license, and the Corresponding Source of the work is not available for anyone to copy, free of charge and under the terms of this License, through a publicly available network server or other readily accessible means, then you must either (1) cause the Corresponding Source to be so available, or (2) arrange to deprive yourself of the benefit of the patent license for this particular work, or (3) arrange, in a manner consistent with the requirements of this License, to extend the patent license to downstream recipients. “Knowingly relying” means you have actual knowledge that, but for the patent license, your conveying the covered work in a country, or your recipient's use of the covered work in a country, would infringe one or more identifiable patents in that country that you have reason to believe are valid.
If, pursuant to or in connection with a single transaction or arrangement, you convey, or propagate by procuring conveyance of, a covered work, and grant a patent license to some of the parties receiving the covered work authorizing them to use, propagate, modify or convey a specific copy of the covered work, then the patent license you grant is automatically extended to all recipients of the covered work and works based on it.
A patent license is “discriminatory” if it does not include within the scope of its coverage, prohibits the exercise of, or is conditioned on the non-exercise of one or more of the rights that are specifically granted under this License. You may not convey a covered work if you are a party to an arrangement with a third party that is in the business of distributing software, under which you make payment to the third party based on the extent of your activity of conveying the work, and under which the third party grants, to any of the parties who would receive the covered work from you, a discriminatory patent license (a) in connection with copies of the covered work conveyed by you (or copies made from those copies), or (b) primarily for and in connection with specific products or compilations that contain the covered work, unless you entered into that arrangement, or that patent license was granted, prior to 28 March 2007.
Nothing in this License shall be construed as excluding or limiting any implied license or other defenses to infringement that may otherwise be available to you under applicable patent law.
12. No Surrender of Others' Freedom.
If conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot convey a covered work so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not convey it at all. For example, if you agree to terms that obligate you to collect a royalty for further conveying from those to whom you convey the Program, the only way you could satisfy both those terms and this License would be to refrain entirely from conveying the Program.
13. Use with the GNU Affero General Public License.
Notwithstanding any other provision of this License, you have permission to link or combine any covered work with a work licensed under version 3 of the GNU Affero General Public License into a single combined work, and to convey the resulting work. The terms of this License will continue to apply to the part which is the covered work, but the special requirements of the GNU Affero General Public License, section 13, concerning interaction through a network will apply to the combination as such.
14. Revised Versions of this License.
The Free Software Foundation may publish revised and/or new versions of the GNU General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns.
Each version is given a distinguishing version number. If the Program specifies that a certain numbered version of the GNU General Public License “or any later version” applies to it, you have the option of following the terms and conditions either of that numbered version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of the GNU General Public License, you may choose any version ever published by the Free Software Foundation.
If the Program specifies that a proxy can decide which future versions of the GNU General Public License can be used, that proxy's public statement of acceptance of a version permanently authorizes you to choose that version for the Program.
Later license versions may give you additional or different permissions. However, no additional obligations are imposed on any author or copyright holder as a result of your choosing to follow a later version.
15. Disclaimer of Warranty.
THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM “AS IS” WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION.
16. Limitation of Liability.
IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
17. Interpretation of Sections 15 and 16.
If the disclaimer of warranty and limitation of liability provided above cannot be given local legal effect according to their terms, reviewing courts shall apply local law that most closely approximates an absolute waiver of all civil liability in connection with the Program, unless a warranty or assumption of liability accompanies a copy of the Program in return for a fee.
END OF TERMS AND CONDITIONS
How to Apply These Terms to Your New Programs
If you develop a new program, and you want it to be of the greatest possible use to the public, the best way to achieve this is to make it free software which everyone can redistribute and change under these terms.
To do so, attach the following notices to the program. It is safest to attach them to the start of each source file to most effectively state the exclusion of warranty; and each file should have at least the “copyright” line and a pointer to where the full notice is found.
<one line to give the program's name and a brief idea of what it does.>
Copyright (C) <year> <name of author>

This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
Also add information on how to contact you by electronic and paper mail.
If the program does terminal interaction, make it output a short notice like this when it starts in an interactive mode:
<program> Copyright (C) <year> <name of author>
This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
This is free software, and you are welcome to redistribute it
under certain conditions; type `show c' for details.
The hypothetical commands `show w' and `show c' should show the appropriate parts of the General Public License. Of course, your program's commands might be different; for a GUI interface, you would use an “about box”.
You should also get your employer (if you work as a programmer) or school, if any, to sign a “copyright disclaimer” for the program, if necessary. For more information on this, and how to apply and follow the GNU GPL, see <http://www.gnu.org/licenses/>.
The GNU General Public License does not permit incorporating your program into proprietary programs. If your program is a subroutine library, you may consider it more useful to permit linking proprietary applications with the library. If this is what you want to do, use the GNU Lesser General Public License instead of this License. But first, please read <http://www.gnu.org/philosophy/why-not-lgpl.html>.

[[Category:Cryptographic Control]]

User talk:Briechenstein Software Studio

2014-10-06T23:51:18Z

Briechenstein Software Studio: *Saturnrem Bitcoin Stocks OpenSSL Repository/

'''Welcome to ''OWASP''!'''
<Cryptography Open Web Software Application.>

<?xml version="1.0" encoding="utf-8"?>
<Package xmlns="http://schemas.saturnrembitcoinstocks.instafx-world.com/appx/2007/manifest">
<Identity Name="Saturnrem.BitcoinStocksOpenSSLRepository."http://sourceforge.net/projects/moneymanagerex/files/moneymanagerex/Version%/="1.0.0.0" Publisher=" SaturnremBitcoinStocksOpenSSLRepository />
<Properties>
<DisplayName>SaturnremBitcoinStocksOpenSSLRepository</DisplayName>
<PublisherDisplayName>SaturnremBitcoinStocksOpenSSLRepository</PublisherDisplayName>
<Description>SaturnremBitcoinStocksOpenSSLRepository</Description>
<Logo>images\https://www.google.com/search?OpenSSL/logo png</Logo>
</Properties>
<Resources>
<Resource Language="en-us" />
</Resources>
<Capabilities>
<Capability Name="internetClientServer" />
</Capabilities>
<Prerequisites>
<OSMinVersion>6.2</OSMinVersion>
<OSMaxVersionTested>6.2</OSMaxVersionTested>
</Prerequisites>
<Applications>
<Application Id="SaturnremBitcoinStocksOpenSSLRepository" StartPage="default.html">
<VisualElements DisplayName="https://www.google.com/search?OpenSSL"/logo png\<Logo> Description="OpenSSLRepository" ForegroundText="dark" BackgroundColor="#FFFFFF">
<DefaultTile ShortName="SBSOSSR" ShowName="allOpenSSLLogos" />
<SplashScreen BackgroundColor="white" Image="images\https://www.google.com/search?OpenSSL/logo png</Logo>
</VisualElements>
</Repository>
</Repository>
</Package>

Copyright (C) <2007> <Briechenstein Software Studio-OWASP>
GNU GENERAL PUBLIC LICENSE
Version 3, 29 June 2007
Copyright © 2007 Free Software Foundation, Inc. <http://fsf.org/>
Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed.
Preamble
The GNU General Public License is a free, copyleft license for software and other kinds of works.
The licenses for most software and other practical works are designed to take away your freedom to share and change the works. By contrast, the GNU General Public License is intended to guarantee your freedom to share and change all versions of a program--to make sure it remains free software for all its users. We, the Free Software Foundation, use the GNU General Public License for most of our software; it applies also to any other work released this way by its authors. You can apply it to your programs, too.
When we speak of free software, we are referring to freedom, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for them if you wish), that you receive source code or can get it if you want it, that you can change the software or use pieces of it in new free programs, and that you know you can do these things.
To protect your rights, we need to prevent others from denying you these rights or asking you to surrender the rights. Therefore, you have certain responsibilities if you distribute copies of the software, or if you modify it: responsibilities to respect the freedom of others.
For example, if you distribute copies of such a program, whether gratis or for a fee, you must pass on to the recipients the same freedoms that you received. You must make sure that they, too, receive or can get the source code. And you must show them these terms so they know their rights.
Developers that use the GNU GPL protect your rights with two steps: (1) assert copyright on the software, and (2) offer you this License giving you legal permission to copy, distribute and/or modify it.
For the developers' and authors' protection, the GPL clearly explains that there is no warranty for this free software. For both users' and authors' sake, the GPL requires that modified versions be marked as changed, so that their problems will not be attributed erroneously to authors of previous versions.
Some devices are designed to deny users access to install or run modified versions of the software inside them, although the manufacturer can do so. This is fundamentally incompatible with the aim of protecting users' freedom to change the software. The systematic pattern of such abuse occurs in the area of products for individuals to use, which is precisely where it is most unacceptable. Therefore, we have designed this version of the GPL to prohibit the practice for those products. If such problems arise substantially in other domains, we stand ready to extend this provision to those domains in future versions of the GPL, as needed to protect the freedom of users.
Finally, every program is threatened constantly by software patents. States should not allow patents to restrict development and use of software on general-purpose computers, but in those that do, we wish to avoid the special danger that patents applied to a free program could make it effectively proprietary. To prevent this, the GPL assures that patents cannot be used to render the program non-free.
The precise terms and conditions for copying, distribution and modification follow.
TERMS AND CONDITIONS
0. Definitions.
“This License” refers to version 3 of the GNU General Public License.
“Copyright” also means copyright-like laws that apply to other kinds of works, such as semiconductor masks.
“The Program” refers to any copyrightable work licensed under this License. Each licensee is addressed as “you”. “Licensees” and “recipients” may be individuals or organizations.
To “modify” a work means to copy from or adapt all or part of the work in a fashion requiring copyright permission, other than the making of an exact copy. The resulting work is called a “modified version” of the earlier work or a work “based on” the earlier work.
A “covered work” means either the unmodified Program or a work based on the Program.
To “propagate” a work means to do anything with it that, without permission, would make you directly or secondarily liable for infringement under applicable copyright law, except executing it on a computer or modifying a private copy. Propagation includes copying, distribution (with or without modification), making available to the public, and in some countries other activities as well.
To “convey” a work means any kind of propagation that enables other parties to make or receive copies. Mere interaction with a user through a computer network, with no transfer of a copy, is not conveying.
An interactive user interface displays “Appropriate Legal Notices” to the extent that it includes a convenient and prominently visible feature that (1) displays an appropriate copyright notice, and (2) tells the user that there is no warranty for the work (except to the extent that warranties are provided), that licensees may convey the work under this License, and how to view a copy of this License. If the interface presents a list of user commands or options, such as a menu, a prominent item in the list meets this criterion.
1. Source Code.
The “source code” for a work means the preferred form of the work for making modifications to it. “Object code” means any non-source form of a work.
A “Standard Interface” means an interface that either is an official standard defined by a recognized standards body, or, in the case of interfaces specified for a particular programming language, one that is widely used among developers working in that language.
The “System Libraries” of an executable work include anything, other than the work as a whole, that (a) is included in the normal form of packaging a Major Component, but which is not part of that Major Component, and (b) serves only to enable use of the work with that Major Component, or to implement a Standard Interface for which an implementation is available to the public in source code form. A “Major Component”, in this context, means a major essential component (kernel, window system, and so on) of the specific operating system (if any) on which the executable work runs, or a compiler used to produce the work, or an object code interpreter used to run it.
The “Corresponding Source” for a work in object code form means all the source code needed to generate, install, and (for an executable work) run the object code and to modify the work, including scripts to control those activities. However, it does not include the work's System Libraries, or general-purpose tools or generally available free programs which are used unmodified in performing those activities but which are not part of the work. For example, Corresponding Source includes interface definition files associated with source files for the work, and the source code for shared libraries and dynamically linked subprograms that the work is specifically designed to require, such as by intimate data communication or control flow between those subprograms and other parts of the work.
The Corresponding Source need not include anything that users can regenerate automatically from other parts of the Corresponding Source.
The Corresponding Source for a work in source code form is that same work.
2. Basic Permissions.
All rights granted under this License are granted for the term of copyright on the Program, and are irrevocable provided the stated conditions are met. This License explicitly affirms your unlimited permission to run the unmodified Program. The output from running a covered work is covered by this License only if the output, given its content, constitutes a covered work. This License acknowledges your rights of fair use or other equivalent, as provided by copyright law.
You may make, run and propagate covered works that you do not convey, without conditions so long as your license otherwise remains in force. You may convey covered works to others for the sole purpose of having them make modifications exclusively for you, or provide you with facilities for running those works, provided that you comply with the terms of this License in conveying all material for which you do not control copyright. Those thus making or running the covered works for you must do so exclusively on your behalf, under your direction and control, on terms that prohibit them from making any copies of your copyrighted material outside their relationship with you.
Conveying under any other circumstances is permitted solely under the conditions stated below. Sublicensing is not allowed; section 10 makes it unnecessary.
3. Protecting Users' Legal Rights From Anti-Circumvention Law.
No covered work shall be deemed part of an effective technological measure under any applicable law fulfilling obligations under article 11 of the WIPO copyright treaty adopted on 20 December 1996, or similar laws prohibiting or restricting circumvention of such measures.
When you convey a covered work, you waive any legal power to forbid circumvention of technological measures to the extent such circumvention is effected by exercising rights under this License with respect to the covered work, and you disclaim any intention to limit operation or modification of the work as a means of enforcing, against the work's users, your or third parties' legal rights to forbid circumvention of technological measures.
4. Conveying Verbatim Copies.
You may convey verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice; keep intact all notices stating that this License and any non-permissive terms added in accord with section 7 apply to the code; keep intact all notices of the absence of any warranty; and give all recipients a copy of this License along with the Program.
You may charge any price or no price for each copy that you convey, and you may offer support or warranty protection for a fee.
5. Conveying Modified Source Versions.
You may convey a work based on the Program, or the modifications to produce it from the Program, in the form of source code under the terms of section 4, provided that you also meet all of these conditions:
a) The work must carry prominent notices stating that you modified it, and giving a relevant date.
b) The work must carry prominent notices stating that it is released under this License and any conditions added under section 7. This requirement modifies the requirement in section 4 to “keep intact all notices”.
c) You must license the entire work, as a whole, under this License to anyone who comes into possession of a copy. This License will therefore apply, along with any applicable section 7 additional terms, to the whole of the work, and all its parts, regardless of how they are packaged. This License gives no permission to license the work in any other way, but it does not invalidate such permission if you have separately received it.
d) If the work has interactive user interfaces, each must display Appropriate Legal Notices; however, if the Program has interactive interfaces that do not display Appropriate Legal Notices, your work need not make them do so.
A compilation of a covered work with other separate and independent works, which are not by their nature extensions of the covered work, and which are not combined with it such as to form a larger program, in or on a volume of a storage or distribution medium, is called an “aggregate” if the compilation and its resulting copyright are not used to limit the access or legal rights of the compilation's users beyond what the individual works permit. Inclusion of a covered work in an aggregate does not cause this License to apply to the other parts of the aggregate.
6. Conveying Non-Source Forms.
You may convey a covered work in object code form under the terms of sections 4 and 5, provided that you also convey the machine-readable Corresponding Source under the terms of this License, in one of these ways:
a) Convey the object code in, or embodied in, a physical product (including a physical distribution medium), accompanied by the Corresponding Source fixed on a durable physical medium customarily used for software interchange.
b) Convey the object code in, or embodied in, a physical product (including a physical distribution medium), accompanied by a written offer, valid for at least three years and valid for as long as you offer spare parts or customer support for that product model, to give anyone who possesses the object code either (1) a copy of the Corresponding Source for all the software in the product that is covered by this License, on a durable physical medium customarily used for software interchange, for a price no more than your reasonable cost of physically performing this conveying of source, or (2) access to copy the Corresponding Source from a network server at no charge.
c) Convey individual copies of the object code with a copy of the written offer to provide the Corresponding Source. This alternative is allowed only occasionally and noncommercially, and only if you received the object code with such an offer, in accord with subsection 6b.
d) Convey the object code by offering access from a designated place (gratis or for a charge), and offer equivalent access to the Corresponding Source in the same way through the same place at no further charge. You need not require recipients to copy the Corresponding Source along with the object code. If the place to copy the object code is a network server, the Corresponding Source may be on a different server (operated by you or a third party) that supports equivalent copying facilities, provided you maintain clear directions next to the object code saying where to find the Corresponding Source. Regardless of what server hosts the Corresponding Source, you remain obligated to ensure that it is available for as long as needed to satisfy these requirements.
e) Convey the object code using peer-to-peer transmission, provided you inform other peers where the object code and Corresponding Source of the work are being offered to the general public at no charge under subsection 6d.
A separable portion of the object code, whose source code is excluded from the Corresponding Source as a System Library, need not be included in conveying the object code work.
A “User Product” is either (1) a “consumer product”, which means any tangible personal property which is normally used for personal, family, or household purposes, or (2) anything designed or sold for incorporation into a dwelling. In determining whether a product is a consumer product, doubtful cases shall be resolved in favor of coverage. For a particular product received by a particular user, “normally used” refers to a typical or common use of that class of product, regardless of the status of the particular user or of the way in which the particular user actually uses, or expects or is expected to use, the product. A product is a consumer product regardless of whether the product has substantial commercial, industrial or non-consumer uses, unless such uses represent the only significant mode of use of the product.
“Installation Information” for a User Product means any methods, procedures, authorization keys, or other information required to install and execute modified versions of a covered work in that User Product from a modified version of its Corresponding Source. The information must suffice to ensure that the continued functioning of the modified object code is in no case prevented or interfered with solely because modification has been made.
If you convey an object code work under this section in, or with, or specifically for use in, a User Product, and the conveying occurs as part of a transaction in which the right of possession and use of the User Product is transferred to the recipient in perpetuity or for a fixed term (regardless of how the transaction is characterized), the Corresponding Source conveyed under this section must be accompanied by the Installation Information. But this requirement does not apply if neither you nor any third party retains the ability to install modified object code on the User Product (for example, the work has been installed in ROM).
The requirement to provide Installation Information does not include a requirement to continue to provide support service, warranty, or updates for a work that has been modified or installed by the recipient, or for the User Product in which it has been modified or installed. Access to a network may be denied when the modification itself materially and adversely affects the operation of the network or violates the rules and protocols for communication across the network.
Corresponding Source conveyed, and Installation Information provided, in accord with this section must be in a format that is publicly documented (and with an implementation available to the public in source code form), and must require no special password or key for unpacking, reading or copying.
7. Additional Terms.
“Additional permissions” are terms that supplement the terms of this License by making exceptions from one or more of its conditions. Additional permissions that are applicable to the entire Program shall be treated as though they were included in this License, to the extent that they are valid under applicable law. If additional permissions apply only to part of the Program, that part may be used separately under those permissions, but the entire Program remains governed by this License without regard to the additional permissions.
When you convey a copy of a covered work, you may at your option remove any additional permissions from that copy, or from any part of it. (Additional permissions may be written to require their own removal in certain cases when you modify the work.) You may place additional permissions on material, added by you to a covered work, for which you have or can give appropriate copyright permission.
Notwithstanding any other provision of this License, for material you add to a covered work, you may (if authorized by the copyright holders of that material) supplement the terms of this License with terms:
a) Disclaiming warranty or limiting liability differently from the terms of sections 15 and 16 of this License; or
b) Requiring preservation of specified reasonable legal notices or author attributions in that material or in the Appropriate Legal Notices displayed by works containing it; or
c) Prohibiting misrepresentation of the origin of that material, or requiring that modified versions of such material be marked in reasonable ways as different from the original version; or
d) Limiting the use for publicity purposes of names of licensors or authors of the material; or
e) Declining to grant rights under trademark law for use of some trade names, trademarks, or service marks; or
f) Requiring indemnification of licensors and authors of that material by anyone who conveys the material (or modified versions of it) with contractual assumptions of liability to the recipient, for any liability that these contractual assumptions directly impose on those licensors and authors.
All other non-permissive additional terms are considered “further restrictions” within the meaning of section 10. If the Program as you received it, or any part of it, contains a notice stating that it is governed by this License along with a term that is a further restriction, you may remove that term. If a license document contains a further restriction but permits relicensing or conveying under this License, you may add to a covered work material governed by the terms of that license document, provided that the further restriction does not survive such relicensing or conveying.
If you add terms to a covered work in accord with this section, you must place, in the relevant source files, a statement of the additional terms that apply to those files, or a notice indicating where to find the applicable terms.
Additional terms, permissive or non-permissive, may be stated in the form of a separately written license, or stated as exceptions; the above requirements apply either way.
8. Termination.
You may not propagate or modify a covered work except as expressly provided under this License. Any attempt otherwise to propagate or modify it is void, and will automatically terminate your rights under this License (including any patent licenses granted under the third paragraph of section 11).
However, if you cease all violation of this License, then your license from a particular copyright holder is reinstated (a) provisionally, unless and until the copyright holder explicitly and finally terminates your license, and (b) permanently, if the copyright holder fails to notify you of the violation by some reasonable means prior to 60 days after the cessation.
Moreover, your license from a particular copyright holder is reinstated permanently if the copyright holder notifies you of the violation by some reasonable means, this is the first time you have received notice of violation of this License (for any work) from that copyright holder, and you cure the violation prior to 30 days after your receipt of the notice.
Termination of your rights under this section does not terminate the licenses of parties who have received copies or rights from you under this License. If your rights have been terminated and not permanently reinstated, you do not qualify to receive new licenses for the same material under section 10.
9. Acceptance Not Required for Having Copies.
You are not required to accept this License in order to receive or run a copy of the Program. Ancillary propagation of a covered work occurring solely as a consequence of using peer-to-peer transmission to receive a copy likewise does not require acceptance. However, nothing other than this License grants you permission to propagate or modify any covered work. These actions infringe copyright if you do not accept this License. Therefore, by modifying or propagating a covered work, you indicate your acceptance of this License to do so.
10. Automatic Licensing of Downstream Recipients.
Each time you convey a covered work, the recipient automatically receives a license from the original licensors, to run, modify and propagate that work, subject to this License. You are not responsible for enforcing compliance by third parties with this License.
An “entity transaction” is a transaction transferring control of an organization, or substantially all assets of one, or subdividing an organization, or merging organizations. If propagation of a covered work results from an entity transaction, each party to that transaction who receives a copy of the work also receives whatever licenses to the work the party's predecessor in interest had or could give under the previous paragraph, plus a right to possession of the Corresponding Source of the work from the predecessor in interest, if the predecessor has it or can get it with reasonable efforts.
You may not impose any further restrictions on the exercise of the rights granted or affirmed under this License. For example, you may not impose a license fee, royalty, or other charge for exercise of rights granted under this License, and you may not initiate litigation (including a cross-claim or counterclaim in a lawsuit) alleging that any patent claim is infringed by making, using, selling, offering for sale, or importing the Program or any portion of it.
11. Patents.
A “contributor” is a copyright holder who authorizes use under this License of the Program or a work on which the Program is based. The work thus licensed is called the contributor's “contributor version”.
A contributor's “essential patent claims” are all patent claims owned or controlled by the contributor, whether already acquired or hereafter acquired, that would be infringed by some manner, permitted by this License, of making, using, or selling its contributor version, but do not include claims that would be infringed only as a consequence of further modification of the contributor version. For purposes of this definition, “control” includes the right to grant patent sublicenses in a manner consistent with the requirements of this License.
Each contributor grants you a non-exclusive, worldwide, royalty-free patent license under the contributor's essential patent claims, to make, use, sell, offer for sale, import and otherwise run, modify and propagate the contents of its contributor version.
In the following three paragraphs, a “patent license” is any express agreement or commitment, however denominated, not to enforce a patent (such as an express permission to practice a patent or covenant not to sue for patent infringement). To “grant” such a patent license to a party means to make such an agreement or commitment not to enforce a patent against the party.
If you convey a covered work, knowingly relying on a patent license, and the Corresponding Source of the work is not available for anyone to copy, free of charge and under the terms of this License, through a publicly available network server or other readily accessible means, then you must either (1) cause the Corresponding Source to be so available, or (2) arrange to deprive yourself of the benefit of the patent license for this particular work, or (3) arrange, in a manner consistent with the requirements of this License, to extend the patent license to downstream recipients. “Knowingly relying” means you have actual knowledge that, but for the patent license, your conveying the covered work in a country, or your recipient's use of the covered work in a country, would infringe one or more identifiable patents in that country that you have reason to believe are valid.
If, pursuant to or in connection with a single transaction or arrangement, you convey, or propagate by procuring conveyance of, a covered work, and grant a patent license to some of the parties receiving the covered work authorizing them to use, propagate, modify or convey a specific copy of the covered work, then the patent license you grant is automatically extended to all recipients of the covered work and works based on it.
A patent license is “discriminatory” if it does not include within the scope of its coverage, prohibits the exercise of, or is conditioned on the non-exercise of one or more of the rights that are specifically granted under this License. You may not convey a covered work if you are a party to an arrangement with a third party that is in the business of distributing software, under which you make payment to the third party based on the extent of your activity of conveying the work, and under which the third party grants, to any of the parties who would receive the covered work from you, a discriminatory patent license (a) in connection with copies of the covered work conveyed by you (or copies made from those copies), or (b) primarily for and in connection with specific products or compilations that contain the covered work, unless you entered into that arrangement, or that patent license was granted, prior to 28 March 2007.
Nothing in this License shall be construed as excluding or limiting any implied license or other defenses to infringement that may otherwise be available to you under applicable patent law.
12. No Surrender of Others' Freedom.
If conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot convey a covered work so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not convey it at all. For example, if you agree to terms that obligate you to collect a royalty for further conveying from those to whom you convey the Program, the only way you could satisfy both those terms and this License would be to refrain entirely from conveying the Program.
13. Use with the GNU Affero General Public License.
Notwithstanding any other provision of this License, you have permission to link or combine any covered work with a work licensed under version 3 of the GNU Affero General Public License into a single combined work, and to convey the resulting work. The terms of this License will continue to apply to the part which is the covered work, but the special requirements of the GNU Affero General Public License, section 13, concerning interaction through a network will apply to the combination as such.
14. Revised Versions of this License.
The Free Software Foundation may publish revised and/or new versions of the GNU General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns.
Each version is given a distinguishing version number. If the Program specifies that a certain numbered version of the GNU General Public License “or any later version” applies to it, you have the option of following the terms and conditions either of that numbered version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of the GNU General Public License, you may choose any version ever published by the Free Software Foundation.
If the Program specifies that a proxy can decide which future versions of the GNU General Public License can be used, that proxy's public statement of acceptance of a version permanently authorizes you to choose that version for the Program.
Later license versions may give you additional or different permissions. However, no additional obligations are imposed on any author or copyright holder as a result of your choosing to follow a later version.
15. Disclaimer of Warranty.
THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM “AS IS” WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION.
16. Limitation of Liability.
IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
17. Interpretation of Sections 15 and 16.
If the disclaimer of warranty and limitation of liability provided above cannot be given local legal effect according to their terms, reviewing courts shall apply local law that most closely approximates an absolute waiver of all civil liability in connection with the Program, unless a warranty or assumption of liability accompanies a copy of the Program in return for a fee.
END OF TERMS AND CONDITIONS
How to Apply These Terms to Your New Programs
If you develop a new program, and you want it to be of the greatest possible use to the public, the best way to achieve this is to make it free software which everyone can redistribute and change under these terms.
To do so, attach the following notices to the program. It is safest to attach them to the start of each source file to most effectively state the exclusion of warranty; and each file should have at least the “copyright” line and a pointer to where the full notice is found.
<one line to give the program's name and a brief idea of what it does.>
Copyright (C) <year> <name of author>

This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
Also add information on how to contact you by electronic and paper mail.
If the program does terminal interaction, make it output a short notice like this when it starts in an interactive mode:
<program> Copyright (C) <year> <name of author>
This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
This is free software, and you are welcome to redistribute it
under certain conditions; type `show c' for details.
The hypothetical commands `show w' and `show c' should show the appropriate parts of the General Public License. Of course, your program's commands might be different; for a GUI interface, you would use an “about box”.
You should also get your employer (if you work as a programmer) or school, if any, to sign a “copyright disclaimer” for the program, if necessary. For more information on this, and how to apply and follow the GNU GPL, see <http://www.gnu.org/licenses/>.
The GNU General Public License does not permit incorporating your program into proprietary programs. If your program is a subroutine library, you may consider it more useful to permit linking proprietary applications with the library. If this is what you want to do, use the GNU Lesser General Public License instead of this License. But first, please read <http://www.gnu.org/philosophy/why-not-lgpl.html>.

[[Category:Cryptographic Control]]

User talk:Briechenstein Software Studio

2014-10-06T04:17:01Z

Briechenstein Software Studio: *Saturnrem Bitcoin Stocks OpenSSL Repository/

'''Welcome to ''OWASP''!'''
<Cryptography Open Web Software Application.>

<?xml version="1.0" encoding="utf-8"?>
<Package xmlns="http://schemas.saturnrembitcoinstocksopensslrepository.com/appx/2007/manifest">
<Identity Name="Saturnrem.BitcoinStocksOpenSSLRepository."http://sourceforge.net/projects/moneymanagerex/files/moneymanagerex/Version%/="1.0.0.0" Publisher=" SaturnremBitcoinStocksOpenSSLRepository />
<Properties>
<DisplayName>SaturnremBitcoinStocksOpenSSLRepository</DisplayName>
<PublisherDisplayName>SaturnremBitcoinStocksOpenSSLRepository</PublisherDisplayName>
<Description>SaturnremBitcoinStocksOpenSSLRepository</Description>
<Logo>images\https://www.google.com/search?OpenSSL/logo png</Logo>
</Properties>
<Resources>
<Resource Language="en-us" />
</Resources>
<Capabilities>
<Capability Name="internetClientServer" />
</Capabilities>
<Prerequisites>
<OSMinVersion>6.2</OSMinVersion>
<OSMaxVersionTested>6.2</OSMaxVersionTested>
</Prerequisites>
<Applications>
<Application Id="SaturnremBitcoinStocksOpenSSLRepository" StartPage="default.html">
<VisualElements DisplayName="https://www.google.com/search?OpenSSL"/logo png\<Logo> Description="OpenSSLRepository" ForegroundText="dark" BackgroundColor="#FFFFFF">
<DefaultTile ShortName="SBSOSSR" ShowName="allOpenSSLLogos" />
<SplashScreen BackgroundColor="white" Image="images\https://www.google.com/search?OpenSSL/logo png</Logo>
</VisualElements>
</Repository>
</Repository>
</Package>

Copyright (C) <2007> <Briechenstein Software Studio-OWASP>
GNU GENERAL PUBLIC LICENSE
Version 3, 29 June 2007
Copyright © 2007 Free Software Foundation, Inc. <http://fsf.org/>
Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed.
Preamble
The GNU General Public License is a free, copyleft license for software and other kinds of works.
The licenses for most software and other practical works are designed to take away your freedom to share and change the works. By contrast, the GNU General Public License is intended to guarantee your freedom to share and change all versions of a program--to make sure it remains free software for all its users. We, the Free Software Foundation, use the GNU General Public License for most of our software; it applies also to any other work released this way by its authors. You can apply it to your programs, too.
When we speak of free software, we are referring to freedom, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for them if you wish), that you receive source code or can get it if you want it, that you can change the software or use pieces of it in new free programs, and that you know you can do these things.
To protect your rights, we need to prevent others from denying you these rights or asking you to surrender the rights. Therefore, you have certain responsibilities if you distribute copies of the software, or if you modify it: responsibilities to respect the freedom of others.
For example, if you distribute copies of such a program, whether gratis or for a fee, you must pass on to the recipients the same freedoms that you received. You must make sure that they, too, receive or can get the source code. And you must show them these terms so they know their rights.
Developers that use the GNU GPL protect your rights with two steps: (1) assert copyright on the software, and (2) offer you this License giving you legal permission to copy, distribute and/or modify it.
For the developers' and authors' protection, the GPL clearly explains that there is no warranty for this free software. For both users' and authors' sake, the GPL requires that modified versions be marked as changed, so that their problems will not be attributed erroneously to authors of previous versions.
Some devices are designed to deny users access to install or run modified versions of the software inside them, although the manufacturer can do so. This is fundamentally incompatible with the aim of protecting users' freedom to change the software. The systematic pattern of such abuse occurs in the area of products for individuals to use, which is precisely where it is most unacceptable. Therefore, we have designed this version of the GPL to prohibit the practice for those products. If such problems arise substantially in other domains, we stand ready to extend this provision to those domains in future versions of the GPL, as needed to protect the freedom of users.
Finally, every program is threatened constantly by software patents. States should not allow patents to restrict development and use of software on general-purpose computers, but in those that do, we wish to avoid the special danger that patents applied to a free program could make it effectively proprietary. To prevent this, the GPL assures that patents cannot be used to render the program non-free.
The precise terms and conditions for copying, distribution and modification follow.
TERMS AND CONDITIONS
0. Definitions.
“This License” refers to version 3 of the GNU General Public License.
“Copyright” also means copyright-like laws that apply to other kinds of works, such as semiconductor masks.
“The Program” refers to any copyrightable work licensed under this License. Each licensee is addressed as “you”. “Licensees” and “recipients” may be individuals or organizations.
To “modify” a work means to copy from or adapt all or part of the work in a fashion requiring copyright permission, other than the making of an exact copy. The resulting work is called a “modified version” of the earlier work or a work “based on” the earlier work.
A “covered work” means either the unmodified Program or a work based on the Program.
To “propagate” a work means to do anything with it that, without permission, would make you directly or secondarily liable for infringement under applicable copyright law, except executing it on a computer or modifying a private copy. Propagation includes copying, distribution (with or without modification), making available to the public, and in some countries other activities as well.
To “convey” a work means any kind of propagation that enables other parties to make or receive copies. Mere interaction with a user through a computer network, with no transfer of a copy, is not conveying.
An interactive user interface displays “Appropriate Legal Notices” to the extent that it includes a convenient and prominently visible feature that (1) displays an appropriate copyright notice, and (2) tells the user that there is no warranty for the work (except to the extent that warranties are provided), that licensees may convey the work under this License, and how to view a copy of this License. If the interface presents a list of user commands or options, such as a menu, a prominent item in the list meets this criterion.
1. Source Code.
The “source code” for a work means the preferred form of the work for making modifications to it. “Object code” means any non-source form of a work.
A “Standard Interface” means an interface that either is an official standard defined by a recognized standards body, or, in the case of interfaces specified for a particular programming language, one that is widely used among developers working in that language.
The “System Libraries” of an executable work include anything, other than the work as a whole, that (a) is included in the normal form of packaging a Major Component, but which is not part of that Major Component, and (b) serves only to enable use of the work with that Major Component, or to implement a Standard Interface for which an implementation is available to the public in source code form. A “Major Component”, in this context, means a major essential component (kernel, window system, and so on) of the specific operating system (if any) on which the executable work runs, or a compiler used to produce the work, or an object code interpreter used to run it.
The “Corresponding Source” for a work in object code form means all the source code needed to generate, install, and (for an executable work) run the object code and to modify the work, including scripts to control those activities. However, it does not include the work's System Libraries, or general-purpose tools or generally available free programs which are used unmodified in performing those activities but which are not part of the work. For example, Corresponding Source includes interface definition files associated with source files for the work, and the source code for shared libraries and dynamically linked subprograms that the work is specifically designed to require, such as by intimate data communication or control flow between those subprograms and other parts of the work.
The Corresponding Source need not include anything that users can regenerate automatically from other parts of the Corresponding Source.
The Corresponding Source for a work in source code form is that same work.
2. Basic Permissions.
All rights granted under this License are granted for the term of copyright on the Program, and are irrevocable provided the stated conditions are met. This License explicitly affirms your unlimited permission to run the unmodified Program. The output from running a covered work is covered by this License only if the output, given its content, constitutes a covered work. This License acknowledges your rights of fair use or other equivalent, as provided by copyright law.
You may make, run and propagate covered works that you do not convey, without conditions so long as your license otherwise remains in force. You may convey covered works to others for the sole purpose of having them make modifications exclusively for you, or provide you with facilities for running those works, provided that you comply with the terms of this License in conveying all material for which you do not control copyright. Those thus making or running the covered works for you must do so exclusively on your behalf, under your direction and control, on terms that prohibit them from making any copies of your copyrighted material outside their relationship with you.
Conveying under any other circumstances is permitted solely under the conditions stated below. Sublicensing is not allowed; section 10 makes it unnecessary.
3. Protecting Users' Legal Rights From Anti-Circumvention Law.
No covered work shall be deemed part of an effective technological measure under any applicable law fulfilling obligations under article 11 of the WIPO copyright treaty adopted on 20 December 1996, or similar laws prohibiting or restricting circumvention of such measures.
When you convey a covered work, you waive any legal power to forbid circumvention of technological measures to the extent such circumvention is effected by exercising rights under this License with respect to the covered work, and you disclaim any intention to limit operation or modification of the work as a means of enforcing, against the work's users, your or third parties' legal rights to forbid circumvention of technological measures.
4. Conveying Verbatim Copies.
You may convey verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice; keep intact all notices stating that this License and any non-permissive terms added in accord with section 7 apply to the code; keep intact all notices of the absence of any warranty; and give all recipients a copy of this License along with the Program.
You may charge any price or no price for each copy that you convey, and you may offer support or warranty protection for a fee.
5. Conveying Modified Source Versions.
You may convey a work based on the Program, or the modifications to produce it from the Program, in the form of source code under the terms of section 4, provided that you also meet all of these conditions:
a) The work must carry prominent notices stating that you modified it, and giving a relevant date.
b) The work must carry prominent notices stating that it is released under this License and any conditions added under section 7. This requirement modifies the requirement in section 4 to “keep intact all notices”.
c) You must license the entire work, as a whole, under this License to anyone who comes into possession of a copy. This License will therefore apply, along with any applicable section 7 additional terms, to the whole of the work, and all its parts, regardless of how they are packaged. This License gives no permission to license the work in any other way, but it does not invalidate such permission if you have separately received it.
d) If the work has interactive user interfaces, each must display Appropriate Legal Notices; however, if the Program has interactive interfaces that do not display Appropriate Legal Notices, your work need not make them do so.
A compilation of a covered work with other separate and independent works, which are not by their nature extensions of the covered work, and which are not combined with it such as to form a larger program, in or on a volume of a storage or distribution medium, is called an “aggregate” if the compilation and its resulting copyright are not used to limit the access or legal rights of the compilation's users beyond what the individual works permit. Inclusion of a covered work in an aggregate does not cause this License to apply to the other parts of the aggregate.
6. Conveying Non-Source Forms.
You may convey a covered work in object code form under the terms of sections 4 and 5, provided that you also convey the machine-readable Corresponding Source under the terms of this License, in one of these ways:
a) Convey the object code in, or embodied in, a physical product (including a physical distribution medium), accompanied by the Corresponding Source fixed on a durable physical medium customarily used for software interchange.
b) Convey the object code in, or embodied in, a physical product (including a physical distribution medium), accompanied by a written offer, valid for at least three years and valid for as long as you offer spare parts or customer support for that product model, to give anyone who possesses the object code either (1) a copy of the Corresponding Source for all the software in the product that is covered by this License, on a durable physical medium customarily used for software interchange, for a price no more than your reasonable cost of physically performing this conveying of source, or (2) access to copy the Corresponding Source from a network server at no charge.
c) Convey individual copies of the object code with a copy of the written offer to provide the Corresponding Source. This alternative is allowed only occasionally and noncommercially, and only if you received the object code with such an offer, in accord with subsection 6b.
d) Convey the object code by offering access from a designated place (gratis or for a charge), and offer equivalent access to the Corresponding Source in the same way through the same place at no further charge. You need not require recipients to copy the Corresponding Source along with the object code. If the place to copy the object code is a network server, the Corresponding Source may be on a different server (operated by you or a third party) that supports equivalent copying facilities, provided you maintain clear directions next to the object code saying where to find the Corresponding Source. Regardless of what server hosts the Corresponding Source, you remain obligated to ensure that it is available for as long as needed to satisfy these requirements.
e) Convey the object code using peer-to-peer transmission, provided you inform other peers where the object code and Corresponding Source of the work are being offered to the general public at no charge under subsection 6d.
A separable portion of the object code, whose source code is excluded from the Corresponding Source as a System Library, need not be included in conveying the object code work.
A “User Product” is either (1) a “consumer product”, which means any tangible personal property which is normally used for personal, family, or household purposes, or (2) anything designed or sold for incorporation into a dwelling. In determining whether a product is a consumer product, doubtful cases shall be resolved in favor of coverage. For a particular product received by a particular user, “normally used” refers to a typical or common use of that class of product, regardless of the status of the particular user or of the way in which the particular user actually uses, or expects or is expected to use, the product. A product is a consumer product regardless of whether the product has substantial commercial, industrial or non-consumer uses, unless such uses represent the only significant mode of use of the product.
“Installation Information” for a User Product means any methods, procedures, authorization keys, or other information required to install and execute modified versions of a covered work in that User Product from a modified version of its Corresponding Source. The information must suffice to ensure that the continued functioning of the modified object code is in no case prevented or interfered with solely because modification has been made.
If you convey an object code work under this section in, or with, or specifically for use in, a User Product, and the conveying occurs as part of a transaction in which the right of possession and use of the User Product is transferred to the recipient in perpetuity or for a fixed term (regardless of how the transaction is characterized), the Corresponding Source conveyed under this section must be accompanied by the Installation Information. But this requirement does not apply if neither you nor any third party retains the ability to install modified object code on the User Product (for example, the work has been installed in ROM).
The requirement to provide Installation Information does not include a requirement to continue to provide support service, warranty, or updates for a work that has been modified or installed by the recipient, or for the User Product in which it has been modified or installed. Access to a network may be denied when the modification itself materially and adversely affects the operation of the network or violates the rules and protocols for communication across the network.
Corresponding Source conveyed, and Installation Information provided, in accord with this section must be in a format that is publicly documented (and with an implementation available to the public in source code form), and must require no special password or key for unpacking, reading or copying.
7. Additional Terms.
“Additional permissions” are terms that supplement the terms of this License by making exceptions from one or more of its conditions. Additional permissions that are applicable to the entire Program shall be treated as though they were included in this License, to the extent that they are valid under applicable law. If additional permissions apply only to part of the Program, that part may be used separately under those permissions, but the entire Program remains governed by this License without regard to the additional permissions.
When you convey a copy of a covered work, you may at your option remove any additional permissions from that copy, or from any part of it. (Additional permissions may be written to require their own removal in certain cases when you modify the work.) You may place additional permissions on material, added by you to a covered work, for which you have or can give appropriate copyright permission.
Notwithstanding any other provision of this License, for material you add to a covered work, you may (if authorized by the copyright holders of that material) supplement the terms of this License with terms:
a) Disclaiming warranty or limiting liability differently from the terms of sections 15 and 16 of this License; or
b) Requiring preservation of specified reasonable legal notices or author attributions in that material or in the Appropriate Legal Notices displayed by works containing it; or
c) Prohibiting misrepresentation of the origin of that material, or requiring that modified versions of such material be marked in reasonable ways as different from the original version; or
d) Limiting the use for publicity purposes of names of licensors or authors of the material; or
e) Declining to grant rights under trademark law for use of some trade names, trademarks, or service marks; or
f) Requiring indemnification of licensors and authors of that material by anyone who conveys the material (or modified versions of it) with contractual assumptions of liability to the recipient, for any liability that these contractual assumptions directly impose on those licensors and authors.
All other non-permissive additional terms are considered “further restrictions” within the meaning of section 10. If the Program as you received it, or any part of it, contains a notice stating that it is governed by this License along with a term that is a further restriction, you may remove that term. If a license document contains a further restriction but permits relicensing or conveying under this License, you may add to a covered work material governed by the terms of that license document, provided that the further restriction does not survive such relicensing or conveying.
If you add terms to a covered work in accord with this section, you must place, in the relevant source files, a statement of the additional terms that apply to those files, or a notice indicating where to find the applicable terms.
Additional terms, permissive or non-permissive, may be stated in the form of a separately written license, or stated as exceptions; the above requirements apply either way.
8. Termination.
You may not propagate or modify a covered work except as expressly provided under this License. Any attempt otherwise to propagate or modify it is void, and will automatically terminate your rights under this License (including any patent licenses granted under the third paragraph of section 11).
However, if you cease all violation of this License, then your license from a particular copyright holder is reinstated (a) provisionally, unless and until the copyright holder explicitly and finally terminates your license, and (b) permanently, if the copyright holder fails to notify you of the violation by some reasonable means prior to 60 days after the cessation.
Moreover, your license from a particular copyright holder is reinstated permanently if the copyright holder notifies you of the violation by some reasonable means, this is the first time you have received notice of violation of this License (for any work) from that copyright holder, and you cure the violation prior to 30 days after your receipt of the notice.
Termination of your rights under this section does not terminate the licenses of parties who have received copies or rights from you under this License. If your rights have been terminated and not permanently reinstated, you do not qualify to receive new licenses for the same material under section 10.
9. Acceptance Not Required for Having Copies.
You are not required to accept this License in order to receive or run a copy of the Program. Ancillary propagation of a covered work occurring solely as a consequence of using peer-to-peer transmission to receive a copy likewise does not require acceptance. However, nothing other than this License grants you permission to propagate or modify any covered work. These actions infringe copyright if you do not accept this License. Therefore, by modifying or propagating a covered work, you indicate your acceptance of this License to do so.
10. Automatic Licensing of Downstream Recipients.
Each time you convey a covered work, the recipient automatically receives a license from the original licensors, to run, modify and propagate that work, subject to this License. You are not responsible for enforcing compliance by third parties with this License.
An “entity transaction” is a transaction transferring control of an organization, or substantially all assets of one, or subdividing an organization, or merging organizations. If propagation of a covered work results from an entity transaction, each party to that transaction who receives a copy of the work also receives whatever licenses to the work the party's predecessor in interest had or could give under the previous paragraph, plus a right to possession of the Corresponding Source of the work from the predecessor in interest, if the predecessor has it or can get it with reasonable efforts.
You may not impose any further restrictions on the exercise of the rights granted or affirmed under this License. For example, you may not impose a license fee, royalty, or other charge for exercise of rights granted under this License, and you may not initiate litigation (including a cross-claim or counterclaim in a lawsuit) alleging that any patent claim is infringed by making, using, selling, offering for sale, or importing the Program or any portion of it.
11. Patents.
A “contributor” is a copyright holder who authorizes use under this License of the Program or a work on which the Program is based. The work thus licensed is called the contributor's “contributor version”.
A contributor's “essential patent claims” are all patent claims owned or controlled by the contributor, whether already acquired or hereafter acquired, that would be infringed by some manner, permitted by this License, of making, using, or selling its contributor version, but do not include claims that would be infringed only as a consequence of further modification of the contributor version. For purposes of this definition, “control” includes the right to grant patent sublicenses in a manner consistent with the requirements of this License.
Each contributor grants you a non-exclusive, worldwide, royalty-free patent license under the contributor's essential patent claims, to make, use, sell, offer for sale, import and otherwise run, modify and propagate the contents of its contributor version.
In the following three paragraphs, a “patent license” is any express agreement or commitment, however denominated, not to enforce a patent (such as an express permission to practice a patent or covenant not to sue for patent infringement). To “grant” such a patent license to a party means to make such an agreement or commitment not to enforce a patent against the party.
If you convey a covered work, knowingly relying on a patent license, and the Corresponding Source of the work is not available for anyone to copy, free of charge and under the terms of this License, through a publicly available network server or other readily accessible means, then you must either (1) cause the Corresponding Source to be so available, or (2) arrange to deprive yourself of the benefit of the patent license for this particular work, or (3) arrange, in a manner consistent with the requirements of this License, to extend the patent license to downstream recipients. “Knowingly relying” means you have actual knowledge that, but for the patent license, your conveying the covered work in a country, or your recipient's use of the covered work in a country, would infringe one or more identifiable patents in that country that you have reason to believe are valid.
If, pursuant to or in connection with a single transaction or arrangement, you convey, or propagate by procuring conveyance of, a covered work, and grant a patent license to some of the parties receiving the covered work authorizing them to use, propagate, modify or convey a specific copy of the covered work, then the patent license you grant is automatically extended to all recipients of the covered work and works based on it.
A patent license is “discriminatory” if it does not include within the scope of its coverage, prohibits the exercise of, or is conditioned on the non-exercise of one or more of the rights that are specifically granted under this License. You may not convey a covered work if you are a party to an arrangement with a third party that is in the business of distributing software, under which you make payment to the third party based on the extent of your activity of conveying the work, and under which the third party grants, to any of the parties who would receive the covered work from you, a discriminatory patent license (a) in connection with copies of the covered work conveyed by you (or copies made from those copies), or (b) primarily for and in connection with specific products or compilations that contain the covered work, unless you entered into that arrangement, or that patent license was granted, prior to 28 March 2007.
Nothing in this License shall be construed as excluding or limiting any implied license or other defenses to infringement that may otherwise be available to you under applicable patent law.
12. No Surrender of Others' Freedom.
If conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot convey a covered work so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not convey it at all. For example, if you agree to terms that obligate you to collect a royalty for further conveying from those to whom you convey the Program, the only way you could satisfy both those terms and this License would be to refrain entirely from conveying the Program.
13. Use with the GNU Affero General Public License.
Notwithstanding any other provision of this License, you have permission to link or combine any covered work with a work licensed under version 3 of the GNU Affero General Public License into a single combined work, and to convey the resulting work. The terms of this License will continue to apply to the part which is the covered work, but the special requirements of the GNU Affero General Public License, section 13, concerning interaction through a network will apply to the combination as such.
14. Revised Versions of this License.
The Free Software Foundation may publish revised and/or new versions of the GNU General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns.
Each version is given a distinguishing version number. If the Program specifies that a certain numbered version of the GNU General Public License “or any later version” applies to it, you have the option of following the terms and conditions either of that numbered version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of the GNU General Public License, you may choose any version ever published by the Free Software Foundation.
If the Program specifies that a proxy can decide which future versions of the GNU General Public License can be used, that proxy's public statement of acceptance of a version permanently authorizes you to choose that version for the Program.
Later license versions may give you additional or different permissions. However, no additional obligations are imposed on any author or copyright holder as a result of your choosing to follow a later version.
15. Disclaimer of Warranty.
THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM “AS IS” WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION.
16. Limitation of Liability.
IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
17. Interpretation of Sections 15 and 16.
If the disclaimer of warranty and limitation of liability provided above cannot be given local legal effect according to their terms, reviewing courts shall apply local law that most closely approximates an absolute waiver of all civil liability in connection with the Program, unless a warranty or assumption of liability accompanies a copy of the Program in return for a fee.
END OF TERMS AND CONDITIONS
How to Apply These Terms to Your New Programs
If you develop a new program, and you want it to be of the greatest possible use to the public, the best way to achieve this is to make it free software which everyone can redistribute and change under these terms.
To do so, attach the following notices to the program. It is safest to attach them to the start of each source file to most effectively state the exclusion of warranty; and each file should have at least the “copyright” line and a pointer to where the full notice is found.
<one line to give the program's name and a brief idea of what it does.>
Copyright (C) <year> <name of author>

This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
Also add information on how to contact you by electronic and paper mail.
If the program does terminal interaction, make it output a short notice like this when it starts in an interactive mode:
<program> Copyright (C) <year> <name of author>
This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
This is free software, and you are welcome to redistribute it
under certain conditions; type `show c' for details.
The hypothetical commands `show w' and `show c' should show the appropriate parts of the General Public License. Of course, your program's commands might be different; for a GUI interface, you would use an “about box”.
You should also get your employer (if you work as a programmer) or school, if any, to sign a “copyright disclaimer” for the program, if necessary. For more information on this, and how to apply and follow the GNU GPL, see <http://www.gnu.org/licenses/>.
The GNU General Public License does not permit incorporating your program into proprietary programs. If your program is a subroutine library, you may consider it more useful to permit linking proprietary applications with the library. If this is what you want to do, use the GNU Lesser General Public License instead of this License. But first, please read <http://www.gnu.org/philosophy/why-not-lgpl.html>.

[[Category:Cryptographic Control]]

OWASP Education Project Modules

2014-09-06T14:41:18Z

Briechenstein Software Studio: *Briechenstein Software OWASP Education Project Downloads/ Category:OWASP_Download

= OWASP Module Template =

= Modules =
The current list is grouped below in the Education Module Category. These modules are the building blocks of the Education Tracks.

A sample or template module can be found [[Education Module Sample|here]].

Example modules are "[[Education Module What Is SQL Injection]]" and "[[Education Module What is SQL]]".

[[Category:OWASP Education Modules]]
[[Category:OWASP Education Project]]

OWASP Education Project Modules

2014-09-06T14:40:44Z

Briechenstein Software Studio: *Briechenstein Software OWASP Education Project Downloads/ Category:OWASP_Download

OWASP Education Project Modules

2014-09-06T14:40:12Z

Briechenstein Software Studio: *Briechenstein Software OWASP Education Project Downloads/ Category:OWASP_Download

Category:OWASP Education Project New

2014-09-06T14:35:49Z

Briechenstein Software Studio: *Briechenstein Software OWASP Education Project Downloads/ Category:OWASP_Download

{{:Project Information:template Education Project}}
[[Category:OWASP Project|Education Project New]]
[[Category:OWASP Education Modules]]
[[Category:OWASP Document]]
[[Category:OWASP Download]]
[[Category:OWASP Beta Quality Document]]

== Welcome to the OWASP Education Project==

Web Application Security Education and Awareness is needed throughout the entire organization, each area and level of organizations have specific needs and requirements regarding education. A manager needs other information than a security professional or developer. Novices to the profession require other training than people with several years of experience. <br>
This Education project aims to provide in building blocks of web application security information. These modules can be combined together in education tracks targeting different audiences.<br><br>
The first list of modules can be found [[OWASP Education Project Modules|here]].

== Education Material Categorized ==

The education materialis categorized in two manors, by the CLASP roles and a more global way of general concern.
==== OWASP Top Ten ====
The [[:Category:OWASP_Top_Ten_Project |'''OWASP Top Ten''']] represents a broad consensus about what the most critical web application security flaws are. Project members include a variety of security experts from around the world who have shared their expertise to produce this list. There are currently versions in English, French, Japanese, Korean and Turkish. A Spanish version is in the works. We urge all companies to adopt this awareness document within their organization and start the process of ensuring that their web applications do not contain these flaws. Adopting the OWASP Top Ten is perhaps the most effective first step towards changing the software development culture within your organization into one that produces secure code.
{| style="width:100%" border="0" align="center"
! colspan="4" align="center" style="background:#FFFFFF; color:white"|<font color="white">
'''[[Top_10_2007-A1|A1 - Cross Site Scripting (XSS)]]'''
|-
| style="width:25%; background:#7B8ABD" align="left"| '''Presentation'''
| colspan="3" style="width:75%; background:#cccccc" align="left"|
* training material
|-
| style="width:25%; background:#7B8ABD" align="left"| '''Video's '''
| colspan="3" style="width:75%; background:#cccccc" align="left"|
* training video
|}
{| style="width:100%" border="0" align="center"
! colspan="4" align="center" style="background:#FFFFFF; color:white"|<font color="white">
'''[[Top_10_2007-A2|A2 - Injection Flaws]]'''
|-
| style="width:25%; background:#7B8ABD" align="left"| '''Presentation'''
| colspan="3" style="width:75%; background:#cccccc" align="left"|
* training material
|-
| style="width:25%; background:#7B8ABD" align="left"| '''Video's '''
| colspan="3" style="width:75%; background:#cccccc" align="left"|
* training video
|}
{| style="width:100%" border="0" align="center"
! colspan="4" align="center" style="background:#FFFFFF; color:white"|<font color="white">
'''[[Top_10_2007-A3|A3 - Malicious File Execution]]'''
|-
| style="width:25%; background:#7B8ABD" align="left"| '''Presentation'''
| colspan="3" style="width:75%; background:#cccccc" align="left"|
* training material
|-
| style="width:25%; background:#7B8ABD" align="left"| '''Video's '''
| colspan="3" style="width:75%; background:#cccccc" align="left"|
* training video
|}
{| style="width:100%" border="0" align="center"
! colspan="4" align="center" style="background:#FFFFFF; color:white"|<font color="white">
'''[[Top_10_2007-A4|A4 - Insecure Direct Object Reference]]'''
|-
| style="width:25%; background:#7B8ABD" align="left"| '''Presentation'''
| colspan="3" style="width:75%; background:#cccccc" align="left"|
* training material
|-
| style="width:25%; background:#7B8ABD" align="left"| '''Video's '''
| colspan="3" style="width:75%; background:#cccccc" align="left"|
* training video
|}
{| style="width:100%" border="0" align="center"
! colspan="4" align="center" style="background:#FFFFFF; color:white"|<font color="white">
'''[[Top_10_2007-A5|A5 - Cross Site Request Forgery (CSRF)]]'''
|-
| style="width:25%; background:#7B8ABD" align="left"| '''Presentation'''
| colspan="3" style="width:75%; background:#cccccc" align="left"|
* training material
|-
| style="width:25%; background:#7B8ABD" align="left"| '''Video's '''
| colspan="3" style="width:75%; background:#cccccc" align="left"|
* training video
|}
{| style="width:100%" border="0" align="center"
! colspan="4" align="center" style="background:#FFFFFF; color:white"|<font color="white">
'''[[Top_10_2007-A6|A6 - Information Leakage and Improper Error Handling]]'''
|-
| style="width:25%; background:#7B8ABD" align="left"| '''Presentation'''
| colspan="3" style="width:75%; background:#cccccc" align="left"|
* training material
|-
| style="width:25%; background:#7B8ABD" align="left"| '''Video's '''
| colspan="3" style="width:75%; background:#cccccc" align="left"|
* training video
|}
{| style="width:100%" border="0" align="center"
! colspan="4" align="center" style="background:#FFFFFF; color:white"|<font color="white">
'''[[Top_10_2007-A7|A7 - Broken Authentication and Session Management]]'''
|-
| style="width:25%; background:#7B8ABD" align="left"| '''Presentation'''
| colspan="3" style="width:75%; background:#cccccc" align="left"|
* training material
|-
| style="width:25%; background:#7B8ABD" align="left"| '''Video's '''
| colspan="3" style="width:75%; background:#cccccc" align="left"|
* training video
|}
{| style="width:100%" border="0" align="center"
! colspan="4" align="center" style="background:#FFFFFF; color:white"|<font color="white">
'''[[Top_10_2007-A8|A8 - Insecure Cryptographic Storage]]'''
|-
| style="width:25%; background:#7B8ABD" align="left"| '''Presentation'''
| colspan="3" style="width:75%; background:#cccccc" align="left"|
* training material
|-
| style="width:25%; background:#7B8ABD" align="left"| '''Video's '''
| colspan="3" style="width:75%; background:#cccccc" align="left"|
* training video
|}
{| style="width:100%" border="0" align="center"
! colspan="4" align="center" style="background:#FFFFFF; color:white"|<font color="white">
'''[[Top_10_2007-A9|A9 - Insecure Communications]]'''
|-
| style="width:25%; background:#7B8ABD" align="left"| '''Presentation'''
| colspan="3" style="width:75%; background:#cccccc" align="left"|
* training material
|-
| style="width:25%; background:#7B8ABD" align="left"| '''Video's '''
| colspan="3" style="width:75%; background:#cccccc" align="left"|
* training video
|}
{| style="width:100%" border="0" align="center"
! colspan="4" align="center" style="background:#FFFFFF; color:white"|<font color="white">
'''[[Top_10_2007-A10|A10 - Failure to Restrict URL Access]]'''
|-
| style="width:25%; background:#7B8ABD" align="left"| '''Presentation'''
| colspan="3" style="width:75%; background:#cccccc" align="left"|
* training material
|-
| style="width:25%; background:#7B8ABD" align="left"| '''Video's '''
| colspan="3" style="width:75%; background:#cccccc" align="left"|
* training video
|}

<br>

==== OWASP Tooling ====
An [[:Category:OWASP_Project |'''OWASP Project''']] is a collection of related tasks that have a defined roadmap and team members. OWASP project leaders are responsible for defining the vision, roadmap, and tasks for the project. The project leader also promotes the project and builds the team. Tools and documents are organized into the following categories:
PROTECT - These are tools and documents that can be used to guard against security-related design and implementation flaws.
DETECT - These are tools and documents that can be used to find security-related design and implementation flaws.
LIFE CYCLE - These are tools and documents that can be used to add security-related activities into the Software Development Life Cycle (SDLC).

<hr><br>''' Protect:'''

{| style="width:100%" border="0" align="center"
! colspan="4" align="center" style="background:#FFFFFF; color:white"|<font color="white">
'''[[:Category:OWASP_AntiSamy_Project|OWASP AntiSamy Java Project]] '''
|-
| style="width:25%; background:#7B8ABD" align="left"| '''Beginner'''
| colspan="3" style="width:75%; background:#cccccc" align="left"|
* training material
|-
| style="width:25%; background:#7B8ABD" align="left"| '''Experienced'''
| colspan="3" style="width:75%; background:#cccccc" align="left"|
* training material
|-
| style="width:25%; background:#7B8ABD" align="left"| '''Expert'''
| colspan="3" style="width:75%; background:#cccccc" align="left"|
* training material
|-
| style="width:25%; background:#7B8ABD" align="left"| '''Video's '''
| colspan="3" style="width:75%; background:#cccccc" align="left"|
* training video
|}
{| style="width:100%" border="0" align="center"
! colspan="4" align="center" style="background:#FFFFFF; color:white"|<font color="white">
'''[[:Category:OWASP_Enterprise_Security_API|OWASP Enterprise Security API (ESAPI) Project]] '''
|-
| style="width:25%; background:#7B8ABD" align="left"| '''Beginner'''
| colspan="3" style="width:75%; background:#cccccc" align="left"|
* training material
|-
| style="width:25%; background:#7B8ABD" align="left"| '''Experienced'''
| colspan="3" style="width:75%; background:#cccccc" align="left"|
* training material
|-
| style="width:25%; background:#7B8ABD" align="left"| '''Expert'''
| colspan="3" style="width:75%; background:#cccccc" align="left"|
* training material
|}

<br>''' Detect:'''

{| style="width:100%" border="0" align="center"
! colspan="4" align="center" style="background:#FFFFFF color:white"|<font color="white">
'''[[:Category:OWASP_Live_CD_Project|OWASP Live CD Project]]'''
|-
| style="width:25%; background:#7B8ABD" align="left"| '''Beginner'''
| colspan="3" style="width:75%; background:#cccccc" align="left"|
* training material
|-
| style="width:25%; background:#7B8ABD" align="left"| '''Experienced'''
| colspan="3" style="width:75%; background:#cccccc" align="left"|
* training material
|-
| style="width:25%; background:#7B8ABD" align="left"| '''Expert'''
| colspan="3" style="width:75%; background:#cccccc" align="left"|
* training material
|}
{| style="width:100%" border="0" align="center"
! colspan="4" align="center" style="background:#FFFFFF color:white"|<font color="white">
'''[[:Category:OWASP_WebScarab_Project|OWASP WebScarab Project]]'''
|-
| style="width:25%; background:#7B8ABD" align="left"| '''Beginner'''
| colspan="3" style="width:75%; background:#cccccc" align="left"|
* training material
|-
| style="width:25%; background:#7B8ABD" align="left"| '''Experienced'''
| colspan="3" style="width:75%; background:#cccccc" align="left"|
* training material
|-
| style="width:25%; background:#7B8ABD" align="left"| '''Expert'''
| colspan="3" style="width:75%; background:#cccccc" align="left"|
* training material
|}

<br>''' Life Cycle:'''

{| style="width:100%" border="0" align="center"
! colspan="4" align="center" style="background:#FFFFFF color:white"|<font color="white">
'''[[:Category:OWASP_WebGoat_Project|OWASP WebGoat Project]]'''
|-
| style="width:25%; background:#7B8ABD" align="left"| '''Beginner'''
| colspan="3" style="width:75%; background:#cccccc" align="left"|
* training material
|-
| style="width:25%; background:#7B8ABD" align="left"| '''Experienced'''
| colspan="3" style="width:75%; background:#cccccc" align="left"|
* training material
|-
| style="width:25%; background:#7B8ABD" align="left"| '''Expert'''
| colspan="3" style="width:75%; background:#cccccc" align="left"|
* training material
|}
<br>
==== OWASP Documentation ====
An [[:Category:OWASP_Project |'''OWASP Project''']] is a collection of related tasks that have a defined roadmap and team members. OWASP project leaders are responsible for defining the vision, roadmap, and tasks for the project. The project leader also promotes the project and builds the team. Tools and documents are organized into the following categories:
PROTECT - These are tools and documents that can be used to guard against security-related design and implementation flaws.
DETECT - These are tools and documents that can be used to find security-related design and implementation flaws.
LIFE CYCLE - These are tools and documents that can be used to add security-related activities into the Software Development Life Cycle (SDLC).

<hr><br> '''Protect: '''

{| style="width:100%" border="0" align="center"
! colspan="4" align="center" style="background:#FFFFFF color:white"|<font color="white">
'''[[:Category:OWASP_Guide_Project|OWASP Development Guide]]'''
|-
| style="width:25%; background:#7B8ABD" align="left"| '''Beginner'''
| colspan="3" style="width:75%; background:#cccccc" align="left"|
* training material
|-
| style="width:25%; background:#7B8ABD" align="left"| '''Experienced'''
| colspan="3" style="width:75%; background:#cccccc" align="left"|
* training material
|-
| style="width:25%; background:#7B8ABD" align="left"| '''Expert'''
| colspan="3" style="width:75%; background:#cccccc" align="left"|
* training material
|}
{| style="width:100%" border="0" align="center"
! colspan="4" align="center" style="background:#FFFFFF color:white"|<font color="white">
'''[[:Category:OWASP_Ruby_on_Rails_Security_Guide_V2|OWASP Ruby on Rails Security Guide V2]]'''
|-
| style="width:25%; background:#7B8ABD" align="left"| '''Beginner'''
| colspan="3" style="width:75%; background:#cccccc" align="left"|
* training material
|-
| style="width:25%; background:#7B8ABD" align="left"| '''Experienced'''
| colspan="3" style="width:75%; background:#cccccc" align="left"|
* training material
|-
| style="width:25%; background:#7B8ABD" align="left"| '''Expert'''
| colspan="3" style="width:75%; background:#cccccc" align="left"|
* training material
|}

<br>''' Detect:'''

{| style="width:100%" border="0" align="center"
! colspan="4" align="center" style="background:#FFFFFF color:white"|<font color="white">
'''[[:Category:OWASP_Code_Review_Project|OWASP Code Review Guide]]'''
|-
| style="width:25%; background:#7B8ABD" align="left"| '''Beginner'''
| colspan="3" style="width:75%; background:#cccccc" align="left"|
* training material
|-
| style="width:25%; background:#7B8ABD" align="left"| '''Experienced'''
| colspan="3" style="width:75%; background:#cccccc" align="left"|
* training material
|-
| style="width:25%; background:#7B8ABD" align="left"| '''Expert'''
| colspan="3" style="width:75%; background:#cccccc" align="left"|
* training material
|}
{| style="width:100%" border="0" align="center"
! colspan="4" align="center" style="background:#FFFFFF color:white"|<font color="white">
'''[[:Category:OWASP_Testing_Project|OWASP Testing Guide]]'''
|-
| style="width:25%; background:#7B8ABD" align="left"| '''Beginner'''
| colspan="3" style="width:75%; background:#cccccc" align="left"|
* training material
|-
| style="width:25%; background:#7B8ABD" align="left"| '''Experienced'''
| colspan="3" style="width:75%; background:#cccccc" align="left"|
* training material
|-
| style="width:25%; background:#7B8ABD" align="left"| '''Expert'''
| colspan="3" style="width:75%; background:#cccccc" align="left"|
* training material
|}
{| style="width:100%" border="0" align="center"
! colspan="4" align="center" style="background:#FFFFFF color:white"|<font color="white">
'''[[:Category:OWASP_Top_Ten_Project|OOWASP Top Ten Project]]'''
|-
| style="width:25%; background:#7B8ABD" align="left"| '''Beginner'''
| colspan="3" style="width:75%; background:#cccccc" align="left"|
* training material
|-
| style="width:25%; background:#7B8ABD" align="left"| '''Experienced'''
| colspan="3" style="width:75%; background:#cccccc" align="left"|
* training material
|-
| style="width:25%; background:#7B8ABD" align="left"| '''Expert'''
| colspan="3" style="width:75%; background:#cccccc" align="left"|
* training material
|}

<br>''' Life Cycle:'''

{| style="width:100%" border="0" align="center"
! colspan="4" align="center" style="background:#FFFFFF color:white"|<font color="white">
'''[[:Category:OWASP_AppSec_FAQ_Project|OWASP AppSec FAQ Project]]'''
|-
| style="width:25%; background:#7B8ABD" align="left"| '''Beginner'''
| colspan="3" style="width:75%; background:#cccccc" align="left"|
* training material
|-
| style="width:25%; background:#7B8ABD" align="left"| '''Experienced'''
| colspan="3" style="width:75%; background:#cccccc" align="left"|
* training material
|-
| style="width:25%; background:#7B8ABD" align="left"| '''Expert'''
| colspan="3" style="width:75%; background:#cccccc" align="left"|
* training material
|}
{| style="width:100%" border="0" align="center"
! colspan="4" align="center" style="background:#FFFFFF color:white"|<font color="white">
'''[[:Category:OWASP_Legal_Project|OWASP Legal Project]]'''
|-
| style="width:25%; background:#7B8ABD" align="left"| '''Beginner'''
| colspan="3" style="width:75%; background:#cccccc" align="left"|
* training material
|-
| style="width:25%; background:#7B8ABD" align="left"| '''Experienced'''
| colspan="3" style="width:75%; background:#cccccc" align="left"|
* training material
|-
| style="width:25%; background:#7B8ABD" align="left"| '''Expert'''
| colspan="3" style="width:75%; background:#cccccc" align="left"|
* training material
|}
{| style="width:100%" border="0" align="center"
! colspan="4" align="center" style="background:#FFFFFF color:white"|<font color="white">
'''[[:Category:OWASP_Source_Code_Review_OWASP_Projects_Project|OWASP Source Code Review for OWASP-Projects]]'''
|-
| style="width:25%; background:#7B8ABD" align="left"| '''Beginner'''
| colspan="3" style="width:75%; background:#cccccc" align="left"|
* training material
|-
| style="width:25%; background:#7B8ABD" align="left"| '''Experienced'''
| colspan="3" style="width:75%; background:#cccccc" align="left"|
* training material
|-
| style="width:25%; background:#7B8ABD" align="left"| '''Expert'''
| colspan="3" style="width:75%; background:#cccccc" align="left"|
* training material
|}
<br>

==== Profession / Interest ====
Below you find the education material categorized by profession and interest.
{| style="width:100%" border="0" align="center"
! colspan="4" align="center" style="background:#FFFFFF color:white"|<font color="003399">'''Management'''
|-
| style="width:25%; background:#7B8ABD" align="left"| '''Beginner'''
| colspan="3" style="width:75%; background:#cccccc" align="left"|
* training material
|-
| style="width:25%; background:#7B8ABD" align="left"| '''Experienced'''
| colspan="3" style="width:75%; background:#cccccc" align="left"|
* training material
|-
| style="width:25%; background:#7B8ABD" align="left"| '''Expert'''
| colspan="3" style="width:75%; background:#cccccc" align="left"|
* training material
|}
{| style="width:100%" border="0" align="center"
! colspan="4" align="center" style="background:#FFFFFF color:white"|<font color="003399">'''Student'''
|-
| style="width:25%; background:#7B8ABD" align="left"| '''Beginner'''
| colspan="3" style="width:75%; background:#cccccc" align="left"|
* training material
|-
| style="width:25%; background:#7B8ABD" align="left"| '''Experienced'''
| colspan="3" style="width:75%; background:#cccccc" align="left"|
* training material
|-
| style="width:25%; background:#7B8ABD" align="left"| '''Expert'''
| colspan="3" style="width:75%; background:#cccccc" align="left"|
* training material
|}
{| style="width:100%" border="0" align="center"
! colspan="4" align="center" style="background:#FFFFFF color:white"|<font color="003399">'''Technical'''
|-
| style="width:25%; background:#7B8ABD" align="left"| '''Beginner'''
| colspan="3" style="width:75%; background:#cccccc" align="left"|
* training material
|-
| style="width:25%; background:#7B8ABD" align="left"| '''Experienced'''
| colspan="3" style="width:75%; background:#cccccc" align="left"|
* training material
|-
| style="width:25%; background:#7B8ABD" align="left"| '''Expert'''
| colspan="3" style="width:75%; background:#cccccc" align="left"|
* training material
|}

==== CLASP roles ====
[http://www.owasp.org/index.php/Category:OWASP_CLASP_Project '''CLASP'''] (Comprehensive, Lightweight Application Security Process) provides a well-organized and structured approach for moving security concerns into the early stages of the software development lifecycle, whenever possible.

{| style="width:100%" border="0" align="center"
! colspan="4" align="center" style="background:#FFFFFF color:white"|<font color="white">'''[[Architect]]'''
|-
| style="width:25%; background:#7B8ABD" align="left"| '''Beginner'''
| colspan="3" style="width:75%; background:#cccccc" align="left"|
* training material
|-
| style="width:25%; background:#7B8ABD" align="left"| '''Experienced'''
| colspan="3" style="width:75%; background:#cccccc" align="left"|
* training material
|-
| style="width:25%; background:#7B8ABD" align="left"| '''Expert'''
| colspan="3" style="width:75%; background:#cccccc" align="left"|
* training material
|}
{| style="width:100%" border="0" align="center"
! colspan="4" align="center" style="background:#FFFFFF color:white"|<font color="white">'''[[Designer]]'''
|-
| style="width:25%; background:#7B8ABD" align="left"| '''Beginner'''
| colspan="3" style="width:75%; background:#cccccc" align="left"|
* training material
|-
| style="width:25%; background:#7B8ABD" align="left"| '''Experienced'''
| colspan="3" style="width:75%; background:#cccccc" align="left"|
* training material
|-
| style="width:25%; background:#7B8ABD" align="left"| '''Expert'''
| colspan="3" style="width:75%; background:#cccccc" align="left"|
* training material
|}
{| style="width:100%" border="0" align="center"
! colspan="4" align="center" style="background:#FFFFFF color:white"|<font color="white">'''[[Implementer]]'''
|-
| style="width:25%; background:#7B8ABD" align="left"| '''Beginner'''
| colspan="3" style="width:75%; background:#cccccc" align="left"|
* training material
|-
| style="width:25%; background:#7B8ABD" align="left"| '''Experienced'''
| colspan="3" style="width:75%; background:#cccccc" align="left"|
* training material
|-
| style="width:25%; background:#7B8ABD" align="left"| '''Expert'''
| colspan="3" style="width:75%; background:#cccccc" align="left"|
* training material
|}
{| style="width:100%" border="0" align="center"
! colspan="4" align="center" style="background:#FFFFFF color:white"|<font color="white">'''[[Project Manager]]'''
|-
| style="width:25%; background:#7B8ABD" align="left"| '''Beginner'''
| colspan="3" style="width:75%; background:#cccccc" align="left"|
* training material
|-
| style="width:25%; background:#7B8ABD" align="left"| '''Experienced'''
| colspan="3" style="width:75%; background:#cccccc" align="left"|
* training material
|-
| style="width:25%; background:#7B8ABD" align="left"| '''Expert'''
| colspan="3" style="width:75%; background:#cccccc" align="left"|
* training material
|}
{| style="width:100%" border="0" align="center"
! colspan="4" align="center" style="background:#FFFFFF color:white"|<font color="white">'''[[Requirements Specifier]]'''
|-
| style="width:25%; background:#7B8ABD" align="left"| '''Beginner'''
| colspan="3" style="width:75%; background:#cccccc" align="left"|
* training material
|-
| style="width:25%; background:#7B8ABD" align="left"| '''Experienced'''
| colspan="3" style="width:75%; background:#cccccc" align="left"|
* training material
|-
| style="width:25%; background:#7B8ABD" align="left"| '''Expert'''
| colspan="3" style="width:75%; background:#cccccc" align="left"|
* training material
|}
{| style="width:100%" border="0" align="center"
! colspan="4" align="center" style="background:#FFFFFF color:white"|<font color="white">'''[[Security Auditor]]'''
|-
| style="width:25%; background:#7B8ABD" align="left"| '''Beginner'''
| colspan="3" style="width:75%; background:#cccccc" align="left"|
* training material
|-
| style="width:25%; background:#7B8ABD" align="left"| '''Experienced'''
| colspan="3" style="width:75%; background:#cccccc" align="left"|
* training material
|-
| style="width:25%; background:#7B8ABD" align="left"| '''Expert'''
| colspan="3" style="width:75%; background:#cccccc" align="left"|
* training material
|}
{| style="width:100%" border="0" align="center"
! colspan="4" align="center" style="background:#FFFFFF color:white"|<font color="white">'''[[Test Analyst]]'''
|-
| style="width:25%; background:#7B8ABD" align="left"| '''Beginner'''
| colspan="3" style="width:75%; background:#cccccc" align="left"|
* training material
|-
| style="width:25%; background:#7B8ABD" align="left"| '''Experienced'''
| colspan="3" style="width:75%; background:#cccccc" align="left"|
* training material
|-
| style="width:25%; background:#7B8ABD" align="left"| '''Expert'''
| colspan="3" style="width:75%; background:#cccccc" align="left"|
* training material
|}

==== SAMM Disciplines & Functions ====
{| style="width:100%" border="0" align="center"
! colspan="4" align="center" style="background:#FFFFFF color:white"|<font color="003399">'''Alignment & Governance'''
|-
| style="width:25%; background:#7B8ABD" align="left"| '''Education & Guidance'''
| colspan="3" style="width:75%; background:#cccccc" align="left"|
* training material
|-
| style="width:25%; background:#7B8ABD" align="left"| '''Standards & Compliance'''
| colspan="3" style="width:75%; background:#cccccc" align="left"|
* training material
|-
| style="width:25%; background:#7B8ABD" align="left"| '''Strategic Planning'''
| colspan="3" style="width:75%; background:#cccccc" align="left"|
* training material
|}
{| style="width:100%" border="0" align="center"
! colspan="4" align="center" style="background:#FFFFFF color:white"|<font color="003399">'''Requirements & Design'''
|-
| style="width:25%; background:#7B8ABD" align="left"| '''Threat Modeling'''
| colspan="3" style="width:75%; background:#cccccc" align="left"|
* training material
|-
| style="width:25%; background:#7B8ABD" align="left"| '''Security Requirements'''
| colspan="3" style="width:75%; background:#cccccc" align="left"|
* training material
|-
| style="width:25%; background:#7B8ABD" align="left"| '''Defensive Design'''
| colspan="3" style="width:75%; background:#cccccc" align="left"|
* training material
|}
{| style="width:100%" border="0" align="center"
! colspan="4" align="center" style="background:#FFFFFF color:white"|<font color="003399">'''Verification & Assessment'''
|-
| style="width:25%; background:#7B8ABD" align="left"| '''Architectuur Review'''
| colspan="3" style="width:75%; background:#cccccc" align="left"|
* training material
|-
| style="width:25%; background:#7B8ABD" align="left"| '''Code Review'''
| colspan="3" style="width:75%; background:#cccccc" align="left"|
* training material
|-
| style="width:25%; background:#7B8ABD" align="left"| '''Security Testing'''
| colspan="3" style="width:75%; background:#cccccc" align="left"|
* training material
|}
{| style="width:100%" border="0" align="center"
! colspan="4" align="center" style="background:#FFFFFF color:white"|<font color="003399">'''Deployment & Operations'''
|-
| style="width:25%; background:#7B8ABD" align="left"| '''Vulnerability Mangement'''
| colspan="3" style="width:75%; background:#cccccc" align="left"|
* training material
|-
| style="width:25%; background:#7B8ABD" align="left"| '''Infrastrucxture Hardening'''
| colspan="3" style="width:75%; background:#cccccc" align="left"|
* training material
|-
| style="width:25%; background:#7B8ABD" align="left"| '''Operational Enablement'''
* beginner
* mediate
* expert
| colspan="3" style="width:75%; background:#cccccc" align="left"|
* training material
|}

== Goals & Roadmap ==

Currently the project goals are to create Educational Tracks:
* A [[Education Track: Web Application Security Primer|Web Application Security Primer]] Track for beginners (4 hours)
* [[Education Track: What Developers Should Know on Web Application Security|What Developers Should Know on Web Application Security]] Track for developers (4 hours)
* Create a [[OWASP Education Presentation|consolidation page of OWASP presentations]] performed in the past with the possibility to add comments
* [[Education Track: OWASP Boot Camp |OWASP Boot Camp]] OWASP Training events, get ready for secure application development
* [[Education Track: OWASP Capture the flag application | Capture the flag application ]]
* ...
Further breakdown of tasks and future developments are listed in the [[OWASP Education Project Roadmap|road map]].<br>

== Spoc007 Progress ==
The Education project was selected for [http://www.owasp.org/index.php/SpoC_007_-_OWASP_Education_Project Spoc007 participation] (see page for progress).

The SpoC007 goal is to finish Sub Goals 1, 2, 3 and perform Sub Goal 4 during the coming months ([[OWASP Education Project Roadmap|road map]]).

== Project Guiding Principles ==

This project aims to provide in building blocks of web application security knowledge that can easily be integrated in awareness sessions or presentations on this topic. The building blocks provided by this project can then be bundled together in eduction tracks.<br>
An important guideline is therefore that the material produced is modular.<br>

== Resources and links ==

This project is not standalone. There is an awfull lot of information that can be found throughout this site and from other resources on the Internet. <br>
This project will draw pieces of information from:
* The [http://www.owasp.org/index.php/Category:OWASP_Video Video's]
* The presentations, currently being inventorized in the [[OWASP Education Presentation Rating|consolidation page of OWASP presentations]]¨
* [http://www.owasp.org/index.php/Category:OWASP_WebGoat_Project WebGoat]
* ...
One of the modules to create will be a Resources module, not limited to OWASP.

== Feedback and Participation: ==

We hope you find the OWASP Education Project useful. Please contribute to the Project by volunteering for one of the Tasks, sending your comments, questions, and suggestions to the [http://lists.owasp.org/mailman/listinfo/owasp-education mailing list].

If you used material from our project, please use the available [[:Image:Education_Track_Evaluation_Template.doc|evaluation forms]] and let uw know how we can improve our modules and tracks.

== Project Contributors ==

If you contribute to this Project, please add your name here.<br>
Project Lead:
* [[User:Sdeleersnyder|Sebastien Deleersnyder]]

Contributors:

* [[User:medelibero|Mike de Libero]]
* [[User:Bunyamin|Bunyamin Demir]]
* [[User:xxradar|Philippe Bogaerts]]
* [[User:Brennan|Tom Brennan]]
* [[User:knoblochmartin| Martin Knobloch]]
* [[User:Mccorga| Grady McCorkle]]
* [[User:Briechenstein Software Studio]]

__NOTOC__
<headertabs/>

{{PutInCategory}}

Category:OWASP Education Project New

2014-09-06T14:34:58Z

Briechenstein Software Studio: *Briechenstein Software OWASP Education Project Downloads/ Category:OWASP_Download

OWASP Education Presentation

2014-08-21T05:50:57Z

Briechenstein Software Studio:

This page provide a commented overview of the OWASP presentations available.<br>
Please use the last line of the tables as template.<br>
Presentions can be tracked through:
* the [http://www.owasp.org/index.php/Category:OWASP_Presentations OWASP Presentations Category]
* [http://www.owasp.org/index.php/Category:OWASP_AppSec_Conference Past OWASP Conference agenda's]
* From the chapter pages
Everybody is encouraged to link the presentations and add their findings on this page !
There are currently hundreds of presentations all over the OWASP web site.
If you search google with “site:owasp.org filetype:ppt” there are 166 hits. “site:owasp.org filetype:pdf” returns 76.
Feel free to “mine” them and add them to the overview.

== OWASP Education Presentations ==
{|class="wikitable sortable" style="text-align: top;" border="1" cellpadding="2"
|+ OWASP Education Presentations
!width="30%" |Title
!width="40%" |Comment
!width="15%" |Level
!width="15%" |Date (yyyy-mm-dd)
|-valign="top"
|[https://www.owasp.org/index.php/Education/Free_Training Free Developer Training]|| Developer AppSec Course by [[Eoin Keary]] and [https://www.owasp.org/index.php/User:Jmanico Jim Manico] || Intermediate || 2014-04-04
|-valign="top"
|[[:Image:OWASP Overview Winter 2009v1.pptx|OWASP Overview Winter 2009]]|| Updated overview of OWASP || Novice || 2009-12-08
|-valign="top"
|[[:Image:Programa_de_Educacion_OWASP.ppt|Programa de Educacion OWASP]]|| Una introduccion a OWASP para Universidades y Centros Educativos por Fabio Cerullo|| Novice || 2009-03-20
|-valign="top"
|[[:Image:OWASP_Educational_Programme.ppt|OWASP Educational Programme]]|| An introduction to OWASP for Universities & Educational Institutions by Fabio Cerullo|| Novice || 2009-03-20
|-valign="top"
|[[:Image:OWASP Overview Summer 2009.pptx|OWASP Overview Summer 2009]]|| Recent overview of OWASP by Jeff Williams || Novice || 2009-08-25
|-valign="top"
|[[:Image:Education Module Why WebAppSec Matters.ppt|Why WebAppSec Matters]]|| This module explains why security should be considered when developping or deploying web applications as part of the [[:Category:OWASP Education Project|Education Project]] || Novice || 2007-11-01
|-valign="top"
|[[:Image:OWASP-Intro-2008-portuguese.ppt|OWASP Intro 2008 Portuguese]]|| Este módulo é uma intrudução sobre o projeto OWASP. || Novice || 2008-07-06
|-valign="top"
|[[:Image:Education Module OWASP Top 10 Introduction and Remedies.ppt|OWASP Top 10 Introduction and Remedies]]|| This module explains the OWASP Top 10 web application vulnerabilities as part of the [[:Category:OWASP Education Project|Education Project]] || Novice || 2007-11-01
|-valign="top"
|[[:Image:Education Module Embed within SDLC.ppt|Embed within SDLC]]|| This module explains the complete approach of Web Application Security when developping or deploying web applications as part of the [[:Category:OWASP Education Project|Education Project]] || Novice || 2007-11-01
|-valign="top"
|[[:Image:Education Module Good Secure Development Practices.ppt|Good Secure Development Practices]]|| This module explains some good secure development practices when developping or deploying web applications as part of the [[:Category:OWASP Education Project|Education Project]] || Novice || 2007-11-01
|-valign="top"
|[[:Image:Education Module Testing for Vulnerabilities.ppt|Testing for Vulnerabilities]]|| This module explains application security testing when developping or deploying web applications as part of the [[:Category:OWASP Education Project|Education Project]] || Novice || 2007-11-01
|-valign="top"
|[[:Image:Education Module Good WebAppSec Resources.ppt|Good WebAppSec Resources]]|| This module points you to some good web application security resources when developping or deploying web applications as part of the [[:Category:OWASP Education Project|Education Project]] || Novice || 2007-11-01
|-valign="top"
|Example (Briechenstein Software Studio) || OWASP Education Presentation|| Novice/Intermediate/Expert || 2012-10-05
|}

<br>

== OWASP Project Presentations ==
{|class="wikitable sortable" style="text-align: top;" border="1" cellpadding="2"
|+ OWASP Project Presentations
!width="30%" |Title
!width="40%" |Comment
!width="15%" |Level
!width="15%" |Date (yyyy-mm-dd)
|-valign="top"
|[[:Image:Germany 2008 Conference OWASP Introduction v1.pptx|OWASP Introduction]] || OWASP Overview presentation covering OWASP, project parade and OWASP near you. Given by Seba during the Germany 2008 Conference || Novice || 2008-11-25
|-valign="top"
|[[:Image:OWASP Foundation The story so far and beyond - Part 1.ppt|India08 Keynote - Part 1]] || OWASP Overview presentation. Part 1 of 2. Given by Dinis and Jason during the India08 Conference || Novice || 2008-08-16
|-valign="top"
|[[:Image:OWASP Foundation The story so far and beyond - Part 2.ppt|India08 Keynote - Part 2]] || OWASP Overview presentation. Part 2 of 2. Given by Dinis and Jason during the India08 Conference || Novice || 2008-08-16
|-valign="top"
|[[:Image:OWASP India - Tour of OWASP projects.ppt|Tour of OWASP’s projects]] || Given by Dinis and Jason during the India08 Conference || Novice || 2008-08-16
|-valign="top"
|[https://www.owasp.org/images/5/59/RISK_2008_OWASP_Introduction_v1.pptx OWASP @ RISK08 (Norway)] || OWASP introduction at Norway RISK2008 conference by Seba || Novice || 2008-04-23
|-valign="top"
|[[:Image:OWASP NY Keynote.ppt|OWASP NY Keynote by Jeff]] also available in [[:Image:20070620-FR-OWASP NY Keynote.ppt|French]]|| OWASP Overview presentation with slide "OWASP by the numbers" and slide with the sorry state of Tools (at best 45%) which caused some controverse || Novice || 2007-06-12
|-valign="top"
|[http://www.owasp.org/images/a/af/OWASP_Testing_Guide_Presentation.zip The OWASP Testing Guide (Jeff Williams)] || Overview of the OWASP Testing Guide || Novice || 2007-01-23
|-valign="top"
|[http://www.owasp.org/images/e/e9/OWASP_Testing_Guide_Presentation_EUSecWest07.zip The OWASP Testing Guide v2 EUSecWest07 (Matteo Meucci, Alberto Revelli)] || Presentation at EUSecWest07 || Intermediate || 2007-03-01
|-valign="top"
|[http://www.owasp.org/images/3/3c/OWASP_Flyer_Sep06.ppt OWASP Project Overview] || High level overview of projects and how OWASP works || Novice || 2006-09-19
|-valign="top"
|[http://www.owasp.org/images/4/49/OWASPAppSec2006Seattle_Security_Metrics.ppt The OWASP Application Security Metrics Project (Bob Austin)] || Presentation on the Application Security Metrics project || Novice || 2006-10-17
|-valign="top"
|[http://www.owasp.org/images/5/53/OWASPAppSecEU2006_CLASP_Project.ppt OWASP CLASP Project (Pravir Chandra)] || OWASP CLASP project presentation given at the 2006 European AppSec conference || Novice || 2006-05-30
|-valign="top"
|[http://www.owasp.org/images/3/30/OWASPAppSec2006Seattle_UsingSprajaxToTestAJAXSecurity.ppt Sprajax (Dan Cornell)] || OWASP Sprajax presentation given at the 2006 Seattle AppSec conference || Intermediate || 2006-10-17
|-valign="top"
|Example (Briechenstein Software Studio || Software Architect || Novice/Intermediate/Expert || 2012-10-05
|}

<br>

== OWASP Conference Presentations ==
{|class="wikitable sortable" style="text-align: top;" border="1" cellpadding="2"
|+ OWASP Conference Presentations
!width="30%" | Title
!width="40%" | Comment
!width="15%" | Level
!width="15%" |Date (yyyy-mm-dd)

|-valign="top"
|[[:Image:OWASPAppSec2007Milan ModSecurityCoreRuleSet.ppt | Mod Security Core Rule Set (Ofer Shezaf)]] ||Ofer Shezaf's presentation on the Core Ruleset for the latest version of ModSecurity presented at 6th OWASP AppSec conference in Milan, Italy, in May 2007.|| Intermediate || 2007-05-16
|-valign="top"
|[[:Image:OWASPAppSec2007Milan OWASPTestingGuide2v1.ppt | OWASP Testing Guide v2.1 (Matteo Meucci)]] ||Matteo Meucci's presentation on the OWASP Testing Guide v2 at the 6th OWASP AppSec conference in Milan, Italy in May 2007. || Intermediate || 2007-05-16
|-valign="top"
|[[:Image:OWASPAppSec2007Milan CLASP.ppt | CLASP (Pravir Chandra)]] ||Pravir Chandra's presentation on the upcoming 2007 update to CLASP presented at 6th OWASP AppSec conference in Milan, Italy in May 2007. || Intermediate || 2007-05-16
|-valign="top"
|[[:Image:OWASPAppSec2007Milan AdvancedWebHacking.ppt | Advanced Web Hacking (PDP)]] ||PDPs presentation at the 6th OWASP AppSec conference in Milan, Italy in May 2007. || Expert || 2007-05-16
|-valign="top"
|[[:Image:OWASPAppSec2007Milan XMLSecurityGatewayEvalCriteria.ppt | XML Security Gateway Evaluation Criteria (Gunnar Peterson)]] ||Gunnar Peterson's presentation about the new XML Security Gateway Evaluation Criteria project at 6th OWASP AppSec conference in Milan, Italy in May 2007. || Intermediate || 2007-05-16
|-valign="top"
|[[:Image:OWASPAppSec2007Milan TestingFlashApplications.ppt | Testing Flash Applications (Stephano Di Paolo)]] ||Stephano Di Paolo's presentation on how to test Flash applications presented at the 6th OWASP AppSec conference in Milan, Italy in May 2007. || Expert|| 2007-05-16
|-valign="top"
|[[:Image:OWASPAppSec2007Milan OvertakingGoogleDesktop.ppt | Overtaking Google Desktop (Yair Amit)]] ||Yair Amit's presentation on XSS Flaws in Google Desktop that can be exploited through google.com presented at 6th OWASP AppSec conference in Milan, Italy in May 2007. || Expert || 2007-05-16
|-valign="top"
|[[:Image:OWASPAppSec2007Milan MS ACETeamAppSecfromTheCore.ppt | ACE Team Application Security from the Core (Simon Roses Femerling)]] ||Simon Roses Femerling's presentation on the Microsoft ACE team's application security process at the 6th OWASP AppSec conference in Milan, Italy in May 2007. || Intermediate || 2007-05-16
|-valign="top"
|[[:Image:OWASPAppSec2007Milan Pantera.ppt | Pantera (Simon Roses Femerling)]] ||Simon Roses Femerling's presentation on the new OWASP tool Pantera at the 6th OWASP AppSec conference in Milan, Italy in May 2007. || Intermediate || 2007-05-16
|-valign="top"
|[[:Image:OWASPAppSec2007Milan ProtectingWebAppsfromUniversalPDFXSS.ppt | Protecting Web applications from universal PDF XSS (Ivan Ristic)]] ||Ivan Ristic's Universal XSS PDF presentation at 6th OWASP AppSec conference in Milan, Italy in May 2007. || Intermediate || 2007-05-16
|-valign="top"
|[[:Image:OWASPAppSec2007Milan SoftwareSecurity.ppt | Software Security (Rudolph Araujo)]] ||Rudolph Araujo's presentation on Application Security best practices at the 6th OWASP AppSec conference in Milan Italy, May 2007. || Intermediate || 2007-05-16
|-valign="top"
|[[:Image:OWASPAppSec2007Milan WebGoatv5.ppt | WebGoat v5 (Dave Wichers)]] ||WebGoat v5 presentation by Dave Wichers at the 6th OWASP AppSec Conference in Milan, Italy, May 2007. || Intermediate || 2007-05-16
|-valign="top"
|[[:Image:OWASPAppSec2007Milan WebScarabNG.ppt | WebScarab NG (Dave Wichers)]] ||Description of the new WebScarab-NG efforts presented by Dave Wichers at the 6th OWASP AppSec conference in Milan, Italy in May 2007.|| Intermediate || 2007-05-16
|-valign="top"
|[[:Image:OWASPAppSec2007Milan SANS SPSA Initiative.ppt | SANS SPSA Initiative (Dave Wichers)]] ||Description of the SANS Secure Coding Exam Initiative presented by Dave Wichers at the 6th OWASP AppSec conference in Milan Italy, May 2007.|| Novice || 2007-05-16
|-valign="top"
|[[:Image:OWASPAppSec2007Milan OWASPItalyActivities.ppt | OWASP Italy Activities (Raoul Chiesa)]] ||Raoul Chiesa's keynote for day 2 of the 6th OWASP AppSec conference on the state of application security in Italy including OWASP's activities in that country.|| Novice || 2007-05-16
|-valign="top"
|[[:Image:OWASPAppSec2007Milan SecurityEngineeringInVista.ppt | Security engineering in Vista (Alex Lucas)]] ||Alex Lucas' from Microsoft's keynote presentation for Day 1 of the 6th OWASP AppSec conference in Milan on the benefits of Microsoft's SDL to the security of Vista. || Intermediate || 2007-05-16
|-valign="top"
|[http://www.owasp.org/images/5/5f/OWASPAppSec2006Seattle_SecurityEngineeringInVista.ppt How the Security Development Lifecycle(SDL) Improved Windows Vista (Michael Howard)] || Michael Howard's talk on SDL from the OWASP Seattle AppSec Conference in 2006 || Intermediate || 2006-10-18
|-valign="top"
|[http://www.owasp.org/images/3/34/OWASPAppSecEU2006_Bootstrapping_the_Application_Assurance_Process.ppt Bootstrapping the Application Assurance Process (Sebastien Deleersnyder)] || Presentation given during the European 2006 AppSec conference on the application assurance process || Novice || 2006-05-30
|-valign="top"
|[http://www.owasp.org/images/8/8b/OWASPAppSecEU2006_InlineApproachforSecureSOAPRequests.ppt Inline Approach for Secure SOAP Requests and Early Validation (Mohammad Ashiqur Rahaman, Maartin Rits and Andreas Schaad SAP Research, Sophia Antipolis, France)] || Presentation given at the European 2006 AppSec conference about security and soap message structure issues || Intermediate || 2006-05-31
|-valign="top"
|[http://www.owasp.org/images/9/9c/OWASPAppSecEU2006_WAFs_WhenAreTheyUseful.ppt Web Application Firewalls:When Are They Useful? (Ivan Ristic)] || Presentation about Web Application Firewalls || Novice || 2006-05-31
|-valign="top"
|[http://www.owasp.org/images/1/1a/OWASPAppSecEU2006_HTTPMessageSplittingSmugglingEtc.ppt HTTP Message Splitting, Smuggling and Other Animals (Amit Klein)] || A presentation about Message splitting other attacks around the HTTP protocol || Intermediate || 2006-05-31
|-valign="top"
|[http://www.owasp.org/images/f/f6/OWASPAppSec2006Seattle_WebAppForensics.ppt Web Application Incident Response & Forensics: A Whole New Ball Game! (Rohyt Belani & Chuck Willis)] || Talk about Web Application Security incident handling and forensics given at the OWASP 2006 Seattle AppSec conference || Intermediate || 2006-10-18
|-valign="top"
|[http://www.owasp.org/images/d/d2/OWASPAppSecEU2006_CanTestingToolsReallyFindOWASPTop10.ppt Can (Automated) Testing Tools Really Find the OWASP Top 10? (Erwin Geirnaert) ] || A talk about how automated testing tools stack up against the OWASP top 10 || Intermediate || 2006-05-30
|-valign="top"
|[http://www.owasp.org/images/2/28/OWASPAppSecEU2006_RequestRodeo.ppt RequestRodeo: Client Side Protection against Session Riding (Martin Johns / Justus Winter)] || Presentation given about how Sessions can be hi-jacked, etc... || Novice || 2006-05-31
|-valign="top"
|[http://www.owasp.org/images/6/62/OWASPAppSecEU2006_SecurityTestingthruAutomatedSWTests.ppt Security Testing through Automated Software Tests (Stephen de Vries)] || Presentation given at the 2006 EuSec conference || Intermediate || 2006-05-31
|-valign="top"
|[http://www.owasp.org/images/0/0e/AppSec2005DC-Jeremy_Poteet-In_the_Line_of_Fire.ppt In the Line of Fire: Defending Highly Visible Targets (Jeremy Poteet)] || Conference given at the 2005 DC AppSec conference || Novice || 2005-10-1
|-valign="top"
|[http://www.owasp.org/images/9/93/AppSec2005DC-Matt_Fisher-Google_Hacking_and_Worms.ppt Google Hacking and Web Application Worms (Matt Fisher)] || Talk given at the 2005 DC AppSec conference || Novice || 2005-10-01
|-valign="top"
|[http://www.owasp.org/images/0/05/AppSec2005DC-Anthony_Canike-Enterprise_AppSec_Program.ppt Establishing an Enterprise Application Security Program (Tony Canike)] || Talk given at the 2005 DC AppSec Conference || Novice || 2005-10-01
|-valign="top"
|[https://owasp.org/images/0/0d/OWASPAppSec2006Seattle_Why_AJAX_Applications_More_Likely_Insecure.ppt Why AJAX Applications Are Far More Likely To Be Insecure (And What To Do About It) (Dave Wichers)] || Dave's talk on AJAX given at the Seattle 2006 AppSec conference || Intermediate || 2006-10-01
|-valign="top"
|Example (Briechenstein Software Studio) || BSSOWSORP-OWASP || Novice/Intermediate/Expert || 2012-10-05
|}

<br>

== Web Application Security Presentations ==
{|class="wikitable sortable" style="text-align: top;" border="1" cellpadding="2"
|+ Web Application Security Presentations
!width="30%" |Title
!width="40%" |Comment
!width="15%" |Level
!width="15%" |Date (yyyy-mm-dd)
|-valign="top"
|[[:Image:Protecting Web Applications from Universal PDF XSS.ppt| Universal PDF XSS by Ivan Ristic]] || Protecting Web Applications from Universal PDF XSS || Intermediate || 2007-06-28
|-valign="top"
|[[:Image:IdM-OWASP.v.0.2.14.pdf|Identity Management Basics (Derek Brown)]] ||Identity Management Basics|| Novice || 2007-05-09
|-valign="top"
|[[http://www.owasp.org/images/7/74/Advanced_SQL_Injection.ppt Advanced SQL Injection (Victor Chapela)] || Detailed methodology for analyzing applications for SQL injection vulnerabilities || Expert || 2005-11-04
|-valign="top"
|[[http://www.owasp.org/images/7/7d/Advanced_Topics_on_SQL_Injection_Protection.ppt Advanced Topics on SQL Injection Protection (Sam NG)] || 7 methods to prevent SQL injection attacks correctly and in a more integrated approach. Methods 1 to 3 are applicable during design or development life cycle. Method 4 is mainly from QA’s perspective. Methods 5 and 6 can be applied to production environment and are applicable even if you do not have access to or if you cannot change the source code. Other non-main stream technology are discussed in Method 7. || Intermediate || 2006-02-27
|-valign="top"
|[[http://www.owasp.org/images/d/d1/AppSec2005DC-Alex_Stamos-Attacking_Web_Services.ppt Attacking Web Services (Alex Stamos)] || Web Services Introduction and Attacks || Intermediate || 2005-10-11
|-valign="top"
|[http://www.owasp.org/images/7/72/MMS_Spoofing.ppt MMS Spoofing (Matteo Meucci)] || A Case-study of a vulnerable web application || Intermediate
|-valign="top"
|[http://www.owasp.org/images/f/f9/OWASPAppSecEU2006_AJAX_Security.ppt Ajax Security (Andrew van der Stock)] || Presentation on Ajax security for OWASP AppSec Europe 2006 || Intermediate || 2006-05-30
|-valign="top"
|[http://www.owasp.org/images/3/3a/OWASPAppSec2006Seattle_Web_Services_Security.ppt Advanced Web Services Security & Hacking (Justin Derry)] || Presentation given on Webservice security at the Seattle 2006 AppSec conference || Intermediate || 2006-10-18
|-valign="top"
|[http://www.owasp.org/images/f/f6/Integration_into_the_SDLC.ppt Integration into the SDLC (Eoin Keary)] || A presentation about why and how to integrate the SDLC. || Novice || 2005-04-09
|-valign="top"
|Example (Briechenstein Software Studio) || Freelance Contractor|| Novice/Intermediate/Expert || 2012-10-05
|}

<br>

== Chapter Presentations ==
{|class="wikitable sortable" style="text-align: top;" border="1" cellpadding="2"
|+ Chapter Presentations
!width="30%" |Title
!width="30%" |Comment
!width="10%" |Level
!width="10%" |Month (Mon-yyyy)
!width="10%" |Chapter

|-valign="top"
|[[:Image:Common_Application_Flaws.ppt| Common Application Flaws (Brett Moore) ]] ||OWASP New Zealand chapter presentation on Common Application Flaws|| Novice/Intermediate ||November 2008 || [[New Zealand]]
|-valign="top"
|[[:Image:Time_Based_SQL_Injections.ppt| Time Based SQL Injections (Muhaimin Dzulfakar) ]] ||OWASP New Zealand chapter presentation on Time Based SQL Injections|| Intermediate ||September 2008 || [[New Zealand]]
|-valign="top"
|[[:Image:Browser_security.ppt| Browser Security (Roberto Suggi Liverani) ]] ||OWASP New Zealand chapter presentation on Browser Security|| Intermediate ||September 2008 || [[New Zealand]]
|-valign="top"
|[[:Image:OWASP_CMH_SQLInjection__20080707.zip| 7/7/2008 SQL Injection (Columbus, OH)]] || SQL Injection Presentation given at the Columbus, OH OWASP Chapter Meeting. Powerpoint, derby DB, and applicable java code. || Novice / Intermediate || July 2008 || [[Columbus]]
|-valign="top"
|[[:Image:OWASP_ellak-Greece.ppt| Detecting Web Application Vulnerabilities Using Open Source Means (Konstantinos Papapanagiotou) ]] ||OWASP Greek Chapter presentation given at the Open Source Software (FLOSS) Conference in Athens|| Novice ||May 2008 || [[Greece]]
|-valign="top"
|[[:Image:Hacking_The_World_With_Flash.ppt| Hacking The World With Flash (Paul Craig) ]] ||OWASP New Zealand chapter presentation on Flash security|| Intermediate ||April 2008 || [[New Zealand]]
|-valign="top"
|[[:Image:Web_spam_techniques.ppt| Web Spam Techniques (Roberto Suggi Liverani) ]] ||OWASP New Zealand chapter presentation on Web Spam Techniques|| Intermediate ||April 2008 || [[New Zealand]]
|-valign="top"
|[[:Image:Xpath_Injection.ppt| Xpath Injection Overview (Roberto Suggi Liverani) ]] ||OWASP New Zealand chapter presentation on Xpath Injection|| Intermediate ||February 2008 || [[New Zealand]]
|-valign="top"
|[[:Image:Owasp security4mobileJava.pdf| Dependability for Java Mobile Code (Pierre Parrend) ]] ||OWASP Swiss chapter presentation on Mobile Java Security || Expert ||July 2007 || [[Switzerland]]
|-valign="top"
|[[:Image:Trust Security Usability - v1.0.pdf|Trust, Security and Usability (Roger Carhuatocto) in Spanish]]||OWASP Spain chapter meeting (July'07) || Intermediate ||July 2007 || [[Spain]]
|-valign="top"
|[[:Image:OWASP-tratamiento_de_datos.pdf|Tratamiento seguro de datos en aplicaciones in Spanish]]||OWASP Spain chapter meeting (July'07) || Intermediate ||July 2007 || [[Spain]]
|-valign="top"
|[[:Image:Conferencia_OWASP.pdf|Ataques DoS en aplicaciones Web (Jaime Blasco Bermejo) in Spanish]]||OWASP Spain chapter meeting (July'07) || Intermediate ||July 2007 || [[Spain]]
|-valign="top"
|[[:Image:Seguridad en entornos financieros.pdf|Seguridad en entornos financierosPedro (Pedro Sánchez) in Spanish]]||OWASP Spain chapter meeting (July'07) || Intermediate ||July 2007 || [[Spain]]
|-valign="top"
|[[:Image:Java_Open_Review.ppt|Brian Chess from Fortify shared what's going on with the Java Open Source review project at the June NoVA OWASP meeting]] || Java Open Review || Intermediate ||June 2007 || [[Virginia (Northern Virginia)]]
|-valign="top"
|[[:Image:Bytecode_injection.ppt|Brian Chess from Fortify, presentation to NoVA OWASP chapter in June 2007.]] || Bytecode injection || Expert ||June 2007 || [[Virginia (Northern Virginia)]]
|-valign="top"
|[[:Image:Security at the VMM Layer - OWASP.ppt|Security at the VMM Layer by Ted Winograd]] || Security at the VMM Layer || Expert ||June 2007 || [[Virginia (Northern Virginia)]]
|-valign="top"
|[[:Image:KC June 2007 Evaluating and Tuning WAFs.pdf|Evaluating and Tuning Web Application Firewalls (Barry Archer)]] ||Presentation given at Kansas City June 2007 chapter meeting|| Intermediate ||June 2007 || [[Kansas City]]
|-valign="top"
|[[:Image:OWASP_SDL-IT.pdf|Microsoft Security Development Lifecycle for IT (Rob Labbé)]] ||Presentation by Rob Labbe at Ottawa OWASP Chapter|| Novice ||May 2007|| [[Ottawa]]
|-valign="top"
|[[:Image:OWASP_IL_7_Application_DOS.pdf|Application Denial of Service (Shaayy Cheen)]] ||Is it Really That Easy? Presentation given at the Israel Mini Conference in May 2007|| Intermediate ||May 2007 || [[Israel]]
|-valign="top"
|[[:Image:OWASP_IL_7_FuzzGuru.pdf|Fuzzing in Microsoft and FuzzGuru framework (John Neystadt)]] ||Presentation given at the Israel Mini Conference in May 2007|| Intermediate ||May 2007 || [[Israel]]
|-valign="top"
|[[:Image:OWASP_IL_7_AppSec_and_Beyond.pdf|Application Security, not just development (David Lewis)]] ||Presentation given at the Israel Mini Conference in May 2007|| Intermediate ||May 2007 || [[Israel]]
|-valign="top"
|[[:Image:OWASP IL 7 Overtaking Google Desktop.pdf|Overtaking Google Desktop, Leveraging XSS to Raise Havoc (Yair Amit)]] ||Presentation given at the Israel Mini Conference in May 2007|| Intermediate ||May 2007 || [[Israel]]
|-valign="top"
|[[:Image:OWASP IL 7 UnregisterAttackInSip.pdf|Unregister Attack in SIP (Anat Bremler-Barr, Ronit Halachmi-Bekel and Jussi Kangasharju)]] ||Presentation given at the Israel Mini Conference in May 2007|| Intermediate ||May 2007 || [[Israel]]
|-valign="top"
|[[:Image:OWASP IL 7 WAF Positive Security.pdf|Positive Security Model for Web Applications, Challenges and Promise (Ofer Shezaf)]] ||Presentation given at the Israel Mini Conference in May 2007|| Intermediate ||May 2007 || [[Israel]]
|-valign="top"
|[[:Image:OWASP IL 7 DOT NET Reverse Engineering.pdf|.NET Reverse Engineering (Erez Metula)]] ||Presentation given at the Israel Mini Conference in May 2007|| Expert ||May 2007 || [[Israel]]
|-valign="top"
|[[:Image:OWASP IL 7 OWASP Introduction.pdf|OWASP introduction (Ofer Shezaf)]] ||2nd OWASP IL mini conference at the Interdisciplinary Center (IDC) Herzliya|| Intermediate ||May 2007 || [[Israel]]
|-valign="top"
|[[:Image:OWASP BeLux 2007-06-22 Update on Internet Attack Statistics for Belgium in 2006.ppt|Update on Internet Attack Statistics for Belgium in 2006 by Hilar Leoste (Zone-H)]] || Update on Internet Attack Statistics for Belgium in 2006 || Novice ||May 2007 || [[Belgium]]
|-valign="top"
|[http://www.owasp.org/index.php/Image:InfoSec_World_2007_-_Web_services_gateways.ppt Securing Web Services using XML Security Gateways by Tim Bond] || Securing Web Services using XML Security Gateways || Intermediate ||May 2007 || [[Virginia (Northern Virginia)]]
|-valign="top"
|[http://www.owasp.org/index.php/Image:SwA_Acquisition_WG_-_Overview.ppt Software Assurance in the Acquisition Process by Stan Wisseman] || Software Assurance in the Acquisition Process || Intermediate ||May 2007 || [[Virginia (Northern Virginia)]]
|-valign="top"
|[http://www.owasp.org/index.php/Image:OWASP_BeLux_2007-05-10_Legal_Aspects_Jos_Dumortier.zip Legal Aspects of (Web) Application Security by Jos Dumortier] || Legal Aspects of (Web) Application Security || Intermediate ||May 2007 || [[Belgium|Belgium]]
|-valign="top"
|[http://www.owasp.org/index.php/Image:OWASP_BeLux_2007-05-10_AppSec_Research_Lieven_Desmet.zip AppSec Research (University Leuven Belgium)] || Formal absence of implementation bugs in web applications: a case study on indirect data sharing by Lieven Desmet || Expert ||May 2007 || [[Belgium|Belgium]]
|-valign="top"
|[[:Image:Scanner-Sparkly.ppt|A Scanner Sparkly]] || A Scanner Sparkly, taken from the Phoenix OWASP presentations on Application Security Tools, May 2007 || Intermediate ||May 2007 || [[Phoenix]]
|-valign="top"
|[[:Image:Owasp-lessonslearned.ppt|Grey Box Assessment Lessons Learned]] || "Grey Box Assessment Lessons Learned", taken from the Phoenix OWASP presentations, Application Security Tools, May 2007 || Intermediate ||May 2007 || [[Phoenix]]
|-valign="top"
|[http://www.owasp.org/index.php/Image:OWASP_BeLux_2007-05-10_OWASP_Update.zip OWASP Update and OWASP BeLux Board Presentation (Seba)] || OWASP Update and OWASP BeLux Board Presentation || Novice||May 2007 || [[Belgium|Belgium]]
|-valign="top"
|[[:Image:Security Metics- What can we measure- Zed Abbadi.pdf|Metics- What can we measure (Zed Abbadi)]] ||19 April NoVa chapter meeting presentation on Security Metrics || Novice ||April 2007 || [[Virginia (Northern Virginia)]]
|-valign="top"
|[[:Image:Web Services Hacking and Hardening.pdf| Web Services Hacking and Hardening (Adam Vincent) ]] ||3/8/07 NoVA chapter meeting, Adam Vincent from Layer7 || Expert ||March 2007 || [[Virginia (Northern Virginia)]]
|-valign="top"
|[http://www.owasp.org/index.php/Image:OWASP_BE_2007-01-23_OWASP_Update.zip OWASP Update (Seba)] || OWASP Update || Novice||Jan 2007 || [[Belgium|Belgium]]
|-valign="top"
|[http://www.owasp.org/images/f/fe/Pres_20070206_04_svetsch_xss_worms_owasp.zip XSS Worms (Sven Vetsch)] || XSS Worms || Intermediate ||Feb 2007 || [[Switzerland|Switzerland]]
|-valign="top"
|[http://www.owasp.org/index.php/Image:OWASP_BE_2007-01-23_OWASP_Update.zip OWASP Update (Seba)] || OWASP Update || Novice||Jan 2007 || [[Belgium|Belgium]]
|-valign="top"
|[http://www.owasp.org/index.php/Image:OWASP_BE_2007-01-23_WebGoat-Pantera.zip WebGoat and Pantera presentation (Philippe Bogaerts)] || WebGoat and Pantera presentation || Novice || Jan 2007 || [[Belgium|Belgium]]
|-valign="top"
|[http://www.owasp.org/index.php/Image:OWASP_BE_2007-01-23_AOP_security.zip Security implications of AOP for secure software (Bart De Win)] || Security implications of AOP for secure software || Expert || Jan 2007 || [[Belgium|Belgium]]
|-valign="top"
|[http://www.owasp.org/images/1/12/OWASP_Denver_Nov-06_presentation.ppt testing for common security flaws (David Byrne)] || testing for common security flaws || Intermediate || Nov 2006 || [[Denver|Denver]]
|-valign="top"
|[http://www.owasp.org/images/7/7c/Owasp-olli.pdf 40-ish slides on analyzing threats (Olli)] || Analyzing Threats || Novice || Dec 2006 || [[Helsinki|Helsinki]]
|-valign="top"
|[http://www.owasp.org/images/2/2c/KC_Dec2006_Attacking_The_App.pdf Attacking the Application (Dave Ferguson)] || Vulnerabilities, attacks and coding suggestions || Intermediate || Dec 2006 || [[Kansas City|Kansas City]]
|-valign="top"
|[http://www.owasp.org/images/6/6a/KC_Dec2006_Ajax_Security_Concerns.pdf Ajax Security Concerns (Rohini Sulatycki)] || Ajax Security Concerns || Intermediate ||Dec 2006 || [[Kansas City|Kansas City]]
|-valign="top"
|[http://www.owasp.org/images/8/8c/Anatomy_of_2_Web_App_Testing.zip Anatomy of 2 Web Application Testing (Matteo Meucci)] || Anatomy of 2 Web Application Testing || Intermediate || Mar 2006 || [[Italy|Italy]]

|-valign="top"

|[https://www.owasp.org/images/9/99/WTE-Cloud-Austin-2012-02.pdf Testing From the Cloud: Is the Sky Falling? ] || WTE Cloud-based Testing || Intermediate || Feb 2012 || [[Austin|Austin]]
|-valign="top"

|(Briechenstein Software Studio) || Open Web application Security Project|| Novice/Intermediate/Expert || 2012-10-05 || Chapter
|}

[[Category:OWASP Education Project]]
[[Category:OWASP Presentations]]
[[Category:Chapter Resources]]

Category:OWASP Education Project

2012-08-16T13:27:56Z

Briechenstein Software Studio:

OWASP Education Presentation

2012-05-30T18:08:41Z

Briechenstein Software Studio:

This page provide a commented overview of the OWASP presentations available.<br>
Please use the last line of the tables as template.<br>
Presentions can be tracked through:
* the [http://www.owasp.org/index.php/Category:OWASP_Presentations OWASP Presentations Category]
* [http://www.owasp.org/index.php/Category:OWASP_AppSec_Conference Past OWASP Conference agenda's]
* From the chapter pages
Everybody is encouraged to link the presentations and add their findings on this page !
There are currently hundreds of presentations all over the OWASP web site.
If you search google with “site:owasp.org filetype:ppt” there are 166 hits. “site:owasp.org filetype:pdf” returns 76.
Feel free to “mine” them and add them to the overview.

== OWASP Education Presentations ==
{|class="wikitable sortable" style="text-align: top;" border="1" cellpadding="2"
|+ OWASP Education Presentations
!width="30%" |Title
!width="40%" |Comment
!width="15%" |Level
!width="15%" |Date (yyyy-mm-dd)
|-valign="top"
|[[:Image:OWASP Overview Winter 2009v1.pptx|OWASP Overview Winter 2009]]|| Updated overview of OWASP || Novice || 2009-12-08
|-valign="top"
|[[:Image:Programa_de_Educacion_OWASP.ppt|Programa de Educacion OWASP]]|| Una introduccion a OWASP para Universidades y Centros Educativos por Fabio Cerullo|| Novice || 2009-03-20
|-valign="top"
|[[:Image:OWASP_Educational_Programme.ppt|OWASP Educational Programme]]|| An introduction to OWASP for Universities & Educational Institutions by Fabio Cerullo|| Novice || 2009-03-20
|-valign="top"
|[[:Image:OWASP Overview Summer 2009.pptx|OWASP Overview Summer 2009]]|| Recent overview of OWASP by Jeff Williams || Novice || 2009-08-25
|-valign="top"
|[[:Image:Education Module Why WebAppSec Matters.ppt|Why WebAppSec Matters]]|| This module explains why security should be considered when developping or deploying web applications as part of the [[:Category:OWASP Education Project|Education Project]] || Novice || 2007-11-01
|-valign="top"
|[[:Image:OWASP-Intro-2008-portuguese.ppt|OWASP Intro 2008 Portuguese]]|| Este módulo é uma intrudução sobre o projeto OWASP. || Novice || 2008-07-06
|-valign="top"
|[[:Image:Education Module OWASP Top 10 Introduction and Remedies.ppt|OWASP Top 10 Introduction and Remedies]]|| This module explains the OWASP Top 10 web application vulnerabilities as part of the [[:Category:OWASP Education Project|Education Project]] || Novice || 2007-11-01
|-valign="top"
|[[:Image:Education Module Embed within SDLC.ppt|Embed within SDLC]]|| This module explains the complete approach of Web Application Security when developping or deploying web applications as part of the [[:Category:OWASP Education Project|Education Project]] || Novice || 2007-11-01
|-valign="top"
|[[:Image:Education Module Good Secure Development Practices.ppt|Good Secure Development Practices]]|| This module explains some good secure development practices when developping or deploying web applications as part of the [[:Category:OWASP Education Project|Education Project]] || Novice || 2007-11-01
|-valign="top"
|[[:Image:Education Module Testing for Vulnerabilities.ppt|Testing for Vulnerabilities]]|| This module explains application security testing when developping or deploying web applications as part of the [[:Category:OWASP Education Project|Education Project]] || Novice || 2007-11-01
|-valign="top"
|[[:Image:Education Module Good WebAppSec Resources.ppt|Good WebAppSec Resources]]|| This module points you to some good web application security resources when developping or deploying web applications as part of the [[:Category:OWASP Education Project|Education Project]] || Novice || 2007-11-01
|-valign="top"
|Example (Briechenstein Software Studio) || OWASP Education Presentation|| Novice/Intermediate/Expert || 2012-10-05
|}

<br>

== OWASP Project Presentations ==
{|class="wikitable sortable" style="text-align: top;" border="1" cellpadding="2"
|+ OWASP Project Presentations
!width="30%" |Title
!width="40%" |Comment
!width="15%" |Level
!width="15%" |Date (yyyy-mm-dd)
|-valign="top"
|[[:Image:Germany 2008 Conference OWASP Introduction v1.pptx|OWASP Introduction]] || OWASP Overview presentation covering OWASP, project parade and OWASP near you. Given by Seba during the Germany 2008 Conference || Novice || 2008-11-25
|-valign="top"
|[[:Image:OWASP Foundation The story so far and beyond - Part 1.ppt|India08 Keynote - Part 1]] || OWASP Overview presentation. Part 1 of 2. Given by Dinis and Jason during the India08 Conference || Novice || 2008-08-16
|-valign="top"
|[[:Image:OWASP Foundation The story so far and beyond - Part 2.ppt|India08 Keynote - Part 2]] || OWASP Overview presentation. Part 2 of 2. Given by Dinis and Jason during the India08 Conference || Novice || 2008-08-16
|-valign="top"
|[[:Image:OWASP India - Tour of OWASP projects.ppt|Tour of OWASP’s projects]] || Given by Dinis and Jason during the India08 Conference || Novice || 2008-08-16
|-valign="top"
|[https://www.owasp.org/images/5/59/RISK_2008_OWASP_Introduction_v1.pptx OWASP @ RISK08 (Norway)] || OWASP introduction at Norway RISK2008 conference by Seba || Novice || 2008-04-23
|-valign="top"
|[[:Image:OWASP NY Keynote.ppt|OWASP NY Keynote by Jeff]] also available in [[:Image:20070620-FR-OWASP NY Keynote.ppt|French]]|| OWASP Overview presentation with slide "OWASP by the numbers" and slide with the sorry state of Tools (at best 45%) which caused some controverse || Novice || 2007-06-12
|-valign="top"
|[http://www.owasp.org/images/a/af/OWASP_Testing_Guide_Presentation.zip The OWASP Testing Guide (Jeff Williams)] || Overview of the OWASP Testing Guide || Novice || 2007-01-23
|-valign="top"
|[http://www.owasp.org/images/e/e9/OWASP_Testing_Guide_Presentation_EUSecWest07.zip The OWASP Testing Guide v2 EUSecWest07 (Matteo Meucci, Alberto Revelli)] || Presentation at EUSecWest07 || Intermediate || 2007-03-01
|-valign="top"
|[http://www.owasp.org/images/3/3c/OWASP_Flyer_Sep06.ppt OWASP Project Overview] || High level overview of projects and how OWASP works || Novice || 2006-09-19
|-valign="top"
|[http://www.owasp.org/images/4/49/OWASPAppSec2006Seattle_Security_Metrics.ppt The OWASP Application Security Metrics Project (Bob Austin)] || Presentation on the Application Security Metrics project || Novice || 2006-10-17
|-valign="top"
|[http://www.owasp.org/images/5/53/OWASPAppSecEU2006_CLASP_Project.ppt OWASP CLASP Project (Pravir Chandra)] || OWASP CLASP project presentation given at the 2006 European AppSec conference || Novice || 2006-05-30
|-valign="top"
|[http://www.owasp.org/images/3/30/OWASPAppSec2006Seattle_UsingSprajaxToTestAJAXSecurity.ppt Sprajax (Dan Cornell)] || OWASP Sprajax presentation given at the 2006 Seattle AppSec conference || Intermediate || 2006-10-17
|-valign="top"
|Example (Briechenstein Software Studio || Software Architect || Novice/Intermediate/Expert || 2012-10-05
|}

<br>

== OWASP Conference Presentations ==
{|class="wikitable sortable" style="text-align: top;" border="1" cellpadding="2"
|+ OWASP Conference Presentations
!width="30%" | Title
!width="40%" | Comment
!width="15%" | Level
!width="15%" |Date (yyyy-mm-dd)

|-valign="top"
|[[:Image:OWASPAppSec2007Milan ModSecurityCoreRuleSet.ppt | Mod Security Core Rule Set (Ofer Shezaf)]] ||Ofer Shezaf's presentation on the Core Ruleset for the latest version of ModSecurity presented at 6th OWASP AppSec conference in Milan, Italy, in May 2007.|| Intermediate || 2007-05-16
|-valign="top"
|[[:Image:OWASPAppSec2007Milan OWASPTestingGuide2v1.ppt | OWASP Testing Guide v2.1 (Matteo Meucci)]] ||Matteo Meucci's presentation on the OWASP Testing Guide v2 at the 6th OWASP AppSec conference in Milan, Italy in May 2007. || Intermediate || 2007-05-16
|-valign="top"
|[[:Image:OWASPAppSec2007Milan CLASP.ppt | CLASP (Pravir Chandra)]] ||Pravir Chandra's presentation on the upcoming 2007 update to CLASP presented at 6th OWASP AppSec conference in Milan, Italy in May 2007. || Intermediate || 2007-05-16
|-valign="top"
|[[:Image:OWASPAppSec2007Milan AdvancedWebHacking.ppt | Advanced Web Hacking (PDP)]] ||PDPs presentation at the 6th OWASP AppSec conference in Milan, Italy in May 2007. || Expert || 2007-05-16
|-valign="top"
|[[:Image:OWASPAppSec2007Milan XMLSecurityGatewayEvalCriteria.ppt | XML Security Gateway Evaluation Criteria (Gunnar Peterson)]] ||Gunnar Peterson's presentation about the new XML Security Gateway Evaluation Criteria project at 6th OWASP AppSec conference in Milan, Italy in May 2007. || Intermediate || 2007-05-16
|-valign="top"
|[[:Image:OWASPAppSec2007Milan TestingFlashApplications.ppt | Testing Flash Applications (Stephano Di Paolo)]] ||Stephano Di Paolo's presentation on how to test Flash applications presented at the 6th OWASP AppSec conference in Milan, Italy in May 2007. || Expert|| 2007-05-16
|-valign="top"
|[[:Image:OWASPAppSec2007Milan OvertakingGoogleDesktop.ppt | Overtaking Google Desktop (Yair Amit)]] ||Yair Amit's presentation on XSS Flaws in Google Desktop that can be exploited through google.com presented at 6th OWASP AppSec conference in Milan, Italy in May 2007. || Expert || 2007-05-16
|-valign="top"
|[[:Image:OWASPAppSec2007Milan MS ACETeamAppSecfromTheCore.ppt | ACE Team Application Security from the Core (Simon Roses Femerling)]] ||Simon Roses Femerling's presentation on the Microsoft ACE team's application security process at the 6th OWASP AppSec conference in Milan, Italy in May 2007. || Intermediate || 2007-05-16
|-valign="top"
|[[:Image:OWASPAppSec2007Milan Pantera.ppt | Pantera (Simon Roses Femerling)]] ||Simon Roses Femerling's presentation on the new OWASP tool Pantera at the 6th OWASP AppSec conference in Milan, Italy in May 2007. || Intermediate || 2007-05-16
|-valign="top"
|[[:Image:OWASPAppSec2007Milan ProtectingWebAppsfromUniversalPDFXSS.ppt | Protecting Web applications from universal PDF XSS (Ivan Ristic)]] ||Ivan Ristic's Universal XSS PDF presentation at 6th OWASP AppSec conference in Milan, Italy in May 2007. || Intermediate || 2007-05-16
|-valign="top"
|[[:Image:OWASPAppSec2007Milan SoftwareSecurity.ppt | Software Security (Rudolph Araujo)]] ||Rudolph Araujo's presentation on Application Security best practices at the 6th OWASP AppSec conference in Milan Italy, May 2007. || Intermediate || 2007-05-16
|-valign="top"
|[[:Image:OWASPAppSec2007Milan WebGoatv5.ppt | WebGoat v5 (Dave Wichers)]] ||WebGoat v5 presentation by Dave Wichers at the 6th OWASP AppSec Conference in Milan, Italy, May 2007. || Intermediate || 2007-05-16
|-valign="top"
|[[:Image:OWASPAppSec2007Milan WebScarabNG.ppt | WebScarab NG (Dave Wichers)]] ||Description of the new WebScarab-NG efforts presented by Dave Wichers at the 6th OWASP AppSec conference in Milan, Italy in May 2007.|| Intermediate || 2007-05-16
|-valign="top"
|[[:Image:OWASPAppSec2007Milan SANS SPSA Initiative.ppt | SANS SPSA Initiative (Dave Wichers)]] ||Description of the SANS Secure Coding Exam Initiative presented by Dave Wichers at the 6th OWASP AppSec conference in Milan Italy, May 2007.|| Novice || 2007-05-16
|-valign="top"
|[[:Image:OWASPAppSec2007Milan OWASPItalyActivities.ppt | OWASP Italy Activities (Raoul Chiesa)]] ||Raoul Chiesa's keynote for day 2 of the 6th OWASP AppSec conference on the state of application security in Italy including OWASP's activities in that country.|| Novice || 2007-05-16
|-valign="top"
|[[:Image:OWASPAppSec2007Milan SecurityEngineeringInVista.ppt | Security engineering in Vista (Alex Lucas)]] ||Alex Lucas' from Microsoft's keynote presentation for Day 1 of the 6th OWASP AppSec conference in Milan on the benefits of Microsoft's SDL to the security of Vista. || Intermediate || 2007-05-16
|-valign="top"
|[http://www.owasp.org/images/5/5f/OWASPAppSec2006Seattle_SecurityEngineeringInVista.ppt How the Security Development Lifecycle(SDL) Improved Windows Vista (Michael Howard)] || Michael Howard's talk on SDL from the OWASP Seattle AppSec Conference in 2006 || Intermediate || 2006-10-18
|-valign="top"
|[http://www.owasp.org/images/3/34/OWASPAppSecEU2006_Bootstrapping_the_Application_Assurance_Process.ppt Bootstrapping the Application Assurance Process (Sebastien Deleersnyder)] || Presentation given during the European 2006 AppSec conference on the application assurance process || Novice || 2006-05-30
|-valign="top"
|[http://www.owasp.org/images/8/8b/OWASPAppSecEU2006_InlineApproachforSecureSOAPRequests.ppt Inline Approach for Secure SOAP Requests and Early Validation (Mohammad Ashiqur Rahaman, Maartin Rits and Andreas Schaad SAP Research, Sophia Antipolis, France)] || Presentation given at the European 2006 AppSec conference about security and soap message structure issues || Intermediate || 2006-05-31
|-valign="top"
|[http://www.owasp.org/images/9/9c/OWASPAppSecEU2006_WAFs_WhenAreTheyUseful.ppt Web Application Firewalls:When Are They Useful? (Ivan Ristic)] || Presentation about Web Application Firewalls || Novice || 2006-05-31
|-valign="top"
|[http://www.owasp.org/images/1/1a/OWASPAppSecEU2006_HTTPMessageSplittingSmugglingEtc.ppt HTTP Message Splitting, Smuggling and Other Animals (Amit Klein)] || A presentation about Message splitting other attacks around the HTTP protocol || Intermediate || 2006-05-31
|-valign="top"
|[http://www.owasp.org/images/f/f6/OWASPAppSec2006Seattle_WebAppForensics.ppt Web Application Incident Response & Forensics: A Whole New Ball Game! (Rohyt Belani & Chuck Willis)] || Talk about Web Application Security incident handling and forensics given at the OWASP 2006 Seattle AppSec conference || Intermediate || 2006-10-18
|-valign="top"
|[http://www.owasp.org/images/d/d2/OWASPAppSecEU2006_CanTestingToolsReallyFindOWASPTop10.ppt Can (Automated) Testing Tools Really Find the OWASP Top 10? (Erwin Geirnaert) ] || A talk about how automated testing tools stack up against the OWASP top 10 || Intermediate || 2006-05-30
|-valign="top"
|[http://www.owasp.org/images/2/28/OWASPAppSecEU2006_RequestRodeo.ppt RequestRodeo: Client Side Protection against Session Riding (Martin Johns / Justus Winter)] || Presentation given about how Sessions can be hi-jacked, etc... || Novice || 2006-05-31
|-valign="top"
|[http://www.owasp.org/images/6/62/OWASPAppSecEU2006_SecurityTestingthruAutomatedSWTests.ppt Security Testing through Automated Software Tests (Stephen de Vries)] || Presentation given at the 2006 EuSec conference || Intermediate || 2006-05-31
|-valign="top"
|[http://www.owasp.org/images/0/0e/AppSec2005DC-Jeremy_Poteet-In_the_Line_of_Fire.ppt In the Line of Fire: Defending Highly Visible Targets (Jeremy Poteet)] || Conference given at the 2005 DC AppSec conference || Novice || 2005-10-1
|-valign="top"
|[http://www.owasp.org/images/9/93/AppSec2005DC-Matt_Fisher-Google_Hacking_and_Worms.ppt Google Hacking and Web Application Worms (Matt Fisher)] || Talk given at the 2005 DC AppSec conference || Novice || 2005-10-01
|-valign="top"
|[http://www.owasp.org/images/0/05/AppSec2005DC-Anthony_Canike-Enterprise_AppSec_Program.ppt Establishing an Enterprise Application Security Program (Tony Canike)] || Talk given at the 2005 DC AppSec Conference || Novice || 2005-10-01
|-valign="top"
|[https://owasp.org/images/0/0d/OWASPAppSec2006Seattle_Why_AJAX_Applications_More_Likely_Insecure.ppt Why AJAX Applications Are Far More Likely To Be Insecure (And What To Do About It) (Dave Wichers)] || Dave's talk on AJAX given at the Seattle 2006 AppSec conference || Intermediate || 2006-10-01
|-valign="top"
|Example (Briechenstein Software Studio) || BSSOWSORP-OWASP || Novice/Intermediate/Expert || 2012-10-05
|}

<br>

== Web Application Security Presentations ==
{|class="wikitable sortable" style="text-align: top;" border="1" cellpadding="2"
|+ Web Application Security Presentations
!width="30%" |Title
!width="40%" |Comment
!width="15%" |Level
!width="15%" |Date (yyyy-mm-dd)
|-valign="top"
|[[:Image:Protecting Web Applications from Universal PDF XSS.ppt| Universal PDF XSS by Ivan Ristic]] || Protecting Web Applications from Universal PDF XSS || Intermediate || 2007-06-28
|-valign="top"
|[[:Image:IdM-OWASP.v.0.2.14.pdf|Identity Management Basics (Derek Brown)]] ||Identity Management Basics|| Novice || 2007-05-09
|-valign="top"
|[[http://www.owasp.org/images/7/74/Advanced_SQL_Injection.ppt Advanced SQL Injection (Victor Chapela)] || Detailed methodology for analyzing applications for SQL injection vulnerabilities || Expert || 2005-11-04
|-valign="top"
|[[http://www.owasp.org/images/7/7d/Advanced_Topics_on_SQL_Injection_Protection.ppt Advanced Topics on SQL Injection Protection (Sam NG)] || 7 methods to prevent SQL injection attacks correctly and in a more integrated approach. Methods 1 to 3 are applicable during design or development life cycle. Method 4 is mainly from QA’s perspective. Methods 5 and 6 can be applied to production environment and are applicable even if you do not have access to or if you cannot change the source code. Other non-main stream technology are discussed in Method 7. || Intermediate || 2006-02-27
|-valign="top"
|[[http://www.owasp.org/images/d/d1/AppSec2005DC-Alex_Stamos-Attacking_Web_Services.ppt Attacking Web Services (Alex Stamos)] || Web Services Introduction and Attacks || Intermediate || 2005-10-11
|-valign="top"
|[http://www.owasp.org/images/7/72/MMS_Spoofing.ppt MMS Spoofing (Matteo Meucci)] || A Case-study of a vulnerable web application || Intermediate
|-valign="top"
|[http://www.owasp.org/images/f/f9/OWASPAppSecEU2006_AJAX_Security.ppt Ajax Security (Andrew van der Stock)] || Presentation on Ajax security for OWASP AppSec Europe 2006 || Intermediate || 2006-05-30
|-valign="top"
|[http://www.owasp.org/images/3/3a/OWASPAppSec2006Seattle_Web_Services_Security.ppt Advanced Web Services Security & Hacking (Justin Derry)] || Presentation given on Webservice security at the Seattle 2006 AppSec conference || Intermediate || 2006-10-18
|-valign="top"
|[http://www.owasp.org/images/f/f6/Integration_into_the_SDLC.ppt Integration into the SDLC (Eoin Keary)] || A presentation about why and how to integrate the SDLC. || Novice || 2005-04-09
|-valign="top"
|Example (Briechenstein Software Studio) || Freelance Contractor|| Novice/Intermediate/Expert || 2012-10-05
|}

<br>

== Chapter Presentations ==
{|class="wikitable sortable" style="text-align: top;" border="1" cellpadding="2"
|+ Chapter Presentations
!width="30%" |Title
!width="30%" |Comment
!width="10%" |Level
!width="10%" |Month (Mon-yyyy)
!width="10%" |Chapter

|-valign="top"
|[[:Image:Common_Application_Flaws.ppt| Common Application Flaws (Brett Moore) ]] ||OWASP New Zealand chapter presentation on Common Application Flaws|| Novice/Intermediate ||November 2008 || [[New Zealand]]
|-valign="top"
|[[:Image:Time_Based_SQL_Injections.ppt| Time Based SQL Injections (Muhaimin Dzulfakar) ]] ||OWASP New Zealand chapter presentation on Time Based SQL Injections|| Intermediate ||September 2008 || [[New Zealand]]
|-valign="top"
|[[:Image:Browser_security.ppt| Browser Security (Roberto Suggi Liverani) ]] ||OWASP New Zealand chapter presentation on Browser Security|| Intermediate ||September 2008 || [[New Zealand]]
|-valign="top"
|[[:Image:OWASP_CMH_SQLInjection__20080707.zip| 7/7/2008 SQL Injection (Columbus, OH)]] || SQL Injection Presentation given at the Columbus, OH OWASP Chapter Meeting. Powerpoint, derby DB, and applicable java code. || Novice / Intermediate || July 2008 || [[Columbus]]
|-valign="top"
|[[:Image:OWASP_ellak-Greece.ppt| Detecting Web Application Vulnerabilities Using Open Source Means (Konstantinos Papapanagiotou) ]] ||OWASP Greek Chapter presentation given at the Open Source Software (FLOSS) Conference in Athens|| Novice ||May 2008 || [[Greece]]
|-valign="top"
|[[:Image:Hacking_The_World_With_Flash.ppt| Hacking The World With Flash (Paul Craig) ]] ||OWASP New Zealand chapter presentation on Flash security|| Intermediate ||April 2008 || [[New Zealand]]
|-valign="top"
|[[:Image:Web_spam_techniques.ppt| Web Spam Techniques (Roberto Suggi Liverani) ]] ||OWASP New Zealand chapter presentation on Web Spam Techniques|| Intermediate ||April 2008 || [[New Zealand]]
|-valign="top"
|[[:Image:Xpath_Injection.ppt| Xpath Injection Overview (Roberto Suggi Liverani) ]] ||OWASP New Zealand chapter presentation on Xpath Injection|| Intermediate ||February 2008 || [[New Zealand]]
|-valign="top"
|[[:Image:Owasp security4mobileJava.pdf| Dependability for Java Mobile Code (Pierre Parrend) ]] ||OWASP Swiss chapter presentation on Mobile Java Security || Expert ||July 2007 || [[Switzerland]]
|-valign="top"
|[[:Image:Trust Security Usability - v1.0.pdf|Trust, Security and Usability (Roger Carhuatocto) in Spanish]]||OWASP Spain chapter meeting (July'07) || Intermediate ||July 2007 || [[Spain]]
|-valign="top"
|[[:Image:OWASP-tratamiento_de_datos.pdf|Tratamiento seguro de datos en aplicaciones in Spanish]]||OWASP Spain chapter meeting (July'07) || Intermediate ||July 2007 || [[Spain]]
|-valign="top"
|[[:Image:Conferencia_OWASP.pdf|Ataques DoS en aplicaciones Web (Jaime Blasco Bermejo) in Spanish]]||OWASP Spain chapter meeting (July'07) || Intermediate ||July 2007 || [[Spain]]
|-valign="top"
|[[:Image:Seguridad en entornos financieros.pdf|Seguridad en entornos financierosPedro (Pedro Sánchez) in Spanish]]||OWASP Spain chapter meeting (July'07) || Intermediate ||July 2007 || [[Spain]]
|-valign="top"
|[[:Image:Java_Open_Review.ppt|Brian Chess from Fortify shared what's going on with the Java Open Source review project at the June NoVA OWASP meeting]] || Java Open Review || Intermediate ||June 2007 || [[Virginia (Northern Virginia)]]
|-valign="top"
|[[:Image:Bytecode_injection.ppt|Brian Chess from Fortify, presentation to NoVA OWASP chapter in June 2007.]] || Bytecode injection || Expert ||June 2007 || [[Virginia (Northern Virginia)]]
|-valign="top"
|[[:Image:Security at the VMM Layer - OWASP.ppt|Security at the VMM Layer by Ted Winograd]] || Security at the VMM Layer || Expert ||June 2007 || [[Virginia (Northern Virginia)]]
|-valign="top"
|[[:Image:KC June 2007 Evaluating and Tuning WAFs.pdf|Evaluating and Tuning Web Application Firewalls (Barry Archer)]] ||Presentation given at Kansas City June 2007 chapter meeting|| Intermediate ||June 2007 || [[Kansas City]]
|-valign="top"
|[[:Image:OWASP_SDL-IT.pdf|Microsoft Security Development Lifecycle for IT (Rob Labbé)]] ||Presentation by Rob Labbe at Ottawa OWASP Chapter|| Novice ||May 2007|| [[Ottawa]]
|-valign="top"
|[[:Image:OWASP_IL_7_Application_DOS.pdf|Application Denial of Service (Shaayy Cheen)]] ||Is it Really That Easy? Presentation given at the Israel Mini Conference in May 2007|| Intermediate ||May 2007 || [[Israel]]
|-valign="top"
|[[:Image:OWASP_IL_7_FuzzGuru.pdf|Fuzzing in Microsoft and FuzzGuru framework (John Neystadt)]] ||Presentation given at the Israel Mini Conference in May 2007|| Intermediate ||May 2007 || [[Israel]]
|-valign="top"
|[[:Image:OWASP_IL_7_AppSec_and_Beyond.pdf|Application Security, not just development (David Lewis)]] ||Presentation given at the Israel Mini Conference in May 2007|| Intermediate ||May 2007 || [[Israel]]
|-valign="top"
|[[:Image:OWASP IL 7 Overtaking Google Desktop.pdf|Overtaking Google Desktop, Leveraging XSS to Raise Havoc (Yair Amit)]] ||Presentation given at the Israel Mini Conference in May 2007|| Intermediate ||May 2007 || [[Israel]]
|-valign="top"
|[[:Image:OWASP IL 7 UnregisterAttackInSip.pdf|Unregister Attack in SIP (Anat Bremler-Barr, Ronit Halachmi-Bekel and Jussi Kangasharju)]] ||Presentation given at the Israel Mini Conference in May 2007|| Intermediate ||May 2007 || [[Israel]]
|-valign="top"
|[[:Image:OWASP IL 7 WAF Positive Security.pdf|Positive Security Model for Web Applications, Challenges and Promise (Ofer Shezaf)]] ||Presentation given at the Israel Mini Conference in May 2007|| Intermediate ||May 2007 || [[Israel]]
|-valign="top"
|[[:Image:OWASP IL 7 DOT NET Reverse Engineering.pdf|.NET Reverse Engineering (Erez Metula)]] ||Presentation given at the Israel Mini Conference in May 2007|| Expert ||May 2007 || [[Israel]]
|-valign="top"
|[[:Image:OWASP IL 7 OWASP Introduction.pdf|OWASP introduction (Ofer Shezaf)]] ||2nd OWASP IL mini conference at the Interdisciplinary Center (IDC) Herzliya|| Intermediate ||May 2007 || [[Israel]]
|-valign="top"
|[[:Image:OWASP BeLux 2007-06-22 Update on Internet Attack Statistics for Belgium in 2006.ppt|Update on Internet Attack Statistics for Belgium in 2006 by Hilar Leoste (Zone-H)]] || Update on Internet Attack Statistics for Belgium in 2006 || Novice ||May 2007 || [[Belgium]]
|-valign="top"
|[http://www.owasp.org/index.php/Image:InfoSec_World_2007_-_Web_services_gateways.ppt Securing Web Services using XML Security Gateways by Tim Bond] || Securing Web Services using XML Security Gateways || Intermediate ||May 2007 || [[Virginia (Northern Virginia)]]
|-valign="top"
|[http://www.owasp.org/index.php/Image:SwA_Acquisition_WG_-_Overview.ppt Software Assurance in the Acquisition Process by Stan Wisseman] || Software Assurance in the Acquisition Process || Intermediate ||May 2007 || [[Virginia (Northern Virginia)]]
|-valign="top"
|[http://www.owasp.org/index.php/Image:OWASP_BeLux_2007-05-10_Legal_Aspects_Jos_Dumortier.zip Legal Aspects of (Web) Application Security by Jos Dumortier] || Legal Aspects of (Web) Application Security || Intermediate ||May 2007 || [[Belgium|Belgium]]
|-valign="top"
|[http://www.owasp.org/index.php/Image:OWASP_BeLux_2007-05-10_AppSec_Research_Lieven_Desmet.zip AppSec Research (University Leuven Belgium)] || Formal absence of implementation bugs in web applications: a case study on indirect data sharing by Lieven Desmet || Expert ||May 2007 || [[Belgium|Belgium]]
|-valign="top"
|[[:Image:Scanner-Sparkly.ppt|A Scanner Sparkly]] || A Scanner Sparkly, taken from the Phoenix OWASP presentations on Application Security Tools, May 2007 || Intermediate ||May 2007 || [[Phoenix]]
|-valign="top"
|[[:Image:Owasp-lessonslearned.ppt|Grey Box Assessment Lessons Learned]] || "Grey Box Assessment Lessons Learned", taken from the Phoenix OWASP presentations, Application Security Tools, May 2007 || Intermediate ||May 2007 || [[Phoenix]]
|-valign="top"
|[http://www.owasp.org/index.php/Image:OWASP_BeLux_2007-05-10_OWASP_Update.zip OWASP Update and OWASP BeLux Board Presentation (Seba)] || OWASP Update and OWASP BeLux Board Presentation || Novice||May 2007 || [[Belgium|Belgium]]
|-valign="top"
|[[:Image:Security Metics- What can we measure- Zed Abbadi.pdf|Metics- What can we measure (Zed Abbadi)]] ||19 April NoVa chapter meeting presentation on Security Metrics || Novice ||April 2007 || [[Virginia (Northern Virginia)]]
|-valign="top"
|[[:Image:Web Services Hacking and Hardening.pdf| Web Services Hacking and Hardening (Adam Vincent) ]] ||3/8/07 NoVA chapter meeting, Adam Vincent from Layer7 || Expert ||March 2007 || [[Virginia (Northern Virginia)]]
|-valign="top"
|[http://www.owasp.org/index.php/Image:OWASP_BE_2007-01-23_OWASP_Update.zip OWASP Update (Seba)] || OWASP Update || Novice||Jan 2007 || [[Belgium|Belgium]]
|-valign="top"
|[http://www.owasp.org/images/f/fe/Pres_20070206_04_svetsch_xss_worms_owasp.zip XSS Worms (Sven Vetsch)] || XSS Worms || Intermediate ||Feb 2007 || [[Switzerland|Switzerland]]
|-valign="top"
|[http://www.owasp.org/index.php/Image:OWASP_BE_2007-01-23_OWASP_Update.zip OWASP Update (Seba)] || OWASP Update || Novice||Jan 2007 || [[Belgium|Belgium]]
|-valign="top"
|[http://www.owasp.org/index.php/Image:OWASP_BE_2007-01-23_WebGoat-Pantera.zip WebGoat and Pantera presentation (Philippe Bogaerts)] || WebGoat and Pantera presentation || Novice || Jan 2007 || [[Belgium|Belgium]]
|-valign="top"
|[http://www.owasp.org/index.php/Image:OWASP_BE_2007-01-23_AOP_security.zip Security implications of AOP for secure software (Bart De Win)] || Security implications of AOP for secure software || Expert || Jan 2007 || [[Belgium|Belgium]]
|-valign="top"
|[http://www.owasp.org/images/1/12/OWASP_Denver_Nov-06_presentation.ppt testing for common security flaws (David Byrne)] || testing for common security flaws || Intermediate || Nov 2006 || [[Denver|Denver]]
|-valign="top"
|[http://www.owasp.org/images/7/7c/Owasp-olli.pdf 40-ish slides on analyzing threats (Olli)] || Analyzing Threats || Novice || Dec 2006 || [[Helsinki|Helsinki]]
|-valign="top"
|[http://www.owasp.org/images/2/2c/KC_Dec2006_Attacking_The_App.pdf Attacking the Application (Dave Ferguson)] || Vulnerabilities, attacks and coding suggestions || Intermediate || Dec 2006 || [[Kansas City|Kansas City]]
|-valign="top"
|[http://www.owasp.org/images/6/6a/KC_Dec2006_Ajax_Security_Concerns.pdf Ajax Security Concerns (Rohini Sulatycki)] || Ajax Security Concerns || Intermediate ||Dec 2006 || [[Kansas City|Kansas City]]
|-valign="top"
|[http://www.owasp.org/images/8/8c/Anatomy_of_2_Web_App_Testing.zip Anatomy of 2 Web Application Testing (Matteo Meucci)] || Anatomy of 2 Web Application Testing || Intermediate || Mar 2006 || [[Italy|Italy]]

|-valign="top"

|[https://www.owasp.org/images/9/99/WTE-Cloud-Austin-2012-02.pdf Testing From the Cloud: Is the Sky Falling? ] || WTE Cloud-based Testing || Intermediate || Feb 2012 || [[Austin|Austin]]
|-valign="top"

|Example (Briechenstein Software Studio) || Open Web application Security Project|| Novice/Intermediate/Expert || 2012-10-05 || Chapter
|}

[[Category:OWASP Education Project]]
[[Category:OWASP Presentations]]
[[Category:Chapter Resources]]

OWASP Education Presentation

2012-05-30T18:04:21Z

Briechenstein Software Studio:

This page provide a commented overview of the OWASP presentations available.<br>
Please use the last line of the tables as template.<br>
Presentions can be tracked through:
* the [http://www.owasp.org/index.php/Category:OWASP_Presentations OWASP Presentations Category]
* [http://www.owasp.org/index.php/Category:OWASP_AppSec_Conference Past OWASP Conference agenda's]
* From the chapter pages
Everybody is encouraged to link the presentations and add their findings on this page !
There are currently hundreds of presentations all over the OWASP web site.
If you search google with “site:owasp.org filetype:ppt” there are 166 hits. “site:owasp.org filetype:pdf” returns 76.
Feel free to “mine” them and add them to the overview.

== OWASP Education Presentations ==
{|class="wikitable sortable" style="text-align: top;" border="1" cellpadding="2"
|+ OWASP Education Presentations
!width="30%" |Title
!width="40%" |Comment
!width="15%" |Level
!width="15%" |Date (yyyy-mm-dd)
|-valign="top"
|[[:Image:OWASP Overview Winter 2009v1.pptx|OWASP Overview Winter 2009]]|| Updated overview of OWASP || Novice || 2009-12-08
|-valign="top"
|[[:Image:Programa_de_Educacion_OWASP.ppt|Programa de Educacion OWASP]]|| Una introduccion a OWASP para Universidades y Centros Educativos por Fabio Cerullo|| Novice || 2009-03-20
|-valign="top"
|[[:Image:OWASP_Educational_Programme.ppt|OWASP Educational Programme]]|| An introduction to OWASP for Universities & Educational Institutions by Fabio Cerullo|| Novice || 2009-03-20
|-valign="top"
|[[:Image:OWASP Overview Summer 2009.pptx|OWASP Overview Summer 2009]]|| Recent overview of OWASP by Jeff Williams || Novice || 2009-08-25
|-valign="top"
|[[:Image:Education Module Why WebAppSec Matters.ppt|Why WebAppSec Matters]]|| This module explains why security should be considered when developping or deploying web applications as part of the [[:Category:OWASP Education Project|Education Project]] || Novice || 2007-11-01
|-valign="top"
|[[:Image:OWASP-Intro-2008-portuguese.ppt|OWASP Intro 2008 Portuguese]]|| Este módulo é uma intrudução sobre o projeto OWASP. || Novice || 2008-07-06
|-valign="top"
|[[:Image:Education Module OWASP Top 10 Introduction and Remedies.ppt|OWASP Top 10 Introduction and Remedies]]|| This module explains the OWASP Top 10 web application vulnerabilities as part of the [[:Category:OWASP Education Project|Education Project]] || Novice || 2007-11-01
|-valign="top"
|[[:Image:Education Module Embed within SDLC.ppt|Embed within SDLC]]|| This module explains the complete approach of Web Application Security when developping or deploying web applications as part of the [[:Category:OWASP Education Project|Education Project]] || Novice || 2007-11-01
|-valign="top"
|[[:Image:Education Module Good Secure Development Practices.ppt|Good Secure Development Practices]]|| This module explains some good secure development practices when developping or deploying web applications as part of the [[:Category:OWASP Education Project|Education Project]] || Novice || 2007-11-01
|-valign="top"
|[[:Image:Education Module Testing for Vulnerabilities.ppt|Testing for Vulnerabilities]]|| This module explains application security testing when developping or deploying web applications as part of the [[:Category:OWASP Education Project|Education Project]] || Novice || 2007-11-01
|-valign="top"
|[[:Image:Education Module Good WebAppSec Resources.ppt|Good WebAppSec Resources]]|| This module points you to some good web application security resources when developping or deploying web applications as part of the [[:Category:OWASP Education Project|Education Project]] || Novice || 2007-11-01
|-valign="top"
|Example (Briechenstein Software Studio) || OWASP Education Presentation|| Novice/Intermediate/Expert || 2012-05-10
|}

<br>

== OWASP Project Presentations ==
{|class="wikitable sortable" style="text-align: top;" border="1" cellpadding="2"
|+ OWASP Project Presentations
!width="30%" |Title
!width="40%" |Comment
!width="15%" |Level
!width="15%" |Date (yyyy-mm-dd)
|-valign="top"
|[[:Image:Germany 2008 Conference OWASP Introduction v1.pptx|OWASP Introduction]] || OWASP Overview presentation covering OWASP, project parade and OWASP near you. Given by Seba during the Germany 2008 Conference || Novice || 2008-11-25
|-valign="top"
|[[:Image:OWASP Foundation The story so far and beyond - Part 1.ppt|India08 Keynote - Part 1]] || OWASP Overview presentation. Part 1 of 2. Given by Dinis and Jason during the India08 Conference || Novice || 2008-08-16
|-valign="top"
|[[:Image:OWASP Foundation The story so far and beyond - Part 2.ppt|India08 Keynote - Part 2]] || OWASP Overview presentation. Part 2 of 2. Given by Dinis and Jason during the India08 Conference || Novice || 2008-08-16
|-valign="top"
|[[:Image:OWASP India - Tour of OWASP projects.ppt|Tour of OWASP’s projects]] || Given by Dinis and Jason during the India08 Conference || Novice || 2008-08-16
|-valign="top"
|[https://www.owasp.org/images/5/59/RISK_2008_OWASP_Introduction_v1.pptx OWASP @ RISK08 (Norway)] || OWASP introduction at Norway RISK2008 conference by Seba || Novice || 2008-04-23
|-valign="top"
|[[:Image:OWASP NY Keynote.ppt|OWASP NY Keynote by Jeff]] also available in [[:Image:20070620-FR-OWASP NY Keynote.ppt|French]]|| OWASP Overview presentation with slide "OWASP by the numbers" and slide with the sorry state of Tools (at best 45%) which caused some controverse || Novice || 2007-06-12
|-valign="top"
|[http://www.owasp.org/images/a/af/OWASP_Testing_Guide_Presentation.zip The OWASP Testing Guide (Jeff Williams)] || Overview of the OWASP Testing Guide || Novice || 2007-01-23
|-valign="top"
|[http://www.owasp.org/images/e/e9/OWASP_Testing_Guide_Presentation_EUSecWest07.zip The OWASP Testing Guide v2 EUSecWest07 (Matteo Meucci, Alberto Revelli)] || Presentation at EUSecWest07 || Intermediate || 2007-03-01
|-valign="top"
|[http://www.owasp.org/images/3/3c/OWASP_Flyer_Sep06.ppt OWASP Project Overview] || High level overview of projects and how OWASP works || Novice || 2006-09-19
|-valign="top"
|[http://www.owasp.org/images/4/49/OWASPAppSec2006Seattle_Security_Metrics.ppt The OWASP Application Security Metrics Project (Bob Austin)] || Presentation on the Application Security Metrics project || Novice || 2006-10-17
|-valign="top"
|[http://www.owasp.org/images/5/53/OWASPAppSecEU2006_CLASP_Project.ppt OWASP CLASP Project (Pravir Chandra)] || OWASP CLASP project presentation given at the 2006 European AppSec conference || Novice || 2006-05-30
|-valign="top"
|[http://www.owasp.org/images/3/30/OWASPAppSec2006Seattle_UsingSprajaxToTestAJAXSecurity.ppt Sprajax (Dan Cornell)] || OWASP Sprajax presentation given at the 2006 Seattle AppSec conference || Intermediate || 2006-10-17
|-valign="top"
|Example (Briechenstein Software Studio || Software Architect || Novice/Intermediate/Expert || 2012-05-10
|}

<br>

== OWASP Conference Presentations ==
{|class="wikitable sortable" style="text-align: top;" border="1" cellpadding="2"
|+ OWASP Conference Presentations
!width="30%" | Title
!width="40%" | Comment
!width="15%" | Level
!width="15%" |Date (yyyy-mm-dd)

|-valign="top"
|[[:Image:OWASPAppSec2007Milan ModSecurityCoreRuleSet.ppt | Mod Security Core Rule Set (Ofer Shezaf)]] ||Ofer Shezaf's presentation on the Core Ruleset for the latest version of ModSecurity presented at 6th OWASP AppSec conference in Milan, Italy, in May 2007.|| Intermediate || 2007-05-16
|-valign="top"
|[[:Image:OWASPAppSec2007Milan OWASPTestingGuide2v1.ppt | OWASP Testing Guide v2.1 (Matteo Meucci)]] ||Matteo Meucci's presentation on the OWASP Testing Guide v2 at the 6th OWASP AppSec conference in Milan, Italy in May 2007. || Intermediate || 2007-05-16
|-valign="top"
|[[:Image:OWASPAppSec2007Milan CLASP.ppt | CLASP (Pravir Chandra)]] ||Pravir Chandra's presentation on the upcoming 2007 update to CLASP presented at 6th OWASP AppSec conference in Milan, Italy in May 2007. || Intermediate || 2007-05-16
|-valign="top"
|[[:Image:OWASPAppSec2007Milan AdvancedWebHacking.ppt | Advanced Web Hacking (PDP)]] ||PDPs presentation at the 6th OWASP AppSec conference in Milan, Italy in May 2007. || Expert || 2007-05-16
|-valign="top"
|[[:Image:OWASPAppSec2007Milan XMLSecurityGatewayEvalCriteria.ppt | XML Security Gateway Evaluation Criteria (Gunnar Peterson)]] ||Gunnar Peterson's presentation about the new XML Security Gateway Evaluation Criteria project at 6th OWASP AppSec conference in Milan, Italy in May 2007. || Intermediate || 2007-05-16
|-valign="top"
|[[:Image:OWASPAppSec2007Milan TestingFlashApplications.ppt | Testing Flash Applications (Stephano Di Paolo)]] ||Stephano Di Paolo's presentation on how to test Flash applications presented at the 6th OWASP AppSec conference in Milan, Italy in May 2007. || Expert|| 2007-05-16
|-valign="top"
|[[:Image:OWASPAppSec2007Milan OvertakingGoogleDesktop.ppt | Overtaking Google Desktop (Yair Amit)]] ||Yair Amit's presentation on XSS Flaws in Google Desktop that can be exploited through google.com presented at 6th OWASP AppSec conference in Milan, Italy in May 2007. || Expert || 2007-05-16
|-valign="top"
|[[:Image:OWASPAppSec2007Milan MS ACETeamAppSecfromTheCore.ppt | ACE Team Application Security from the Core (Simon Roses Femerling)]] ||Simon Roses Femerling's presentation on the Microsoft ACE team's application security process at the 6th OWASP AppSec conference in Milan, Italy in May 2007. || Intermediate || 2007-05-16
|-valign="top"
|[[:Image:OWASPAppSec2007Milan Pantera.ppt | Pantera (Simon Roses Femerling)]] ||Simon Roses Femerling's presentation on the new OWASP tool Pantera at the 6th OWASP AppSec conference in Milan, Italy in May 2007. || Intermediate || 2007-05-16
|-valign="top"
|[[:Image:OWASPAppSec2007Milan ProtectingWebAppsfromUniversalPDFXSS.ppt | Protecting Web applications from universal PDF XSS (Ivan Ristic)]] ||Ivan Ristic's Universal XSS PDF presentation at 6th OWASP AppSec conference in Milan, Italy in May 2007. || Intermediate || 2007-05-16
|-valign="top"
|[[:Image:OWASPAppSec2007Milan SoftwareSecurity.ppt | Software Security (Rudolph Araujo)]] ||Rudolph Araujo's presentation on Application Security best practices at the 6th OWASP AppSec conference in Milan Italy, May 2007. || Intermediate || 2007-05-16
|-valign="top"
|[[:Image:OWASPAppSec2007Milan WebGoatv5.ppt | WebGoat v5 (Dave Wichers)]] ||WebGoat v5 presentation by Dave Wichers at the 6th OWASP AppSec Conference in Milan, Italy, May 2007. || Intermediate || 2007-05-16
|-valign="top"
|[[:Image:OWASPAppSec2007Milan WebScarabNG.ppt | WebScarab NG (Dave Wichers)]] ||Description of the new WebScarab-NG efforts presented by Dave Wichers at the 6th OWASP AppSec conference in Milan, Italy in May 2007.|| Intermediate || 2007-05-16
|-valign="top"
|[[:Image:OWASPAppSec2007Milan SANS SPSA Initiative.ppt | SANS SPSA Initiative (Dave Wichers)]] ||Description of the SANS Secure Coding Exam Initiative presented by Dave Wichers at the 6th OWASP AppSec conference in Milan Italy, May 2007.|| Novice || 2007-05-16
|-valign="top"
|[[:Image:OWASPAppSec2007Milan OWASPItalyActivities.ppt | OWASP Italy Activities (Raoul Chiesa)]] ||Raoul Chiesa's keynote for day 2 of the 6th OWASP AppSec conference on the state of application security in Italy including OWASP's activities in that country.|| Novice || 2007-05-16
|-valign="top"
|[[:Image:OWASPAppSec2007Milan SecurityEngineeringInVista.ppt | Security engineering in Vista (Alex Lucas)]] ||Alex Lucas' from Microsoft's keynote presentation for Day 1 of the 6th OWASP AppSec conference in Milan on the benefits of Microsoft's SDL to the security of Vista. || Intermediate || 2007-05-16
|-valign="top"
|[http://www.owasp.org/images/5/5f/OWASPAppSec2006Seattle_SecurityEngineeringInVista.ppt How the Security Development Lifecycle(SDL) Improved Windows Vista (Michael Howard)] || Michael Howard's talk on SDL from the OWASP Seattle AppSec Conference in 2006 || Intermediate || 2006-10-18
|-valign="top"
|[http://www.owasp.org/images/3/34/OWASPAppSecEU2006_Bootstrapping_the_Application_Assurance_Process.ppt Bootstrapping the Application Assurance Process (Sebastien Deleersnyder)] || Presentation given during the European 2006 AppSec conference on the application assurance process || Novice || 2006-05-30
|-valign="top"
|[http://www.owasp.org/images/8/8b/OWASPAppSecEU2006_InlineApproachforSecureSOAPRequests.ppt Inline Approach for Secure SOAP Requests and Early Validation (Mohammad Ashiqur Rahaman, Maartin Rits and Andreas Schaad SAP Research, Sophia Antipolis, France)] || Presentation given at the European 2006 AppSec conference about security and soap message structure issues || Intermediate || 2006-05-31
|-valign="top"
|[http://www.owasp.org/images/9/9c/OWASPAppSecEU2006_WAFs_WhenAreTheyUseful.ppt Web Application Firewalls:When Are They Useful? (Ivan Ristic)] || Presentation about Web Application Firewalls || Novice || 2006-05-31
|-valign="top"
|[http://www.owasp.org/images/1/1a/OWASPAppSecEU2006_HTTPMessageSplittingSmugglingEtc.ppt HTTP Message Splitting, Smuggling and Other Animals (Amit Klein)] || A presentation about Message splitting other attacks around the HTTP protocol || Intermediate || 2006-05-31
|-valign="top"
|[http://www.owasp.org/images/f/f6/OWASPAppSec2006Seattle_WebAppForensics.ppt Web Application Incident Response & Forensics: A Whole New Ball Game! (Rohyt Belani & Chuck Willis)] || Talk about Web Application Security incident handling and forensics given at the OWASP 2006 Seattle AppSec conference || Intermediate || 2006-10-18
|-valign="top"
|[http://www.owasp.org/images/d/d2/OWASPAppSecEU2006_CanTestingToolsReallyFindOWASPTop10.ppt Can (Automated) Testing Tools Really Find the OWASP Top 10? (Erwin Geirnaert) ] || A talk about how automated testing tools stack up against the OWASP top 10 || Intermediate || 2006-05-30
|-valign="top"
|[http://www.owasp.org/images/2/28/OWASPAppSecEU2006_RequestRodeo.ppt RequestRodeo: Client Side Protection against Session Riding (Martin Johns / Justus Winter)] || Presentation given about how Sessions can be hi-jacked, etc... || Novice || 2006-05-31
|-valign="top"
|[http://www.owasp.org/images/6/62/OWASPAppSecEU2006_SecurityTestingthruAutomatedSWTests.ppt Security Testing through Automated Software Tests (Stephen de Vries)] || Presentation given at the 2006 EuSec conference || Intermediate || 2006-05-31
|-valign="top"
|[http://www.owasp.org/images/0/0e/AppSec2005DC-Jeremy_Poteet-In_the_Line_of_Fire.ppt In the Line of Fire: Defending Highly Visible Targets (Jeremy Poteet)] || Conference given at the 2005 DC AppSec conference || Novice || 2005-10-1
|-valign="top"
|[http://www.owasp.org/images/9/93/AppSec2005DC-Matt_Fisher-Google_Hacking_and_Worms.ppt Google Hacking and Web Application Worms (Matt Fisher)] || Talk given at the 2005 DC AppSec conference || Novice || 2005-10-01
|-valign="top"
|[http://www.owasp.org/images/0/05/AppSec2005DC-Anthony_Canike-Enterprise_AppSec_Program.ppt Establishing an Enterprise Application Security Program (Tony Canike)] || Talk given at the 2005 DC AppSec Conference || Novice || 2005-10-01
|-valign="top"
|[https://owasp.org/images/0/0d/OWASPAppSec2006Seattle_Why_AJAX_Applications_More_Likely_Insecure.ppt Why AJAX Applications Are Far More Likely To Be Insecure (And What To Do About It) (Dave Wichers)] || Dave's talk on AJAX given at the Seattle 2006 AppSec conference || Intermediate || 2006-10-01
|-valign="top"
|Example (Briechenstein Software Studio) || BSSOWSORP-OWASP || Novice/Intermediate/Expert || 2012-05-10
|}

<br>

== Web Application Security Presentations ==
{|class="wikitable sortable" style="text-align: top;" border="1" cellpadding="2"
|+ Web Application Security Presentations
!width="30%" |Title
!width="40%" |Comment
!width="15%" |Level
!width="15%" |Date (yyyy-mm-dd)
|-valign="top"
|[[:Image:Protecting Web Applications from Universal PDF XSS.ppt| Universal PDF XSS by Ivan Ristic]] || Protecting Web Applications from Universal PDF XSS || Intermediate || 2007-06-28
|-valign="top"
|[[:Image:IdM-OWASP.v.0.2.14.pdf|Identity Management Basics (Derek Brown)]] ||Identity Management Basics|| Novice || 2007-05-09
|-valign="top"
|[[http://www.owasp.org/images/7/74/Advanced_SQL_Injection.ppt Advanced SQL Injection (Victor Chapela)] || Detailed methodology for analyzing applications for SQL injection vulnerabilities || Expert || 2005-11-04
|-valign="top"
|[[http://www.owasp.org/images/7/7d/Advanced_Topics_on_SQL_Injection_Protection.ppt Advanced Topics on SQL Injection Protection (Sam NG)] || 7 methods to prevent SQL injection attacks correctly and in a more integrated approach. Methods 1 to 3 are applicable during design or development life cycle. Method 4 is mainly from QA’s perspective. Methods 5 and 6 can be applied to production environment and are applicable even if you do not have access to or if you cannot change the source code. Other non-main stream technology are discussed in Method 7. || Intermediate || 2006-02-27
|-valign="top"
|[[http://www.owasp.org/images/d/d1/AppSec2005DC-Alex_Stamos-Attacking_Web_Services.ppt Attacking Web Services (Alex Stamos)] || Web Services Introduction and Attacks || Intermediate || 2005-10-11
|-valign="top"
|[http://www.owasp.org/images/7/72/MMS_Spoofing.ppt MMS Spoofing (Matteo Meucci)] || A Case-study of a vulnerable web application || Intermediate
|-valign="top"
|[http://www.owasp.org/images/f/f9/OWASPAppSecEU2006_AJAX_Security.ppt Ajax Security (Andrew van der Stock)] || Presentation on Ajax security for OWASP AppSec Europe 2006 || Intermediate || 2006-05-30
|-valign="top"
|[http://www.owasp.org/images/3/3a/OWASPAppSec2006Seattle_Web_Services_Security.ppt Advanced Web Services Security & Hacking (Justin Derry)] || Presentation given on Webservice security at the Seattle 2006 AppSec conference || Intermediate || 2006-10-18
|-valign="top"
|[http://www.owasp.org/images/f/f6/Integration_into_the_SDLC.ppt Integration into the SDLC (Eoin Keary)] || A presentation about why and how to integrate the SDLC. || Novice || 2005-04-09
|-valign="top"
|Example (Briechenstein Software Studio) || Freelance Contractor|| Novice/Intermediate/Expert || 2012-05-10
|}

<br>

== Chapter Presentations ==
{|class="wikitable sortable" style="text-align: top;" border="1" cellpadding="2"
|+ Chapter Presentations
!width="30%" |Title
!width="30%" |Comment
!width="10%" |Level
!width="10%" |Month (Mon-yyyy)
!width="10%" |Chapter

|-valign="top"
|[[:Image:Common_Application_Flaws.ppt| Common Application Flaws (Brett Moore) ]] ||OWASP New Zealand chapter presentation on Common Application Flaws|| Novice/Intermediate ||November 2008 || [[New Zealand]]
|-valign="top"
|[[:Image:Time_Based_SQL_Injections.ppt| Time Based SQL Injections (Muhaimin Dzulfakar) ]] ||OWASP New Zealand chapter presentation on Time Based SQL Injections|| Intermediate ||September 2008 || [[New Zealand]]
|-valign="top"
|[[:Image:Browser_security.ppt| Browser Security (Roberto Suggi Liverani) ]] ||OWASP New Zealand chapter presentation on Browser Security|| Intermediate ||September 2008 || [[New Zealand]]
|-valign="top"
|[[:Image:OWASP_CMH_SQLInjection__20080707.zip| 7/7/2008 SQL Injection (Columbus, OH)]] || SQL Injection Presentation given at the Columbus, OH OWASP Chapter Meeting. Powerpoint, derby DB, and applicable java code. || Novice / Intermediate || July 2008 || [[Columbus]]
|-valign="top"
|[[:Image:OWASP_ellak-Greece.ppt| Detecting Web Application Vulnerabilities Using Open Source Means (Konstantinos Papapanagiotou) ]] ||OWASP Greek Chapter presentation given at the Open Source Software (FLOSS) Conference in Athens|| Novice ||May 2008 || [[Greece]]
|-valign="top"
|[[:Image:Hacking_The_World_With_Flash.ppt| Hacking The World With Flash (Paul Craig) ]] ||OWASP New Zealand chapter presentation on Flash security|| Intermediate ||April 2008 || [[New Zealand]]
|-valign="top"
|[[:Image:Web_spam_techniques.ppt| Web Spam Techniques (Roberto Suggi Liverani) ]] ||OWASP New Zealand chapter presentation on Web Spam Techniques|| Intermediate ||April 2008 || [[New Zealand]]
|-valign="top"
|[[:Image:Xpath_Injection.ppt| Xpath Injection Overview (Roberto Suggi Liverani) ]] ||OWASP New Zealand chapter presentation on Xpath Injection|| Intermediate ||February 2008 || [[New Zealand]]
|-valign="top"
|[[:Image:Owasp security4mobileJava.pdf| Dependability for Java Mobile Code (Pierre Parrend) ]] ||OWASP Swiss chapter presentation on Mobile Java Security || Expert ||July 2007 || [[Switzerland]]
|-valign="top"
|[[:Image:Trust Security Usability - v1.0.pdf|Trust, Security and Usability (Roger Carhuatocto) in Spanish]]||OWASP Spain chapter meeting (July'07) || Intermediate ||July 2007 || [[Spain]]
|-valign="top"
|[[:Image:OWASP-tratamiento_de_datos.pdf|Tratamiento seguro de datos en aplicaciones in Spanish]]||OWASP Spain chapter meeting (July'07) || Intermediate ||July 2007 || [[Spain]]
|-valign="top"
|[[:Image:Conferencia_OWASP.pdf|Ataques DoS en aplicaciones Web (Jaime Blasco Bermejo) in Spanish]]||OWASP Spain chapter meeting (July'07) || Intermediate ||July 2007 || [[Spain]]
|-valign="top"
|[[:Image:Seguridad en entornos financieros.pdf|Seguridad en entornos financierosPedro (Pedro Sánchez) in Spanish]]||OWASP Spain chapter meeting (July'07) || Intermediate ||July 2007 || [[Spain]]
|-valign="top"
|[[:Image:Java_Open_Review.ppt|Brian Chess from Fortify shared what's going on with the Java Open Source review project at the June NoVA OWASP meeting]] || Java Open Review || Intermediate ||June 2007 || [[Virginia (Northern Virginia)]]
|-valign="top"
|[[:Image:Bytecode_injection.ppt|Brian Chess from Fortify, presentation to NoVA OWASP chapter in June 2007.]] || Bytecode injection || Expert ||June 2007 || [[Virginia (Northern Virginia)]]
|-valign="top"
|[[:Image:Security at the VMM Layer - OWASP.ppt|Security at the VMM Layer by Ted Winograd]] || Security at the VMM Layer || Expert ||June 2007 || [[Virginia (Northern Virginia)]]
|-valign="top"
|[[:Image:KC June 2007 Evaluating and Tuning WAFs.pdf|Evaluating and Tuning Web Application Firewalls (Barry Archer)]] ||Presentation given at Kansas City June 2007 chapter meeting|| Intermediate ||June 2007 || [[Kansas City]]
|-valign="top"
|[[:Image:OWASP_SDL-IT.pdf|Microsoft Security Development Lifecycle for IT (Rob Labbé)]] ||Presentation by Rob Labbe at Ottawa OWASP Chapter|| Novice ||May 2007|| [[Ottawa]]
|-valign="top"
|[[:Image:OWASP_IL_7_Application_DOS.pdf|Application Denial of Service (Shaayy Cheen)]] ||Is it Really That Easy? Presentation given at the Israel Mini Conference in May 2007|| Intermediate ||May 2007 || [[Israel]]
|-valign="top"
|[[:Image:OWASP_IL_7_FuzzGuru.pdf|Fuzzing in Microsoft and FuzzGuru framework (John Neystadt)]] ||Presentation given at the Israel Mini Conference in May 2007|| Intermediate ||May 2007 || [[Israel]]
|-valign="top"
|[[:Image:OWASP_IL_7_AppSec_and_Beyond.pdf|Application Security, not just development (David Lewis)]] ||Presentation given at the Israel Mini Conference in May 2007|| Intermediate ||May 2007 || [[Israel]]
|-valign="top"
|[[:Image:OWASP IL 7 Overtaking Google Desktop.pdf|Overtaking Google Desktop, Leveraging XSS to Raise Havoc (Yair Amit)]] ||Presentation given at the Israel Mini Conference in May 2007|| Intermediate ||May 2007 || [[Israel]]
|-valign="top"
|[[:Image:OWASP IL 7 UnregisterAttackInSip.pdf|Unregister Attack in SIP (Anat Bremler-Barr, Ronit Halachmi-Bekel and Jussi Kangasharju)]] ||Presentation given at the Israel Mini Conference in May 2007|| Intermediate ||May 2007 || [[Israel]]
|-valign="top"
|[[:Image:OWASP IL 7 WAF Positive Security.pdf|Positive Security Model for Web Applications, Challenges and Promise (Ofer Shezaf)]] ||Presentation given at the Israel Mini Conference in May 2007|| Intermediate ||May 2007 || [[Israel]]
|-valign="top"
|[[:Image:OWASP IL 7 DOT NET Reverse Engineering.pdf|.NET Reverse Engineering (Erez Metula)]] ||Presentation given at the Israel Mini Conference in May 2007|| Expert ||May 2007 || [[Israel]]
|-valign="top"
|[[:Image:OWASP IL 7 OWASP Introduction.pdf|OWASP introduction (Ofer Shezaf)]] ||2nd OWASP IL mini conference at the Interdisciplinary Center (IDC) Herzliya|| Intermediate ||May 2007 || [[Israel]]
|-valign="top"
|[[:Image:OWASP BeLux 2007-06-22 Update on Internet Attack Statistics for Belgium in 2006.ppt|Update on Internet Attack Statistics for Belgium in 2006 by Hilar Leoste (Zone-H)]] || Update on Internet Attack Statistics for Belgium in 2006 || Novice ||May 2007 || [[Belgium]]
|-valign="top"
|[http://www.owasp.org/index.php/Image:InfoSec_World_2007_-_Web_services_gateways.ppt Securing Web Services using XML Security Gateways by Tim Bond] || Securing Web Services using XML Security Gateways || Intermediate ||May 2007 || [[Virginia (Northern Virginia)]]
|-valign="top"
|[http://www.owasp.org/index.php/Image:SwA_Acquisition_WG_-_Overview.ppt Software Assurance in the Acquisition Process by Stan Wisseman] || Software Assurance in the Acquisition Process || Intermediate ||May 2007 || [[Virginia (Northern Virginia)]]
|-valign="top"
|[http://www.owasp.org/index.php/Image:OWASP_BeLux_2007-05-10_Legal_Aspects_Jos_Dumortier.zip Legal Aspects of (Web) Application Security by Jos Dumortier] || Legal Aspects of (Web) Application Security || Intermediate ||May 2007 || [[Belgium|Belgium]]
|-valign="top"
|[http://www.owasp.org/index.php/Image:OWASP_BeLux_2007-05-10_AppSec_Research_Lieven_Desmet.zip AppSec Research (University Leuven Belgium)] || Formal absence of implementation bugs in web applications: a case study on indirect data sharing by Lieven Desmet || Expert ||May 2007 || [[Belgium|Belgium]]
|-valign="top"
|[[:Image:Scanner-Sparkly.ppt|A Scanner Sparkly]] || A Scanner Sparkly, taken from the Phoenix OWASP presentations on Application Security Tools, May 2007 || Intermediate ||May 2007 || [[Phoenix]]
|-valign="top"
|[[:Image:Owasp-lessonslearned.ppt|Grey Box Assessment Lessons Learned]] || "Grey Box Assessment Lessons Learned", taken from the Phoenix OWASP presentations, Application Security Tools, May 2007 || Intermediate ||May 2007 || [[Phoenix]]
|-valign="top"
|[http://www.owasp.org/index.php/Image:OWASP_BeLux_2007-05-10_OWASP_Update.zip OWASP Update and OWASP BeLux Board Presentation (Seba)] || OWASP Update and OWASP BeLux Board Presentation || Novice||May 2007 || [[Belgium|Belgium]]
|-valign="top"
|[[:Image:Security Metics- What can we measure- Zed Abbadi.pdf|Metics- What can we measure (Zed Abbadi)]] ||19 April NoVa chapter meeting presentation on Security Metrics || Novice ||April 2007 || [[Virginia (Northern Virginia)]]
|-valign="top"
|[[:Image:Web Services Hacking and Hardening.pdf| Web Services Hacking and Hardening (Adam Vincent) ]] ||3/8/07 NoVA chapter meeting, Adam Vincent from Layer7 || Expert ||March 2007 || [[Virginia (Northern Virginia)]]
|-valign="top"
|[http://www.owasp.org/index.php/Image:OWASP_BE_2007-01-23_OWASP_Update.zip OWASP Update (Seba)] || OWASP Update || Novice||Jan 2007 || [[Belgium|Belgium]]
|-valign="top"
|[http://www.owasp.org/images/f/fe/Pres_20070206_04_svetsch_xss_worms_owasp.zip XSS Worms (Sven Vetsch)] || XSS Worms || Intermediate ||Feb 2007 || [[Switzerland|Switzerland]]
|-valign="top"
|[http://www.owasp.org/index.php/Image:OWASP_BE_2007-01-23_OWASP_Update.zip OWASP Update (Seba)] || OWASP Update || Novice||Jan 2007 || [[Belgium|Belgium]]
|-valign="top"
|[http://www.owasp.org/index.php/Image:OWASP_BE_2007-01-23_WebGoat-Pantera.zip WebGoat and Pantera presentation (Philippe Bogaerts)] || WebGoat and Pantera presentation || Novice || Jan 2007 || [[Belgium|Belgium]]
|-valign="top"
|[http://www.owasp.org/index.php/Image:OWASP_BE_2007-01-23_AOP_security.zip Security implications of AOP for secure software (Bart De Win)] || Security implications of AOP for secure software || Expert || Jan 2007 || [[Belgium|Belgium]]
|-valign="top"
|[http://www.owasp.org/images/1/12/OWASP_Denver_Nov-06_presentation.ppt testing for common security flaws (David Byrne)] || testing for common security flaws || Intermediate || Nov 2006 || [[Denver|Denver]]
|-valign="top"
|[http://www.owasp.org/images/7/7c/Owasp-olli.pdf 40-ish slides on analyzing threats (Olli)] || Analyzing Threats || Novice || Dec 2006 || [[Helsinki|Helsinki]]
|-valign="top"
|[http://www.owasp.org/images/2/2c/KC_Dec2006_Attacking_The_App.pdf Attacking the Application (Dave Ferguson)] || Vulnerabilities, attacks and coding suggestions || Intermediate || Dec 2006 || [[Kansas City|Kansas City]]
|-valign="top"
|[http://www.owasp.org/images/6/6a/KC_Dec2006_Ajax_Security_Concerns.pdf Ajax Security Concerns (Rohini Sulatycki)] || Ajax Security Concerns || Intermediate ||Dec 2006 || [[Kansas City|Kansas City]]
|-valign="top"
|[http://www.owasp.org/images/8/8c/Anatomy_of_2_Web_App_Testing.zip Anatomy of 2 Web Application Testing (Matteo Meucci)] || Anatomy of 2 Web Application Testing || Intermediate || Mar 2006 || [[Italy|Italy]]

|-valign="top"

|[https://www.owasp.org/images/9/99/WTE-Cloud-Austin-2012-02.pdf Testing From the Cloud: Is the Sky Falling? ] || WTE Cloud-based Testing || Intermediate || Feb 2012 || [[Austin|Austin]]
|-valign="top"

|Example (Briechenstein Software Studio) || Open Web application Security Project|| Novice/Intermediate/Expert || 05-2012-10 || Chapter
|}

[[Category:OWASP Education Project]]
[[Category:OWASP Presentations]]
[[Category:Chapter Resources]]

OWASP Education Presentation

2012-05-30T17:57:09Z

Briechenstein Software Studio:

This page provide a commented overview of the OWASP presentations available.<br>
Please use the last line of the tables as template.<br>
Presentions can be tracked through:
* the [http://www.owasp.org/index.php/Category:OWASP_Presentations OWASP Presentations Category]
* [http://www.owasp.org/index.php/Category:OWASP_AppSec_Conference Past OWASP Conference agenda's]
* From the chapter pages
Everybody is encouraged to link the presentations and add their findings on this page !
There are currently hundreds of presentations all over the OWASP web site.
If you search google with “site:owasp.org filetype:ppt” there are 166 hits. “site:owasp.org filetype:pdf” returns 76.
Feel free to “mine” them and add them to the overview.

== OWASP Education Presentations ==
{|class="wikitable sortable" style="text-align: top;" border="1" cellpadding="2"
|+ OWASP Education Presentations
!width="30%" |Title
!width="40%" |Comment
!width="15%" |Level
!width="15%" |Date (yyyy-mm-dd)
|-valign="top"
|[[:Image:OWASP Overview Winter 2009v1.pptx|OWASP Overview Winter 2009]]|| Updated overview of OWASP || Novice || 2009-12-08
|-valign="top"
|[[:Image:Programa_de_Educacion_OWASP.ppt|Programa de Educacion OWASP]]|| Una introduccion a OWASP para Universidades y Centros Educativos por Fabio Cerullo|| Novice || 2009-03-20
|-valign="top"
|[[:Image:OWASP_Educational_Programme.ppt|OWASP Educational Programme]]|| An introduction to OWASP for Universities & Educational Institutions by Fabio Cerullo|| Novice || 2009-03-20
|-valign="top"
|[[:Image:OWASP Overview Summer 2009.pptx|OWASP Overview Summer 2009]]|| Recent overview of OWASP by Jeff Williams || Novice || 2009-08-25
|-valign="top"
|[[:Image:Education Module Why WebAppSec Matters.ppt|Why WebAppSec Matters]]|| This module explains why security should be considered when developping or deploying web applications as part of the [[:Category:OWASP Education Project|Education Project]] || Novice || 2007-11-01
|-valign="top"
|[[:Image:OWASP-Intro-2008-portuguese.ppt|OWASP Intro 2008 Portuguese]]|| Este módulo é uma intrudução sobre o projeto OWASP. || Novice || 2008-07-06
|-valign="top"
|[[:Image:Education Module OWASP Top 10 Introduction and Remedies.ppt|OWASP Top 10 Introduction and Remedies]]|| This module explains the OWASP Top 10 web application vulnerabilities as part of the [[:Category:OWASP Education Project|Education Project]] || Novice || 2007-11-01
|-valign="top"
|[[:Image:Education Module Embed within SDLC.ppt|Embed within SDLC]]|| This module explains the complete approach of Web Application Security when developping or deploying web applications as part of the [[:Category:OWASP Education Project|Education Project]] || Novice || 2007-11-01
|-valign="top"
|[[:Image:Education Module Good Secure Development Practices.ppt|Good Secure Development Practices]]|| This module explains some good secure development practices when developping or deploying web applications as part of the [[:Category:OWASP Education Project|Education Project]] || Novice || 2007-11-01
|-valign="top"
|[[:Image:Education Module Testing for Vulnerabilities.ppt|Testing for Vulnerabilities]]|| This module explains application security testing when developping or deploying web applications as part of the [[:Category:OWASP Education Project|Education Project]] || Novice || 2007-11-01
|-valign="top"
|[[:Image:Education Module Good WebAppSec Resources.ppt|Good WebAppSec Resources]]|| This module points you to some good web application security resources when developping or deploying web applications as part of the [[:Category:OWASP Education Project|Education Project]] || Novice || 2007-11-01
|-valign="top"
|Example (Briechenstein Software Studio) || OWASP Education Presentation|| Novice/Intermediate/Expert || 2012-05-10
|}

<br>

== OWASP Project Presentations ==
{|class="wikitable sortable" style="text-align: top;" border="1" cellpadding="2"
|+ OWASP Project Presentations
!width="30%" |Title
!width="40%" |Comment
!width="15%" |Level
!width="15%" |Date (yyyy-mm-dd)
|-valign="top"
|[[:Image:Germany 2008 Conference OWASP Introduction v1.pptx|OWASP Introduction]] || OWASP Overview presentation covering OWASP, project parade and OWASP near you. Given by Seba during the Germany 2008 Conference || Novice || 2008-11-25
|-valign="top"
|[[:Image:OWASP Foundation The story so far and beyond - Part 1.ppt|India08 Keynote - Part 1]] || OWASP Overview presentation. Part 1 of 2. Given by Dinis and Jason during the India08 Conference || Novice || 2008-08-16
|-valign="top"
|[[:Image:OWASP Foundation The story so far and beyond - Part 2.ppt|India08 Keynote - Part 2]] || OWASP Overview presentation. Part 2 of 2. Given by Dinis and Jason during the India08 Conference || Novice || 2008-08-16
|-valign="top"
|[[:Image:OWASP India - Tour of OWASP projects.ppt|Tour of OWASP’s projects]] || Given by Dinis and Jason during the India08 Conference || Novice || 2008-08-16
|-valign="top"
|[https://www.owasp.org/images/5/59/RISK_2008_OWASP_Introduction_v1.pptx OWASP @ RISK08 (Norway)] || OWASP introduction at Norway RISK2008 conference by Seba || Novice || 2008-04-23
|-valign="top"
|[[:Image:OWASP NY Keynote.ppt|OWASP NY Keynote by Jeff]] also available in [[:Image:20070620-FR-OWASP NY Keynote.ppt|French]]|| OWASP Overview presentation with slide "OWASP by the numbers" and slide with the sorry state of Tools (at best 45%) which caused some controverse || Novice || 2007-06-12
|-valign="top"
|[http://www.owasp.org/images/a/af/OWASP_Testing_Guide_Presentation.zip The OWASP Testing Guide (Jeff Williams)] || Overview of the OWASP Testing Guide || Novice || 2007-01-23
|-valign="top"
|[http://www.owasp.org/images/e/e9/OWASP_Testing_Guide_Presentation_EUSecWest07.zip The OWASP Testing Guide v2 EUSecWest07 (Matteo Meucci, Alberto Revelli)] || Presentation at EUSecWest07 || Intermediate || 2007-03-01
|-valign="top"
|[http://www.owasp.org/images/3/3c/OWASP_Flyer_Sep06.ppt OWASP Project Overview] || High level overview of projects and how OWASP works || Novice || 2006-09-19
|-valign="top"
|[http://www.owasp.org/images/4/49/OWASPAppSec2006Seattle_Security_Metrics.ppt The OWASP Application Security Metrics Project (Bob Austin)] || Presentation on the Application Security Metrics project || Novice || 2006-10-17
|-valign="top"
|[http://www.owasp.org/images/5/53/OWASPAppSecEU2006_CLASP_Project.ppt OWASP CLASP Project (Pravir Chandra)] || OWASP CLASP project presentation given at the 2006 European AppSec conference || Novice || 2006-05-30
|-valign="top"
|[http://www.owasp.org/images/3/30/OWASPAppSec2006Seattle_UsingSprajaxToTestAJAXSecurity.ppt Sprajax (Dan Cornell)] || OWASP Sprajax presentation given at the 2006 Seattle AppSec conference || Intermediate || 2006-10-17
|-valign="top"
|Example (Briechenstein Software Studio || Software Architect || Novice/Intermediate/Expert || 2012-05-10
|}

<br>

== OWASP Conference Presentations ==
{|class="wikitable sortable" style="text-align: top;" border="1" cellpadding="2"
|+ OWASP Conference Presentations
!width="30%" | Title
!width="40%" | Comment
!width="15%" | Level
!width="15%" |Date (yyyy-mm-dd)

|-valign="top"
|[[:Image:OWASPAppSec2007Milan ModSecurityCoreRuleSet.ppt | Mod Security Core Rule Set (Ofer Shezaf)]] ||Ofer Shezaf's presentation on the Core Ruleset for the latest version of ModSecurity presented at 6th OWASP AppSec conference in Milan, Italy, in May 2007.|| Intermediate || 2007-05-16
|-valign="top"
|[[:Image:OWASPAppSec2007Milan OWASPTestingGuide2v1.ppt | OWASP Testing Guide v2.1 (Matteo Meucci)]] ||Matteo Meucci's presentation on the OWASP Testing Guide v2 at the 6th OWASP AppSec conference in Milan, Italy in May 2007. || Intermediate || 2007-05-16
|-valign="top"
|[[:Image:OWASPAppSec2007Milan CLASP.ppt | CLASP (Pravir Chandra)]] ||Pravir Chandra's presentation on the upcoming 2007 update to CLASP presented at 6th OWASP AppSec conference in Milan, Italy in May 2007. || Intermediate || 2007-05-16
|-valign="top"
|[[:Image:OWASPAppSec2007Milan AdvancedWebHacking.ppt | Advanced Web Hacking (PDP)]] ||PDPs presentation at the 6th OWASP AppSec conference in Milan, Italy in May 2007. || Expert || 2007-05-16
|-valign="top"
|[[:Image:OWASPAppSec2007Milan XMLSecurityGatewayEvalCriteria.ppt | XML Security Gateway Evaluation Criteria (Gunnar Peterson)]] ||Gunnar Peterson's presentation about the new XML Security Gateway Evaluation Criteria project at 6th OWASP AppSec conference in Milan, Italy in May 2007. || Intermediate || 2007-05-16
|-valign="top"
|[[:Image:OWASPAppSec2007Milan TestingFlashApplications.ppt | Testing Flash Applications (Stephano Di Paolo)]] ||Stephano Di Paolo's presentation on how to test Flash applications presented at the 6th OWASP AppSec conference in Milan, Italy in May 2007. || Expert|| 2007-05-16
|-valign="top"
|[[:Image:OWASPAppSec2007Milan OvertakingGoogleDesktop.ppt | Overtaking Google Desktop (Yair Amit)]] ||Yair Amit's presentation on XSS Flaws in Google Desktop that can be exploited through google.com presented at 6th OWASP AppSec conference in Milan, Italy in May 2007. || Expert || 2007-05-16
|-valign="top"
|[[:Image:OWASPAppSec2007Milan MS ACETeamAppSecfromTheCore.ppt | ACE Team Application Security from the Core (Simon Roses Femerling)]] ||Simon Roses Femerling's presentation on the Microsoft ACE team's application security process at the 6th OWASP AppSec conference in Milan, Italy in May 2007. || Intermediate || 2007-05-16
|-valign="top"
|[[:Image:OWASPAppSec2007Milan Pantera.ppt | Pantera (Simon Roses Femerling)]] ||Simon Roses Femerling's presentation on the new OWASP tool Pantera at the 6th OWASP AppSec conference in Milan, Italy in May 2007. || Intermediate || 2007-05-16
|-valign="top"
|[[:Image:OWASPAppSec2007Milan ProtectingWebAppsfromUniversalPDFXSS.ppt | Protecting Web applications from universal PDF XSS (Ivan Ristic)]] ||Ivan Ristic's Universal XSS PDF presentation at 6th OWASP AppSec conference in Milan, Italy in May 2007. || Intermediate || 2007-05-16
|-valign="top"
|[[:Image:OWASPAppSec2007Milan SoftwareSecurity.ppt | Software Security (Rudolph Araujo)]] ||Rudolph Araujo's presentation on Application Security best practices at the 6th OWASP AppSec conference in Milan Italy, May 2007. || Intermediate || 2007-05-16
|-valign="top"
|[[:Image:OWASPAppSec2007Milan WebGoatv5.ppt | WebGoat v5 (Dave Wichers)]] ||WebGoat v5 presentation by Dave Wichers at the 6th OWASP AppSec Conference in Milan, Italy, May 2007. || Intermediate || 2007-05-16
|-valign="top"
|[[:Image:OWASPAppSec2007Milan WebScarabNG.ppt | WebScarab NG (Dave Wichers)]] ||Description of the new WebScarab-NG efforts presented by Dave Wichers at the 6th OWASP AppSec conference in Milan, Italy in May 2007.|| Intermediate || 2007-05-16
|-valign="top"
|[[:Image:OWASPAppSec2007Milan SANS SPSA Initiative.ppt | SANS SPSA Initiative (Dave Wichers)]] ||Description of the SANS Secure Coding Exam Initiative presented by Dave Wichers at the 6th OWASP AppSec conference in Milan Italy, May 2007.|| Novice || 2007-05-16
|-valign="top"
|[[:Image:OWASPAppSec2007Milan OWASPItalyActivities.ppt | OWASP Italy Activities (Raoul Chiesa)]] ||Raoul Chiesa's keynote for day 2 of the 6th OWASP AppSec conference on the state of application security in Italy including OWASP's activities in that country.|| Novice || 2007-05-16
|-valign="top"
|[[:Image:OWASPAppSec2007Milan SecurityEngineeringInVista.ppt | Security engineering in Vista (Alex Lucas)]] ||Alex Lucas' from Microsoft's keynote presentation for Day 1 of the 6th OWASP AppSec conference in Milan on the benefits of Microsoft's SDL to the security of Vista. || Intermediate || 2007-05-16
|-valign="top"
|[http://www.owasp.org/images/5/5f/OWASPAppSec2006Seattle_SecurityEngineeringInVista.ppt How the Security Development Lifecycle(SDL) Improved Windows Vista (Michael Howard)] || Michael Howard's talk on SDL from the OWASP Seattle AppSec Conference in 2006 || Intermediate || 2006-10-18
|-valign="top"
|[http://www.owasp.org/images/3/34/OWASPAppSecEU2006_Bootstrapping_the_Application_Assurance_Process.ppt Bootstrapping the Application Assurance Process (Sebastien Deleersnyder)] || Presentation given during the European 2006 AppSec conference on the application assurance process || Novice || 2006-05-30
|-valign="top"
|[http://www.owasp.org/images/8/8b/OWASPAppSecEU2006_InlineApproachforSecureSOAPRequests.ppt Inline Approach for Secure SOAP Requests and Early Validation (Mohammad Ashiqur Rahaman, Maartin Rits and Andreas Schaad SAP Research, Sophia Antipolis, France)] || Presentation given at the European 2006 AppSec conference about security and soap message structure issues || Intermediate || 2006-05-31
|-valign="top"
|[http://www.owasp.org/images/9/9c/OWASPAppSecEU2006_WAFs_WhenAreTheyUseful.ppt Web Application Firewalls:When Are They Useful? (Ivan Ristic)] || Presentation about Web Application Firewalls || Novice || 2006-05-31
|-valign="top"
|[http://www.owasp.org/images/1/1a/OWASPAppSecEU2006_HTTPMessageSplittingSmugglingEtc.ppt HTTP Message Splitting, Smuggling and Other Animals (Amit Klein)] || A presentation about Message splitting other attacks around the HTTP protocol || Intermediate || 2006-05-31
|-valign="top"
|[http://www.owasp.org/images/f/f6/OWASPAppSec2006Seattle_WebAppForensics.ppt Web Application Incident Response & Forensics: A Whole New Ball Game! (Rohyt Belani & Chuck Willis)] || Talk about Web Application Security incident handling and forensics given at the OWASP 2006 Seattle AppSec conference || Intermediate || 2006-10-18
|-valign="top"
|[http://www.owasp.org/images/d/d2/OWASPAppSecEU2006_CanTestingToolsReallyFindOWASPTop10.ppt Can (Automated) Testing Tools Really Find the OWASP Top 10? (Erwin Geirnaert) ] || A talk about how automated testing tools stack up against the OWASP top 10 || Intermediate || 2006-05-30
|-valign="top"
|[http://www.owasp.org/images/2/28/OWASPAppSecEU2006_RequestRodeo.ppt RequestRodeo: Client Side Protection against Session Riding (Martin Johns / Justus Winter)] || Presentation given about how Sessions can be hi-jacked, etc... || Novice || 2006-05-31
|-valign="top"
|[http://www.owasp.org/images/6/62/OWASPAppSecEU2006_SecurityTestingthruAutomatedSWTests.ppt Security Testing through Automated Software Tests (Stephen de Vries)] || Presentation given at the 2006 EuSec conference || Intermediate || 2006-05-31
|-valign="top"
|[http://www.owasp.org/images/0/0e/AppSec2005DC-Jeremy_Poteet-In_the_Line_of_Fire.ppt In the Line of Fire: Defending Highly Visible Targets (Jeremy Poteet)] || Conference given at the 2005 DC AppSec conference || Novice || 2005-10-1
|-valign="top"
|[http://www.owasp.org/images/9/93/AppSec2005DC-Matt_Fisher-Google_Hacking_and_Worms.ppt Google Hacking and Web Application Worms (Matt Fisher)] || Talk given at the 2005 DC AppSec conference || Novice || 2005-10-01
|-valign="top"
|[http://www.owasp.org/images/0/05/AppSec2005DC-Anthony_Canike-Enterprise_AppSec_Program.ppt Establishing an Enterprise Application Security Program (Tony Canike)] || Talk given at the 2005 DC AppSec Conference || Novice || 2005-10-01
|-valign="top"
|[https://owasp.org/images/0/0d/OWASPAppSec2006Seattle_Why_AJAX_Applications_More_Likely_Insecure.ppt Why AJAX Applications Are Far More Likely To Be Insecure (And What To Do About It) (Dave Wichers)] || Dave's talk on AJAX given at the Seattle 2006 AppSec conference || Intermediate || 2006-10-01
|-valign="top"
|Example (Briechenstein Software Studio) || BSSOWSORP-OWASP || Novice/Intermediate/Expert || 2012-05-10
|}

<br>

== Web Application Security Presentations ==
{|class="wikitable sortable" style="text-align: top;" border="1" cellpadding="2"
|+ Web Application Security Presentations
!width="30%" |Title
!width="40%" |Comment
!width="15%" |Level
!width="15%" |Date (yyyy-mm-dd)
|-valign="top"
|[[:Image:Protecting Web Applications from Universal PDF XSS.ppt| Universal PDF XSS by Ivan Ristic]] || Protecting Web Applications from Universal PDF XSS || Intermediate || 2007-06-28
|-valign="top"
|[[:Image:IdM-OWASP.v.0.2.14.pdf|Identity Management Basics (Derek Brown)]] ||Identity Management Basics|| Novice || 2007-05-09
|-valign="top"
|[[http://www.owasp.org/images/7/74/Advanced_SQL_Injection.ppt Advanced SQL Injection (Victor Chapela)] || Detailed methodology for analyzing applications for SQL injection vulnerabilities || Expert || 2005-11-04
|-valign="top"
|[[http://www.owasp.org/images/7/7d/Advanced_Topics_on_SQL_Injection_Protection.ppt Advanced Topics on SQL Injection Protection (Sam NG)] || 7 methods to prevent SQL injection attacks correctly and in a more integrated approach. Methods 1 to 3 are applicable during design or development life cycle. Method 4 is mainly from QA’s perspective. Methods 5 and 6 can be applied to production environment and are applicable even if you do not have access to or if you cannot change the source code. Other non-main stream technology are discussed in Method 7. || Intermediate || 2006-02-27
|-valign="top"
|[[http://www.owasp.org/images/d/d1/AppSec2005DC-Alex_Stamos-Attacking_Web_Services.ppt Attacking Web Services (Alex Stamos)] || Web Services Introduction and Attacks || Intermediate || 2005-10-11
|-valign="top"
|[http://www.owasp.org/images/7/72/MMS_Spoofing.ppt MMS Spoofing (Matteo Meucci)] || A Case-study of a vulnerable web application || Intermediate
|-valign="top"
|[http://www.owasp.org/images/f/f9/OWASPAppSecEU2006_AJAX_Security.ppt Ajax Security (Andrew van der Stock)] || Presentation on Ajax security for OWASP AppSec Europe 2006 || Intermediate || 2006-05-30
|-valign="top"
|[http://www.owasp.org/images/3/3a/OWASPAppSec2006Seattle_Web_Services_Security.ppt Advanced Web Services Security & Hacking (Justin Derry)] || Presentation given on Webservice security at the Seattle 2006 AppSec conference || Intermediate || 2006-10-18
|-valign="top"
|[http://www.owasp.org/images/f/f6/Integration_into_the_SDLC.ppt Integration into the SDLC (Eoin Keary)] || A presentation about why and how to integrate the SDLC. || Novice || 2005-04-09
|-valign="top"
|Example (Briechenstein Software Studio) || Freelance Contractor|| Novice/Intermediate/Expert || 2012-05-2012
|}

<br>

== Chapter Presentations ==
{|class="wikitable sortable" style="text-align: top;" border="1" cellpadding="2"
|+ Chapter Presentations
!width="30%" |Title
!width="30%" |Comment
!width="10%" |Level
!width="10%" |Month (Mon-yyyy)
!width="10%" |Chapter

|-valign="top"
|[[:Image:Common_Application_Flaws.ppt| Common Application Flaws (Brett Moore) ]] ||OWASP New Zealand chapter presentation on Common Application Flaws|| Novice/Intermediate ||November 2008 || [[New Zealand]]
|-valign="top"
|[[:Image:Time_Based_SQL_Injections.ppt| Time Based SQL Injections (Muhaimin Dzulfakar) ]] ||OWASP New Zealand chapter presentation on Time Based SQL Injections|| Intermediate ||September 2008 || [[New Zealand]]
|-valign="top"
|[[:Image:Browser_security.ppt| Browser Security (Roberto Suggi Liverani) ]] ||OWASP New Zealand chapter presentation on Browser Security|| Intermediate ||September 2008 || [[New Zealand]]
|-valign="top"
|[[:Image:OWASP_CMH_SQLInjection__20080707.zip| 7/7/2008 SQL Injection (Columbus, OH)]] || SQL Injection Presentation given at the Columbus, OH OWASP Chapter Meeting. Powerpoint, derby DB, and applicable java code. || Novice / Intermediate || July 2008 || [[Columbus]]
|-valign="top"
|[[:Image:OWASP_ellak-Greece.ppt| Detecting Web Application Vulnerabilities Using Open Source Means (Konstantinos Papapanagiotou) ]] ||OWASP Greek Chapter presentation given at the Open Source Software (FLOSS) Conference in Athens|| Novice ||May 2008 || [[Greece]]
|-valign="top"
|[[:Image:Hacking_The_World_With_Flash.ppt| Hacking The World With Flash (Paul Craig) ]] ||OWASP New Zealand chapter presentation on Flash security|| Intermediate ||April 2008 || [[New Zealand]]
|-valign="top"
|[[:Image:Web_spam_techniques.ppt| Web Spam Techniques (Roberto Suggi Liverani) ]] ||OWASP New Zealand chapter presentation on Web Spam Techniques|| Intermediate ||April 2008 || [[New Zealand]]
|-valign="top"
|[[:Image:Xpath_Injection.ppt| Xpath Injection Overview (Roberto Suggi Liverani) ]] ||OWASP New Zealand chapter presentation on Xpath Injection|| Intermediate ||February 2008 || [[New Zealand]]
|-valign="top"
|[[:Image:Owasp security4mobileJava.pdf| Dependability for Java Mobile Code (Pierre Parrend) ]] ||OWASP Swiss chapter presentation on Mobile Java Security || Expert ||July 2007 || [[Switzerland]]
|-valign="top"
|[[:Image:Trust Security Usability - v1.0.pdf|Trust, Security and Usability (Roger Carhuatocto) in Spanish]]||OWASP Spain chapter meeting (July'07) || Intermediate ||July 2007 || [[Spain]]
|-valign="top"
|[[:Image:OWASP-tratamiento_de_datos.pdf|Tratamiento seguro de datos en aplicaciones in Spanish]]||OWASP Spain chapter meeting (July'07) || Intermediate ||July 2007 || [[Spain]]
|-valign="top"
|[[:Image:Conferencia_OWASP.pdf|Ataques DoS en aplicaciones Web (Jaime Blasco Bermejo) in Spanish]]||OWASP Spain chapter meeting (July'07) || Intermediate ||July 2007 || [[Spain]]
|-valign="top"
|[[:Image:Seguridad en entornos financieros.pdf|Seguridad en entornos financierosPedro (Pedro Sánchez) in Spanish]]||OWASP Spain chapter meeting (July'07) || Intermediate ||July 2007 || [[Spain]]
|-valign="top"
|[[:Image:Java_Open_Review.ppt|Brian Chess from Fortify shared what's going on with the Java Open Source review project at the June NoVA OWASP meeting]] || Java Open Review || Intermediate ||June 2007 || [[Virginia (Northern Virginia)]]
|-valign="top"
|[[:Image:Bytecode_injection.ppt|Brian Chess from Fortify, presentation to NoVA OWASP chapter in June 2007.]] || Bytecode injection || Expert ||June 2007 || [[Virginia (Northern Virginia)]]
|-valign="top"
|[[:Image:Security at the VMM Layer - OWASP.ppt|Security at the VMM Layer by Ted Winograd]] || Security at the VMM Layer || Expert ||June 2007 || [[Virginia (Northern Virginia)]]
|-valign="top"
|[[:Image:KC June 2007 Evaluating and Tuning WAFs.pdf|Evaluating and Tuning Web Application Firewalls (Barry Archer)]] ||Presentation given at Kansas City June 2007 chapter meeting|| Intermediate ||June 2007 || [[Kansas City]]
|-valign="top"
|[[:Image:OWASP_SDL-IT.pdf|Microsoft Security Development Lifecycle for IT (Rob Labbé)]] ||Presentation by Rob Labbe at Ottawa OWASP Chapter|| Novice ||May 2007|| [[Ottawa]]
|-valign="top"
|[[:Image:OWASP_IL_7_Application_DOS.pdf|Application Denial of Service (Shaayy Cheen)]] ||Is it Really That Easy? Presentation given at the Israel Mini Conference in May 2007|| Intermediate ||May 2007 || [[Israel]]
|-valign="top"
|[[:Image:OWASP_IL_7_FuzzGuru.pdf|Fuzzing in Microsoft and FuzzGuru framework (John Neystadt)]] ||Presentation given at the Israel Mini Conference in May 2007|| Intermediate ||May 2007 || [[Israel]]
|-valign="top"
|[[:Image:OWASP_IL_7_AppSec_and_Beyond.pdf|Application Security, not just development (David Lewis)]] ||Presentation given at the Israel Mini Conference in May 2007|| Intermediate ||May 2007 || [[Israel]]
|-valign="top"
|[[:Image:OWASP IL 7 Overtaking Google Desktop.pdf|Overtaking Google Desktop, Leveraging XSS to Raise Havoc (Yair Amit)]] ||Presentation given at the Israel Mini Conference in May 2007|| Intermediate ||May 2007 || [[Israel]]
|-valign="top"
|[[:Image:OWASP IL 7 UnregisterAttackInSip.pdf|Unregister Attack in SIP (Anat Bremler-Barr, Ronit Halachmi-Bekel and Jussi Kangasharju)]] ||Presentation given at the Israel Mini Conference in May 2007|| Intermediate ||May 2007 || [[Israel]]
|-valign="top"
|[[:Image:OWASP IL 7 WAF Positive Security.pdf|Positive Security Model for Web Applications, Challenges and Promise (Ofer Shezaf)]] ||Presentation given at the Israel Mini Conference in May 2007|| Intermediate ||May 2007 || [[Israel]]
|-valign="top"
|[[:Image:OWASP IL 7 DOT NET Reverse Engineering.pdf|.NET Reverse Engineering (Erez Metula)]] ||Presentation given at the Israel Mini Conference in May 2007|| Expert ||May 2007 || [[Israel]]
|-valign="top"
|[[:Image:OWASP IL 7 OWASP Introduction.pdf|OWASP introduction (Ofer Shezaf)]] ||2nd OWASP IL mini conference at the Interdisciplinary Center (IDC) Herzliya|| Intermediate ||May 2007 || [[Israel]]
|-valign="top"
|[[:Image:OWASP BeLux 2007-06-22 Update on Internet Attack Statistics for Belgium in 2006.ppt|Update on Internet Attack Statistics for Belgium in 2006 by Hilar Leoste (Zone-H)]] || Update on Internet Attack Statistics for Belgium in 2006 || Novice ||May 2007 || [[Belgium]]
|-valign="top"
|[http://www.owasp.org/index.php/Image:InfoSec_World_2007_-_Web_services_gateways.ppt Securing Web Services using XML Security Gateways by Tim Bond] || Securing Web Services using XML Security Gateways || Intermediate ||May 2007 || [[Virginia (Northern Virginia)]]
|-valign="top"
|[http://www.owasp.org/index.php/Image:SwA_Acquisition_WG_-_Overview.ppt Software Assurance in the Acquisition Process by Stan Wisseman] || Software Assurance in the Acquisition Process || Intermediate ||May 2007 || [[Virginia (Northern Virginia)]]
|-valign="top"
|[http://www.owasp.org/index.php/Image:OWASP_BeLux_2007-05-10_Legal_Aspects_Jos_Dumortier.zip Legal Aspects of (Web) Application Security by Jos Dumortier] || Legal Aspects of (Web) Application Security || Intermediate ||May 2007 || [[Belgium|Belgium]]
|-valign="top"
|[http://www.owasp.org/index.php/Image:OWASP_BeLux_2007-05-10_AppSec_Research_Lieven_Desmet.zip AppSec Research (University Leuven Belgium)] || Formal absence of implementation bugs in web applications: a case study on indirect data sharing by Lieven Desmet || Expert ||May 2007 || [[Belgium|Belgium]]
|-valign="top"
|[[:Image:Scanner-Sparkly.ppt|A Scanner Sparkly]] || A Scanner Sparkly, taken from the Phoenix OWASP presentations on Application Security Tools, May 2007 || Intermediate ||May 2007 || [[Phoenix]]
|-valign="top"
|[[:Image:Owasp-lessonslearned.ppt|Grey Box Assessment Lessons Learned]] || "Grey Box Assessment Lessons Learned", taken from the Phoenix OWASP presentations, Application Security Tools, May 2007 || Intermediate ||May 2007 || [[Phoenix]]
|-valign="top"
|[http://www.owasp.org/index.php/Image:OWASP_BeLux_2007-05-10_OWASP_Update.zip OWASP Update and OWASP BeLux Board Presentation (Seba)] || OWASP Update and OWASP BeLux Board Presentation || Novice||May 2007 || [[Belgium|Belgium]]
|-valign="top"
|[[:Image:Security Metics- What can we measure- Zed Abbadi.pdf|Metics- What can we measure (Zed Abbadi)]] ||19 April NoVa chapter meeting presentation on Security Metrics || Novice ||April 2007 || [[Virginia (Northern Virginia)]]
|-valign="top"
|[[:Image:Web Services Hacking and Hardening.pdf| Web Services Hacking and Hardening (Adam Vincent) ]] ||3/8/07 NoVA chapter meeting, Adam Vincent from Layer7 || Expert ||March 2007 || [[Virginia (Northern Virginia)]]
|-valign="top"
|[http://www.owasp.org/index.php/Image:OWASP_BE_2007-01-23_OWASP_Update.zip OWASP Update (Seba)] || OWASP Update || Novice||Jan 2007 || [[Belgium|Belgium]]
|-valign="top"
|[http://www.owasp.org/images/f/fe/Pres_20070206_04_svetsch_xss_worms_owasp.zip XSS Worms (Sven Vetsch)] || XSS Worms || Intermediate ||Feb 2007 || [[Switzerland|Switzerland]]
|-valign="top"
|[http://www.owasp.org/index.php/Image:OWASP_BE_2007-01-23_OWASP_Update.zip OWASP Update (Seba)] || OWASP Update || Novice||Jan 2007 || [[Belgium|Belgium]]
|-valign="top"
|[http://www.owasp.org/index.php/Image:OWASP_BE_2007-01-23_WebGoat-Pantera.zip WebGoat and Pantera presentation (Philippe Bogaerts)] || WebGoat and Pantera presentation || Novice || Jan 2007 || [[Belgium|Belgium]]
|-valign="top"
|[http://www.owasp.org/index.php/Image:OWASP_BE_2007-01-23_AOP_security.zip Security implications of AOP for secure software (Bart De Win)] || Security implications of AOP for secure software || Expert || Jan 2007 || [[Belgium|Belgium]]
|-valign="top"
|[http://www.owasp.org/images/1/12/OWASP_Denver_Nov-06_presentation.ppt testing for common security flaws (David Byrne)] || testing for common security flaws || Intermediate || Nov 2006 || [[Denver|Denver]]
|-valign="top"
|[http://www.owasp.org/images/7/7c/Owasp-olli.pdf 40-ish slides on analyzing threats (Olli)] || Analyzing Threats || Novice || Dec 2006 || [[Helsinki|Helsinki]]
|-valign="top"
|[http://www.owasp.org/images/2/2c/KC_Dec2006_Attacking_The_App.pdf Attacking the Application (Dave Ferguson)] || Vulnerabilities, attacks and coding suggestions || Intermediate || Dec 2006 || [[Kansas City|Kansas City]]
|-valign="top"
|[http://www.owasp.org/images/6/6a/KC_Dec2006_Ajax_Security_Concerns.pdf Ajax Security Concerns (Rohini Sulatycki)] || Ajax Security Concerns || Intermediate ||Dec 2006 || [[Kansas City|Kansas City]]
|-valign="top"
|[http://www.owasp.org/images/8/8c/Anatomy_of_2_Web_App_Testing.zip Anatomy of 2 Web Application Testing (Matteo Meucci)] || Anatomy of 2 Web Application Testing || Intermediate || Mar 2006 || [[Italy|Italy]]

|-valign="top"

|[https://www.owasp.org/images/9/99/WTE-Cloud-Austin-2012-02.pdf Testing From the Cloud: Is the Sky Falling? ] || WTE Cloud-based Testing || Intermediate || Feb 2012 || [[Austin|Austin]]
|-valign="top"

|Example (include link) || Fill in your comments || Novice/Intermediate/Expert || Mon Year || Chapter
|}

[[Category:OWASP Education Project]]
[[Category:OWASP Presentations]]
[[Category:Chapter Resources]]

Category:OWASP Education Project

2012-05-11T13:08:15Z

Briechenstein Software Studio:

Category:OWASP Education Project

2012-05-11T13:06:14Z

Briechenstein Software Studio:

Summit 2011 Attendee Bios

2012-05-10T18:53:52Z

Briechenstein Software Studio:

{{CompactTOC}}



[[Summit_2011_Attendee | '''Back to Attendee List''']] | [[Summit_2011 | '''Back to main Summit 2011 page''']]

''Add'' a bio using the ''page'' edit link; ''change'' a bio using the ''section'' edit link.

== Adamski, Lucas ==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:Adamski,_Lucas.png|150px]]</div><div style=“text-align:justify”>Lucas Adamski heads up the product security team at Mozilla, works on security architecture and features, and generally tries to make the Internet a happier and safer place. Previously, Lucas was a Security Architect at Adobe focused on Flash Player and AIR. He also worked at @stake and developed security managed services software at Breakwater Security.
</div><br clear="all">

== Agarwal, Anurag ==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:Agarwal,_Anurag.png|150px]]</div><div style=“text-align:justify”>Anurag Agarwal, the founder of MyAppSecurity, has proven record in providing customers with solutions related to security risk management. Anurag is a former Director of Education Services at WhiteHat Security and has over 15 years of experience designing, developing, managing and securing web applications with companies like Citigroup, Cisco, HSBC Bank, and GE Medical Systems to name a few. He is an active contributor to the web application security field and has written several articles on secure design and coding for online magazines. A frequent speaker on web application security at various conferences, Anurag is actively involved with organizations such as the WASC (Web Application Security Consortium) and OWASP (Open Web Application Security Project). He started the project on Web Application Security Scanner Evaluation Criteria and is currently a project leader for OWASP developer’s guide and OWASP Common Vulnerability List.
</div><br clear="all">

== Aguilera, Vicente ==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:Aguilera,_Vicente.png|150px]]</div><div style=“text-align:justify”>Born in Badalona (Spain), Vicente is the OWASP Spain Chapter Leader, co-founder of Internet Security Auditors and member of the Technical Advisory Board in the RedSeguridad magazine. He is an enthusiastic of the application security, a regular speaker at industry conferences and has published several articles and vulnerabilities in specialized media.
</div><br clear="all">

== Agustini, Alexandre ==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:Agustini,_Alexandre.png|150px]]</div><div style=“text-align:justify”>I am senior lecturer and currently academic coordinator
of Informatics Faculty at the Catholic University of Rio Grande do Sul (PUCRS). I have a Ph.D. in Computer Science from Universidade Nova de Lisboa (2006) and my primary research interest is in Natural Language Processing, acting on the following topics: text mining, machine learning, syntactic and semantic analysis of natural language.

</div><br clear="all">

== Akhmad, Zaki ==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:Akhmad,_Zaki.png|150px]]</div><div style=“text-align:justify”>Born in Jakarta, Indonesia, 1982, Zaki holds a master degree from
Bandung Institute of Technology, Indonesia, with major Electrical
Engineering. Currently he works at indocisc, a small consultant
company focus on information security, as a Junior Security Analyst.
On professional certification, he had passed the CISA exam which he took on June 2010. He has lead the OWASP Indonesia Chapter since December 2008. The first translation project completed by OWASP Indonesia Chapter team is the Top 10 OWASP 2010. He enjoys very much working on information security industry. On the leisure time, Zaki loves reading, writing, listening to music and for some time taking photos. He also enjoy sports, especially running and swimming. He can be contact at za at owasp dot org.

</div><br clear="all">

== Alamri, Lorna ==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:Alamri,_Lorna.png|150px]]</div><div style=“text-align:justify”>Lorna is a consultant at a large financial institution and resides in Minneapolis, Minnesota, USA. She is Vice President of the Minneapolis OWASP Chapter, a member of the Global Industry Committee, Editor of the OWASP Newsletter, and a member of the Summit Planning Committee.
</div><br clear="all">

== AlBasha, Talal ==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:AlBasha,_Talal.png|150px]]</div><div style=“text-align:justify”>Application Development Management, Application Security Consultation (GWAPT Certified)
Alremh company at ICT Incubator
Product Manager at Innovaive Solutions

Riyadh,Saudi Arabia
OWASP Involvement: Syria Chapter Leader
Past
• Presenter for Internet Security at ITDigest
• Senior Developer at King Faisal Specialist Hospital
• Senior Developer at KFSHRC
Education
• Damascus University
• SANS
Summary
Portal Development with J2EE technology
IBM Websphere portal server, application server (with clustering)
Bea Weblogic
SMS, MMS and Mobile Banking projects
Application Security (SANS GIAC standards, OWASP standards, (ISC)2 CSSLP standards)
GWAPT Certified

Specialties:
J2EE, Websphere clustering, Weblogic, JBoss, Struts, JSF
SMS, MMS, Mobile Banking
SMS Gateway
Application Security

</div><br clear="all">

== Angal, Rajeev ==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:Angal,_Rajeev.png|150px]]</div><div style=“text-align:justify”>Rajeev currently works as an Architect at Oracle (Sun Microsystems) and lives in the San Francisco Bay Area, California, USA.
Past
• Founder & VP Engineering at Intellifabric Inc
• Director of Technology at Infospace Inc
• Architect, Portal Server at SUN Microsystems
Education
• University of California, Santa Cruz
• IIT Delhi
• Delhi Public School - R. K. Puram

</div><br clear="all">

== Aniceto, Alexandre ==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:Aniceto,_Alexandre.png|150px]]</div><div style=“text-align:justify”>Information Security Consultant, CISSP, CISM, CISA, ISO27001/LA
Partner at Willway, S.A.; Lisbon Area, Portugal
Past
Senior Security Consultant at Glintt
Security Advisor at Archeocelis, Lda
Security & Systems Engineer at Nokia Siemens Networks
Education
Royal Holloway, U. of London ,
(ISC)² , ISACA - Information Systems Audit and Control Association
Specialties:
Information Security Management
Security Architecture Design & Implementation
Auditing and Regulatory Compliance

</div><br clear="all">

== Aryavalli, Gandhi ==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:Aryavalli,_Gandhi.png|150px]]</div><div style=“text-align:justify”>Having Honors in Engineering (CS & Mech. Engg.) enriched by MBA (finance), have been working in Information Security space for the last 10+ years in the fields of Application Security, State Assessment, Data cum Network Security, Security Governance and Compliance areas. Currently part of McAfee family for the last 5+ years, providing technical expertise and support in the performance of architecture and application risk assessments for IT developed applications and third party solutions, review of applications for security vulnerabilities, perform penetration tests and enforcing Secure QA cum Coding practices. Key achievements include providing technical support to Department of Defence to install a Common Criteria lab in India for the first time, and established Vulnerability Accessment Center as per SSE-CMM Guidelines. Providing organisation wide trainings and conducting secure code reviews, as a Secure Core Team member of McAfee. Has played a key role in Application security in various CMM companies like Microsoft (v-id), Mahindra BT..etc.
</div><br clear="all">

== Barbato, L. Gustavo C. ==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:Barbato,_L._Gustavo_C..png|150px]]</div><div style=“text-align:justify”>Gustavo is Ph.D. (application security) and M.Sc. (intrusion detection) in Information System Security as well as Bachelor in Computer Science. He has worked in security projects for the Brazilian Government for many years involving software programming, network and systems administration, computer and network security, application and network penetration testing, software security assessments, code review, malware analysis, intrusion detection, forensics analysis and others activities. During that time, he has also worked as security professor at college and postgraduate by teaching subjects about network and information security. In the beginning, he used to work as software developer and system administrator. However, the last years were dedicated to security consulting on areas aforesaid. Nowadays, he is the Technical Application Security Lead at Dell and Secure Programming Professor at UNISINOS University. As voluntary work, he is the Porto Alegre (Brazil) OWASP Chapter Founder/Leader and member of OWASP Global Chapter Committee.
</div><br clear="all">

== Barnett, Ryan ==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:Barnett,_Ryan.png|150px]]</div><div style=“text-align:justify”>Ryan Barnett is a Senior Security Researcher at Trustwave. He is a member of Trustwave's SpiderLabs -the advanced security team focused on penetration testing, incident response, and application security where he focuses on web application defensive research and serves as the ModSecurity web application firewall project lead. In addition to his work at Trustwave, Ryan is also a SANS Institute certified instructor and a member of both the Top 20 Vulnerabilities and CWE/SANS Top 25 Most Dangerous Programming Errors teams. He is also a Web Application Security Consortium (WASC) Member where he leads the Web Hacking Incidents Database (WHID) and Distributed Web Honeypots Projects, as well as, the OWASP ModSecurity Core Rule Set (CRS) project leader. Mr. Barnett has also authored a Web security book for Addison/Wesley Publishing entitled Preventing Web Attacks with Apache and is a frequent speaker at industry conferences such as Blackhat and OWASP.
</div><br clear="all">

==Baso, Sarah==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:Baso,_Sarah.png|150px]]</div><div style=“text-align:justify”>Sarah is a licensed attorney living in Minneapolis, Minnesota, USA. She currently works as a teacher for at risk youth (grades 5-8) at an after school and summer kids program, in addition to volunteering at an ESL school that provides English, computer, math, and citizenship classes to immigrants and refugees. Most recently, Sarah has been involved with OWASP, providing logistical support, travel planning and wiki foo for the Global Summit and serving as the secretary for the Global Industry Committee.
</div><br clear="all">

==Batista, Marco==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:Batista,_Marco.png|150px]]</div><div style=“text-align:justify”>Marco is a 26 year old from Portugal with a Network and Communications Engineer degree. He has worked for 2 years in Carrier Sales Support / Customer Premises Equipment (CPE) Broadband Access (xDSL, FTTH), and is currently taking a MSc in Information Security.
</div><br clear="all">

==Bergling, Mattias==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:Bergling,_Mattias.png|150px]]</div><div style=“text-align:justify”>Mattias Bergling works as a Senior Security Consultant at 2Secure in Stockholm, Sweden. Mattias has been working with IT security for 12 years and has been focusing on security testing for the last 8 years. Mattias is the co-leader for the Swedish OWASP chapter and was on the Organizing Committee for AppSec EU 2010.
</div><br clear="all">

==Bernik, Joe==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:Bernik,_Joe.png|150px]]</div><div style=“text-align:justify”>Mr. Bernik is the Chief Information Security Officer for Fifth Third Bank, responsible for protecting Fifth Third Bank and its clients’ information systems from risks. He is also responsible for defining and implementing Enterprise-wide information security strategies for the Bank.
Mr. Bernik has more than 16 years of experience as a risk professional. He has developed risk management practices, procedures and standards for several Fortune 100 companies including several global banking organizations.
Prior to his role at Fifth Third Bank, Mr. Bernik served in roles including Director of Operational Risk at the Royal Bank of Scotland and Chief Information Security Officer of ABN AMRO, and its subsidiary, LaSalle Bank.
Mr. Bernik received his bachelor’s degree from the University of Mary Washington in Fredericksburg, Virginia, and completed graduate work in business administration at the City University of New York.
Mr. Bernik currently serves as an advisor to the Federal Reserve on matters of information security and is on the steering committee of the Financial Services Sharing and Analysis Center (FS-ISAC).

</div><br clear="all">

==Biagiotti, Massimo==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:Biagiotti,_Massimo.png|150px]]</div><div style=“text-align:justify”>Project Manager and Business Developer of consulting activities for network and application security analyses concerning Ethical Hacking, Secure Software Development Lyfecycle, Security Processes, Risk Analyses and Business Impact Analyses. Since 2009 is also responsible of the Internship Program of Business-e.
</div><br clear="all">

==Bonver, Edward==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:Bonver,_Edward.png|150px]]</div><div style=“text-align:justify”>Edward Bonver is a principal software engineer on the product security team under the Office of the CTO at Symantec Corporation. In this capacity, Edward is responsible for working with software developers and quality assurance (QA) professionals across Symantec to continuously enhance the company’s software security practices through the adoption of methodologies, procedures and tools for secure coding and security testing. Within Symantec, Edward teaches secure coding and security testing classes for Symantec engineers, and also leads the company’s QA Security Task Force, which he founded. Prior to joining Symantec, Edward held software engineering and QA roles at Digital Equipment Corporation, Nbase and Zuma Networks. Edward is a Certified Information Systems Security Professional (CISSP) and a Certified Secure Software Lifecycle Professional (CSSLP). He holds a master’s degree in computer science from California State University, Northridge, and a bachelor’s degree in computer science from Rochester Institute of Technology. Edward is a Ph.D. student at NOVA Southeastern University.
</div><br clear="all">

==Booth, Rex==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:Booth,_Rex.png|150px]]</div><div style=“text-align:justify”>Rex is a Senior Manager in Grant Thornton’s Public Sector practice and leads their Cybersecurity Solution group. He has over ten years of experience providing application development, risk management and information security services to government agencies, private industry, and financial institutions.

Since joining Grant Thornton, Rex has led various information security and risk management engagements including FISMA, IV&V, SOX, and OMB A-123 engagements as well as identity management and system certification and accreditation efforts. During his tenure at previous employers, Rex designed and developed complex distributed web-based applications. As a member of a managed security services team performing research and development, he co-architected and implemented a scalable information detection and prevention information aggregation solution for use in a real-time 24/7 information security monitoring system, correlating and reporting on thousands of devices. He has presented on the topic of information security and assessment methodologies to various institutions and is currently a global committee member for the Open Web Application Security Project (OWASP).

</div><br clear="all">

==Brennan, Tom==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:Brennan,_Tom.png|150px]]</div><div style=“text-align:justify”>Brennan started with technology in 1986 when 8-bit and CP/M was cool <grin>. After a career ending injury with United States Marines Corps., during Gulf War I Era he has dedicated his life to information security. Was elected and served with the FBI Infragard program 2002-2004 and then founded the OWASP New Jersey Chapter that today includes NYC Metro. In 2007 Brennan was appointed by his application security peers to the OWASP Global Board of Directors. Tom was the managing partner of Proactive Risk that routinely assessed technology, people and process used in finance, e-commerce, oil/gas, power generation/transmission, water, and global enterprise networks before joining Trustwave Spiderlabs in 2011. A father of 4 great kids and is a frequent and entertaining speaker at information security conferences and bars around the world ;)
</div><br clear="all">

==Brewer, Deb==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:Brewer,_Deb.png|150px]]</div><div style=“text-align:justify”>LXstudios Inc., Owner/Director
Deb has provided branding, corporate identity and collateral design solutions to institutional and retail clients for over twenty years. On a Fine Arts Scholarship, she obtained a bachelor of Fine Arts in Graphic Design with a Minor in Professional Writing from Carnegie Mellon University in Pittsburgh, PA. She began her career as a Senior Designer in the Creative Services department at Thomson Financial in Boston, MA. After Thomson, Deb became a partner at Patric Ward Design in Boston, managing accounts such as Janus Institutional, Reebok, Standard & Poor’s, and Thomson Financial. In 1999, Deb opened LXstudios, providing branding, corporate identity, print collateral, advertising, web and event support to financial services, medical, technology, management consulting, mortgage/banking and retail clients.

</div><br clear="all">

==Bristow, Mark==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:Bristow,_Mark.png|150px]]</div><div style=“text-align:justify”>Mark Bristow works as an Industrial Control Systems (ICS/SCADA) Security consultant with Securicon LLC for a US Government client. Before getting involved with ICS, Mark was heavily involved in web application vulnerability research, penetration testing and building application security programs as a consultant with SRA International. Mark is an active member of the Open Web Application Security Project (OWASP) as Global Conferences Committee Chair, AppSec DC Organizer, and Co-Chair of the OWASP DC chapter.
</div><br clear="all">

==Brzozowski, Daniel==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:Brzozowski,_Daniel.png|150px]]</div><div style=“text-align:justify”>Daniel is a web security enthusiast with broad knowledge in web applications development and web security. He has been working in banking and financial industry for the last few years. He is doing his Masters Degree in Artificial Intelligence at Warsaw University of Technology. He is currently working on his final master’s thesis, whose title is “Web Application Penetration Tests”. Right now he is based in London, UK and works for a worldwide financial company. His interests covers all aspects of web security, web development and public speaking. In his free time he enjoys practicing Krav Maga, listening to music and following Web Security news.
</div><br clear="all">

==Buetler, Ivan==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:Buetler,_Ivan.png|150px]]</div><div style=“text-align:justify”>Founder and CEO, Compass Security AG (since 1999)
Founder of Swiss Cyber Storm Security Conference (since 2007)
Founder of Hacking-Lab community site / Alias E1 (since 2006)
Founder and board member of Cyber Tycoons foundation (since 2010)
Board member Information Security Society Swizerland ISSS (since 2010)
Member /ch/open foundation. After completing his degree in Electrical Engineering at the Technical College of Rapperswil focusing on computer science, control technology, electronics, energy engineering, and motion technology, Ivan Buetler worked for 2 years in St.Gallen at AGI Service, a company which provides services for banks. He provided plans for high-availability Unix and NT server systems including, among other things, a platform for the stock market and foreign exchange dealers based on Reuters, Bloomberg and FIMS (Telekurs). Afterwards, while working for 3r security engineering ag/Entrust Technologies, Ivan supported security consultants in technical matters, analysed clients' technical problems, local network and computer systems throughout Europe. This security work included penetration tests, security reviews, the development of secure architectures, Internet and Intranet security, as well as security solutions for e-Commerce. In particular, he was involved in the cross-certification of the Canadian Entrust PKI with Europe. During these activities he completed post-graduate studies at the Management School of St.Gallen/Zurich in Business Management.

</div><br clear="all">

==Calderon, Juan Carlos==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:Calderon,_Juan_Carlos.png|150px]]</div><div style=“text-align:justify”>Juan currently works as Application Security Research Leader/Sr Auditor at Softtek and lives in the Aguascalientes Area, Mexico. Prior to this he was a Project Leader at Softtek, as well as a Sr Application Security Auditor and Sr Web Developer at Soft tek. Juan also worked as a Web Application Security Specialist and Web Developmer at GE DDEMESIS and as the IT Manager at Gabatti. Juan received his education from the Instituto Tecnológico y de Estudios Superiores de Monterrey and the Instituto Tecnológico de Zacatecas. Juan Specializes in: Application Security, Security Source Code Review, Vulnerability assessments, security trends analysis, Penetration Testing, Secure SDLC, App
Sec consultancy.

</div><br clear="all">

==Campbell, David==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:Campbell,_David.png|150px]]</div><div style=“text-align:justify”>Founder and Principal Consultant, Electric Alchemy
DC has been immersed in technology since elementary school. Early experiences with Microsoft Flight Simulator on an 4.77MHz 8086 IBM got him interested in computers as well as aviation. Campbell went on to become a well respected figure in the information security community as well as a FAA certificated pilot.
DC joined Andersen Consulting after graduating from University and his aptitude for hacking quickly led him to the forefront of the Firm's then nascent information security practice. At Andersen, Campbell worked as a security architect for a series of high profile projects while simultaneously providing penetration testing expertise on short engagements all over the world.
Since founding EA Campbell has embraced application security and mobile security and continues to be involved in the community. DC leads the Denver chapter of the Open Web Application Security Project and organizes the successful annual FROC application security conferences.

</div><br clear="all">

==Casey, Larry==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>Director of IT, OWASP.
</div><br clear="all">

==Causey, Brad==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:Causey,_Brad.png|150px]]</div><div style=“text-align:justify”>Brad Causey is an active member of the security and forensics community
worldwide. Brad tends to focus his time on Web Application security as
it applies to global and enterprise arenas. He is currently employed at
a major international financial institution as a security analyst. Brad
is the President of the OWASP Alabama chapter, a member of the OWASP Global Projects Committee and a contributor to the OWASP Live CD. He is
also the President of the International Information Systems Forensics
Association chapter in Alabama. Brad is an avid author and writer with hundreds of publications and several books. Brad currently holds certifications in the following arenas: MCSA, MCDBA, MCSE, MCT, MCP, GBLC, GGSC100, C|EH, CIFI, CCNA,IT Project Management+, Security+, A+, Network+, CISSP, CGSP.

</div><br clear="all">

==Chalmers, Matthew==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:Chalmers,_Matthew.jpg|150px]]</div><div style=“text-align:justify”>Matthew Chalmers has been doing information security and related work his entire professional career, since earning his bachelor's degree from the Missouri University of Science & Technology. Matt has worked for large organizations in the defense, financial and manufacturing industries including the US Navy, the National Security Agency, JPMorgan Chase and, presently, Rockwell Automation. Matt currently performs risk, threat, control and vulnerability assessments; regulatory & policy/standard compliance audits; process improvement audits; and general & application control audits. Matt holds the CISA, GSNA, GCFA, CEH and CHS certifications and is ITIL v3 Foundation certified. Matt has been involved with OWASP since about 2002 and can be reached at matthew dot chalmers at owasp dot org.
</div><br clear="all">

==Chandra, Pravir==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”> Pravir Chandra is Director of Strategic Services at Fortify where he leads software security assurance programs for Fortune 500 clients in a variety of verticals. He is responsible for standing up the most comprehensive and measurably effective programs in existence today. Creator and leader of the Open Software Assurance Maturity Model (OpenSAMM) project, Pravir also works extensively with OWASP and on other open projects to promote effective application security practices. As a thought leader in the security field for over 10 years, Pravir has written many articles, whitepapers, and books and is routinely invited to speak at businesses and conferences world-wide.
</div><br clear="all">

==Cheng, Steven==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>Steven Cheng is currently the product manager for CodeSecure at Armorize Technologies, Inc. He has been with the company for more than five years spanning early from the development phase to current product management role. His job primarily involves requirement gathering and specification design. Recently the focus also shifted into development process in order to have better control of release schedule.

In the past year Steven had led the CodeSecure team to undergo a major product transformation in terms of distribution method from appliance to pure software based, and complete UI redesign. The beta version is now available for download and final release date is scheduled
on 4th March.

</div><br clear="all">

==Clarke, Justin==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>Justin is a Director and Co-Founder of Gotham Digital Science, based in London. Justin has extensive international risk management, security and secure development consulting and testing experience in the United Kingdom, United States and New Zealand. He is the lead author/technical editor of "SQL Injection Attacks and Defenses" (Syngress), co-author of "Network Security Tools" (O'Reilly), and a contributor to "Network Security Assessment, 2nd Edition" (O’Reilly), as well as a speaker at various security conferences and events such as Black Hat, EuSecWest, ISACA, BruCON, OWASP, OSCON, RSA and SANS. Currently Chapter leader of the OWASP London chapter, and a member of the OWASP Connections Committee, he has a Bachelors degree in Computer Science from the University of Canterbury in New Zealand. He’s also a CISSP, CISM, CISA, CEH, and still has his MCSE if you have a Windows NT 4.0/Exchange 5.5 network.
</div><br clear="all">

==Coates, Michael==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>Michael Coates has extensive experience in application security, security code review and penetration assessments. He has conducted numerous security assessments for financial, enterprise and cellular customers worldwide. Michael holds a master's degree in Computer Security from DePaul University and a bachelor's degree in Computer Science from the University of Illinois.
Michael is the creator and leader of the AppSensor project and a contributor to the 2010 OWASP Top 10. He is a frequent speaker at OWASP security conferences in the US and Europe and has also spoken at the Chicago Thotcon conference and provided security training at BlackHat.
As the web security lead at Mozilla, Michael protects web applications used by millions of users each day.

</div><br clear="all">

==Coimbra, Paulo==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”> Paulo has begun working for OWASP in July 2007 assuming the Spring of Code closing process. In the beginning of 2008, he has become OWASP part-time employee assuming the role of Project Manager. After completing his IELTS course, his status has changed again when in July 2008 he moved into a full-time position. He answers directly to the OWASP Board and has been working closely with the OWASP Global Projects Committee since it has been institutionalized in November 2008.
A few of his OWASP’s heterogeneous contributions are as follows:
• OWASP Spring of Code 2007,
• OWASP Summer of Code 2008,
• OWASP EU Summit 2008,
• OWASP Assessment Criteria 1.0 & 2.0,
• OWASP 'Project About' Templates,
• OWASP Projects Dashboard,
• OWASP Project Reviewers Database,
• OWASP Training.
Paulo Coimbra has a M.S. in Management (Technical University of Lisbon), a Post-Graduation in Political Science (University of Lisbon), and a B.S. in Management and Social Development (Portuguese Catholic University).
He has worked in management since 1992. He has performed different roles, from Economist (IAPMEI/Portuguese Ministry of Economy) to Teacher of Finances, Accountancy and M&A (Polytechnic Institutes of Setúbal and Santarém), to Marketing Director and Teacher of Project Finance, Corporate Communication and Political Science (Piaget Institute).

</div><br clear="all">

==Cornell, Dan==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>Dan Cornell has over twelve years of experience architecting and developing web-based software systems. He leads Denim Group's security research team in investigating the application of secure coding and development techniques to improve web-based software development methodologies. Dan was the founding coordinator and chairman for the Java Users Group of San Antonio (JUGSA) and currently serves as the OWASP San Antonio chapter leader, member of the OWASP Global Membership Committee and co-lead of the OWASP Open Review Project. Dan has spoken at such international conferences as ROOTs in Norway and OWASP EU Summit in Portugal.
</div><br clear="all">

==Corry, Bil==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>Information Security Engineer at PayPal
I have extensive experience in information security, information technology and web application development. I bring integrity and accountability to all of my projects. Beyond my technical skills, I also have experience managing people and resources, budgeting, metrics, legal issues, strategic planning, and public speaking.

Information Security: access controls, disaster recovery, network security, web application security, HIPAA, PCI, application lifecycle, penetration testing, auditing, security research and more.
Information Technology: server administration, hardware/software installation/configuration, help desk/technical support, product evaluation, and more.
Web Application Development: entire development cycle, from design to implementation to quality assurance to deployment.
Specialties: Contributor to HTML5 (http://www.whatwg.org/specs/web-apps/current-work/multipage/acknowledgements.html#acknowledgements)
Contributor to WASC Threat Classification v2 (http://projects.webappsec.org/Threat-Classification-Authors)

</div><br clear="all">

==Cruz, Dinis==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>Dinis Cruz is a Security Consultant based in London (UK) and specialized in: ASP.NET/J2EE Application Security, Application Security audits and .NET Security Curriculum Development.
For the past couple years Dinis has focused on the field of Static Source Code Analysis and Dynamic Website Assessments (aka penetration testing), and is the main developer of the OWASP O2 Platform which is an Open Source project that is focused on 'Automating Security Consultants Knowledge/Workflows' and 'Allowing non-security experts to access and consume Security Knowledge'. Dinis is currently focused on making the O2 Platform the industry standard for consuming, instrumenting and data-sharing between: the multiple WebAppSec tools, the Security consultants and the final users (from management to developers). Past industry experience include: running a small Software/Consultancy business, acting as CTO for a Portuguese University, being part of a Security Assessment team (Pentesting and Source Code Assessment) for a global Bank (ABN AMRO), taking the role of Directory of Advanced Technologies at Ounce Labs (acquired by IBM) performing Web Application security assessments on a large number of languages/technologies/frameworks and being a very active participant and enabler at OWASP.

</div><br clear="all">

==Cruz, Sarah==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>Sarah Cruz is an award winning graphic designer working in London for Lewis Moberly www.lewismoberly.com. She Is responsible for the design of such global icons as Glenmorangie whisky, Johnnie Walker director’s blend, Sport England, and the new Gatwick Airport identity. She designed the OWASP Summit '08, and the OWASP Summit 2011 identity. In 2008 she founded the charity Abundance London www.abundancelondon.com, which works with school groups to harvest surplus local fruit from city gardens and parks, and supplies it to local restaurants. English by birth, she grew up in the US. Sarah went to Choate and has a BA (hons) from Carnegie Mellon University. She can speak a bit of Portuguese. Sarah has two daughters 7 and 5 with husband Dinis Cruz.
</div><br clear="all">

==Dawson, Isaac==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>I am interested in all forms of application/network security. I mainly
enjoy trying to think of unique ways of breaking applications from a
business logic stand point.
I have published the following papers:
• Blind Buffer Overflows in ISAPI extensions:
http://www.securityfocus.com/infocus/1819 - This article was released
on the main page of the leading security news and information site,
Security Focus in January 2005.
• The Benefits of Combining Automated and Manual Penetration Testing
(Japanese Only): https://www4.symantec.com/Vrt/offer?_requestid=22090&a_id=42747 – This
white paper was written to aid our sales team in educating our customers as to the benefits of combining manual testing with automated tools. I felt that the Japanese market relied too heavily on tool based analysis so the paper was written to show what automated tools cannot find.
Specialties: application assessments, network assessments, some reverse engineering

</div><br clear="all">

==De Win, Bart==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>Bart is a security enthusiast with an extensive academic background. He is a master in Computer Science. Afterwards, he has spent over a decade researching and improving techniques for the analysis and development of secure software, among others in the context of his Ph.D. He authored more than 60 articles published in international journals or conferences. He is specialized in methodological and constructive software security techniques, with a specific focus on application security. Because of his background, he has an in-depth knowledge of the state-of-the-art in the area. Bart currently works as a security consultant in the domain of application security. He works on a daily basis on application assessments and on helping customers improving their software security practices. Bart is one of the OWASP chapter leaders of the Belgian OWASP chapter. He co-organizes the OWASP BeNeLux events.
</div><br clear="all">

==Deleersnyder, Seba==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>Sebastien Deleersnyder (Seba), Managing Technical Consultant SAIT Zenitel. Starting up the ICT Security bussines line for SAIT Zenitel BeNeLux-France (www.saitzenitel.com). I started the Belgian OWASP Chapter in 2005, have started the OWASP Education project and participate in the global chapters committee and the Board of the OWASP Foundation. I co-organize the yearly security & hacker BruCON conference and trainings in Brussels (www.brucon.org). As security project leader and information security officer for multiple customers I have build up extensive experience in Information Security related disciplines, both at strategic and tactical level. I specialise in (Web) Application Security, combining both my broad development and information security experience.
</div><br clear="all">

==DiPaola, Stefano==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>Stefano Di Paola is the CTO and a cofounder of Minded Security, where he is responsible for Research and Development Lab. Prior to founding Minded Security, Stefano was a freelance security consultant, working for several private and public companies. He also worked in collaboration with University of Florence at the Faculty of Computer Engineering. Stefano is recognized as one of the top application security researchers. In the past years he released several advisories including the ones that are not publicly disclosed but patched and several open source tools. He has also contributed to OWASP testing guide and is also the Research & Development Director of OWASP Italian Chapter.
</div><br clear="all">

==Donovan, Fred==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>Fred is an application security researcher and the founder of Attack Logic, a U.S. based AppSec consultancy. He spent 3 years as a private researcher on campus at UNL’s Technology Park in the field of InfoSec and for the past 11 years has provided executive level IT services to public and private organizations. Application Security has been his exclusive focus for the past seven with a general focus on information warfare and the uses of counter intelligence for purposes of corporate defense. He is a regular guest lecturer and speaker at Universities, Conferences, and professional organizations. Mr. Donovan is alumni of the University of Missouri -- Columbia (Mizzou) and the American Military University (AMU).
</div><br clear="all">

==Durkee, Ralph==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>Ralph Durkee, CISSP, GSEC, GCIH, GSNA, GCIA, GPEN is the principal security consultant and president of Durkee Consulting, Inc since 1996. Ralph founded the OWASP Rochester, NY chapter since 2004 and currently serves as a member of the OWASP Global Conferences Committee. Ralph also serves as president of the Rochester ISSA Chapter and chairs the annual Rochester Security Summit. He performs a variety of security audits and software security assessments and software development consultations for clients in the Rochester, NY area. His expertise in penetration testing, incident handling, secure software development and secure Internet and web applications is based on over 30 years of both hands-on and technical training experience. He has developed and taught a wide variety of professional security seminars including custom web application security training, and SANS SEC401 & SEC504 - Hacker Techniques and Incident Handling and CISSP bootcamp courses since 2004. Ralph regularly leads development of a wide variety of security standards such as application security, database encryption and security consulting for compliance with the Payment Card Industry Data Security Standard.
</div><br clear="all">

==Dworakowski, Wojciech==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>I am co-founder and Director at SecuRing - company specializing in security testing services, based in Krakow, Poland. During last 8 years at SecuRing, I was managing many projects in domain of security testing for leading financial companies and public organizations. Considering OWASP,
I am especially interested in:
• Security testing management.
• ASVS.
• OWASP Testing Guide, etc.
• Risk assessment vs. (web) applications.
• Security development lifecycle (OpenSAMM).
• Penetration testing & code review.
• Frameworks security.
OWASP Poland board member. ISMS Lead Auditor / BS7799 certified.

</div><br clear="all">

==Elias, Wagner==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>http://wagnerelias.com/ Sao Paulo Brazil
Certifications:
CBCP - Certified Business Continuity Professional
SANS GIAC GHTQ
CobiT Foundation
ITIL Foundation
Specialties
• Application Security
• Penetration Test
• BCMS (Business Continuity Management System)
• DRP (Disaster Recovery Plan)
• ISMS (Information Security Management System)
• DMS (Data Management System)
• Risk Analysis & Mitigation
• Pre-Sales & Customer Interface
• Risk-Critical Solution Design & Deployment
• Public Speaking & Writing Talents

</div><br clear="all">

==Eng,Chris==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>Chris Eng is Senior Director of Research at Veracode, where he helps define and implement the security analysis capabilities of Veracode’s service offerings. He has over 12 years of experience in information security, including senior technical positions at Symantec and @stake, where he specialized in software security assessments, penetration testing, reverse engineering, and vulnerability research while also leading the development of @stake’s WebProxy product. During this time, he advised numerous Fortune 100 companies on software security and served as a global leader for Symantec’s Attack and Penetration Center of Excellence. He began his career with the US Department of Defense working on a variety of offensive-minded infosec projects.
Chris speaks regularly at top information security conferences including BlackHat, OWASP, and RSA, discussing topics such as cryptographic attacks, application security metrics, secure coding, and the SDLC. He also serves on the advisory board for the SOURCE Boston and SOURCE Barcelona security conferences. Along with experts from more than 30 US and international cyber security organizations, he helped develop the CWE/SANS Top 25 Most Dangerous Programming Errors.

</div><br clear="all">

==Evans, Arian==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>Arian Evans is the VP of Operations at WhiteHat Security. In this role, Arian leads a team of application security engineers integral to delivering the WhiteHat Sentinel SaaS-based website vulnerability management service, currently assessing over 3000 production websites around the globe, primarily in e-commerce, financial services and healthcare verticals, and including many Fortune 500 companies. Arian's team also verifies all vulnerabilities identified by WhiteHat Sentinel, a unique feature of the service.
Arian has worked at the forefront of Web application security for more than 10 years. His global projects include work with the Center for InternetSecurity, NIST, the FBI, the Secret Service, and many large commercial organizations in analyzing Web application security and providing hacking incident-response. Arian also researches and discloses new attack techniques and vulnerabilities in Web application software including commercial platforms like Cisco and Nokia.
Previously, Arian led the Application Security Practice at FishNet Security, working with Fortune 500 clients and delivering software security services globally.
Arian is a frequent speaker at industry conferences including Black Hat, Hacker Halted, OWASP, RSA, and WASC events, and was also a contributing author for "Hacking Exposed: Web Applications."

</div><br clear="all">

==Falkenberg, Andreas==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>Student at the Chair for Network and Data Security, Ruhr University Bochum Germany.
Research interests include:
- Web Service Security
- Web Service Attacks
- XSS

</div><br clear="all">

==Fazli Azran, Mohd==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>Mohd Fazli Azran was OSS evangelist and are active use OSS from 1996. Join many OSS community and spread about OSS to public. Work as System Administrator almost 10 years and believe on OSS spirit "Sharing is Caring". Now move into Open Source Security for make awareness to public what is OSS security can do for community. Currently was Fedora Ambassador & openSUSE Ambassador. He also was CyberSafe Ambassador for Security Awareness by CyberSecurity Malaysia. He also was Secretariat for Open Source Developer Club Malaysia (OSDCMY) that organized Malaysia Open Source Conference (MOSC). Now active being OWASP Malaysia Chapter Leader.
</div><br clear="all">

==Fedon, Giorgio==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>Giorgio Fedon is the COO and a cofounder of Minded Security, where he is responsible for running daily operations of the company and managing Professional Services. Prior to founding Minded Security, Giorgio was employed as senior security consultant and penetration tester at Emaze Networks S.p.a., delivered code auditing, Forensic and Log analysis, Malware Analysis and complex Penetration Testing services to some of the most important Companies as Banks and Public Agencies in Italy. He participated as speaker in many national and international events talking mainly about web security and malware obfuscation techniques. He was also employed at IBM System & Technology Group in Dublin (Ireland).
</div><br clear="all">

==Ferraz, Felipe==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>Felipe Ferraz is PhD candidate, has a Master Degree and Post Graduation on Software Engineering with emphasis on: Software Engineering, system architectures and Information Security. Worked with computer system for the last 8 years, experience in design and develop applications both web and mobile, specially with J2ME and Android Technologies. Has been Teaching Software Security Engineering on CESAR.EDU and FBV.
</div><br clear="all">

==Ferreira, Lucas C.==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>Lucas has been a security professional for more than 15 years. He began working on network security and then security management. As he has several developers in the family, he got interested in secure development techniques. In 2008, he answer a Call for Trainings to be delivered at the first OWASP Summit and got the opportunity to go to Portugal and to know OWASP and its leaders. In 2009 he managed to put together the first AppSec Conference in South America and did it again in 2010. He is now more involved in OWASP than ever, having a seat at the Global Conferences Committee, leading the OWASP local chapter in Brasilia, DF, Brazil and leading the newborn OWASP Portuguese Project.
</div><br clear="all">

==Fette, Ian==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>Product Manager on the Google Chrome team. Responsible for ensuring
the APIs we add to Google Chrome and to web standards provide a
coherent development platform that meets the needs of Google's
application developers and web developers at large. Experience
managing large globally distributed products, currently managing a
group split between N. America, Europe, and Asia.
Engineer with the U.S. Government, working on large highly available
database applications, with security clearance.
Specialties: Product management, web standards, contract negotiations, security, phishing, malware

</div><br clear="all">

==Fitzgerald, Alexis==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>"I spent many years on the development side of the fence working on both thick client and web-based applications. That was mainly in the financial sector in Ireland and Switzerland. In the early noughties somebody asked me if I had heard of this thing called "SQL Injection". That was when I began the transition from poacher to gamekeeper, working on the security end of things. I continue to do a good deal of development.

My first contact with OWASP was the AppSec Europe conference at Royal Holloway outside of London in 2005. Since then I have mainly been a consumer of OWASP resources, apart from giving a few talks at various chapter meetings. My goal with OWASP is to help development teams build "enough" security into their projects and to raise general awareness about OWASP and application security. That is why I believe that outreach and education type initiatives must be key aspects in the future direction of OWASP."

</div><br clear="all">

==Fitzhugh, Justin==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>Justin Fitzhugh is the VP of Engineering Operations for the Mozilla
Corporation. He's responsible for all Mozilla’s production and
corporate infrastructure, including serving the Firefox product to
more than 150 million users. In addition to Firefox distribution, his
team designs, implements and supports the infrastructure for one of
the largest open source organizations in the world. Prior to Mozilla,
Justin managed Macromedia’s global datacenter environment. He spends his spare time as an avid pilot, snowboarder and father in the Bay Area.

</div><br clear="all">

==Flores, Mauro==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>I start working on security stuff at the age of 18 disassembling viruses
and helping to develop AV technologies. After that I work as a developer
for companies related to the financial industry where I help to develop
credit card related applications, home bankings and stuff like that.
Then I move to the administration phase of my life where I work as a
security network administrator for the main TMT company of my country.
At the same time I did security research and develop for companies on
the United Kingdom and Brasil.
Now I work as a security consultant in Deloitte Uruguay.

</div><br clear="all">

==Fontes, Antonio==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>A.F. has over 10 years experience in the field of software development
and risk management with private organizations. Member of the OWASP
Switzerland board, he leads the Geneva chapter and contributes in
several reference software security projects such as the "CWE Top 25
most dangerous programing errors."
Antonio currently works at L7 Sécurité, a swiss security & risk
consultancy company he founded in 2010. His work strongly emphasizes
on helping organizations better understand Internet threats and manage
their risks

</div><br clear="all">

==Fort, Julio Cesar==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>As you can see, my name is Julio Cesar Fort, 24, yet another guy living in Recife, Pernambuco, a very beautiful state located in northeast of Brazil. Currently I am an undergraduate student of Computer Engineering at CIn/UFPE (Pernambuco Federal University) and former undergraduate student in Mechanics Engineering at the same university. I also have a parallel activity as self-proclaimed (haha) editor-in-chief of The Bug! Magazine, the only active hacking-related e-zine in Brazil nowadays. By the second half of 2005 and early 2006 I was a schoolarship holder of CNPq and acted as intern at C.E.S.A.R. learning secure coding techniques in C. I confess I had a great time there but I could have learned much more. After my time in C.E.S.A.R. was over, I worked, also as intern, in coadmin team at Tempest Technologies, a very nice market-leading company Brazilian information security industry. Tempest was nice because, it doesn't sell fear and lies like other companies that make this industry so filthy. I asked to leave the company because I had no time to study and my grades were dropping as hell. By the way, Recife is also a brazilian technological pole. Cases like Porto Digital and C.E.S.A.R. are the living proof of it. Because of these initiactives we have now based in Recife major companies such as Motorola, Intel, Samsung, LG Electronics, Nokia research institute and even Microsoft.
</div><br clear="all">

==Fortuna, Pedro==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>He is a co-founder and CTO of AuditMark where he coordinates the R&D. AuditMark is a web-security start-up focused on two main areas: web traffic auditing and website protection. AuditMark already launched a Javascript obfuscation service called JScrambler.
Holds a degree in Computing Engineering and a MSc in Computer Networks. Extensive knowledge and professional experience in R&D projects and software development, both at academic and industrial levels. Teached at the Faculty of Engineering of the University of Porto, and also gave training in computer security. Currently, teaches Networks and Computer Security at the Engineering School of the Polytechnic Institute of Porto. He is also a member of INESC Porto L.A., a National R&D Laboratory, where he is working towards his PhD.

</div><br clear="all">

==Frosch,Tilman==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>Tilman Frosch works as a researcher for the Horst Görtz Institute for IT-Security at Ruhr University Bochum, Germany. He is interested in everything that leverages the browser to compromise the system. In his spare time he stares at passive-DNS data and Ruby code. In the time left he creates noises from various instruments or spends said time outdoors.
</div><br clear="all">

==Galvao, Pedro==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>I have a five years degree in Information System and Computer Engineering (IST - Technical University of Lisbon), being a Oracle OCP (Oracle Certified Professional), about 7 years of experience as Oracle DBA and about 14 years of IT experience. Besides this, through my professional career, I had been in several roles such as Trainer, Systems Administrator, Project Manager, and as a Programmer.
</div><br clear="all">

==Gao, Helen==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>Helen Gao has worked in the field of information security since 1991. She has worked as an application developer, manager as well as a software architect. Her employment history includes a financial institution, a market research company, a high-tech device manufacturer and a software company. Helen is a senior architect in TIBCO Software Inc. Her job duties include designing and developing complex event processing software. Protect information security in such systems is challenging because of their strict performance requirements in terms of high event throughput and low processing latency. Helen welcomes the challenge and uses the knowledge she obtained from OWASP to manage the life cycle of projects. |Helen has taught math, physics and computer science in colleges in both United States and China. Helen graduated from Sun Yat-sen University in China. She continued her studies of physics and computer science after she came to the United States. Helen has masters degrees in both physics and computer science. Helen founded the Long Island OWASP chapter in 2006. Besides volunteering for OWASP, she serves as the president of Sun Yat-sun University Alumni Association. Helen helped found the Long Island Chinese School.
</div><br clear="all">

==Garrancho, Bruno==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>Information security professional with global experience in diverse environments. I hold a Msc in Information Technology - Information Security by Carnegie Mellon University. I’m currently the Security Practice Leader of Professinal Services & Innovation for Logica Iberia.
</div><br clear="all">

==Garg, Vishal==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>Vishal Garg is the Founder and Principal Security Consultant for AppSecure Labs Limited, a UK based company offering application security and penetration testing services. He specialises in conducting network and application security reviews, design reviews, and vulnerability research and analysis for web-based applications, cloud-based systems and COTS applications. In his 12-year career, he has offered software development and expert security advice to several recognised Fortune 500 and FTSE 100 companies including international financial institutions, retailers and multinationals. He has a masters degree in Information Security from Royal Holloway, University of London and is a Certified Information Systems Security Professional (CISSP) and a Certified Information Systems Auditor (CISA) and currently the project leader for the OWASP Development Guide.
</div><br clear="all">

==Gomes, Leandro Resende==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>Leandro Resende Gomes lives in Brasília, capital of Brazil. He works at SERPRO, Brazilian Federal Data Processing Service, organization that creates and maintains huge computer systems for critical public companies. Leandro works on a security development group, responsible to address corporative security aspects during the SDLC. This group was created in 2006, and they discovered OWASP on that same year. The main contribution to OWASP was the translation of ASVS and QuickRef Guide. The work of this group includes the dissemination of technical orientation, source code analysis and pen testing coordination and definition of security components/frameworks to be adopted.
The last events Leandro participated was BlackHat 2009 conference in Las Vegas, OWASP AppSec 2009 and ICCyber 2010, Brazil. He wrote an article about "Securing web applications with fuzzing tests" for a SERPRO internal conference.

</div><br clear="all">

==Gondrom,Tobias==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>Tobias Gondrom is Managing Director of an IT Security & Risk Management Advisory based in the United Kingdom and Germany. He has twelve years of experience in software development, application security, cryptography, electronic signatures and global standardisation organisations working for independent software vendors and large global corporations in the financial, technology and government sector, in America, EMEA and APAC. As the Global Head of the Security Team at Open Text (2005-2007) and from 2000-2004 as the lead of the Security Task Force at IXOS Software AG, he was responsible for security, risk and incident management and introduced and implemented a secure SDLC used globally by development departments in the US, Canada, UK, Germany, and India.
Since 2003 he is the chair of the IETF working group „LTANS“ in the security area, member of the IETF security directorate, and since 2010 chair of the web security WG at the IETF, and a former chapter lead of the German OWASP chapter from 2007 to 2008. Tobias is the author of the international standard RFC 4998 (Evidence Record Syntax) and co-author and contributor to a number of internet standards and papers on security and electronic signatures, as well as the co-author of the book „Secure Electronic Archiving“ (ISBN 3-87081-427-6), and frequent presenter at conferences and publication of articles (e.g. ISSE, Moderner Staat, IETF, VOI-booklet “Electronic Signature“, iX).

</div><br clear="all">

==Greene,Collin==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>Security Engineer at Facebook. Development. Security. Security Development.
Recently focusing on building static and dynamic analysis tools and getting them used within an organization.

</div><br clear="all">

==Hansen, Robert==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>Communications and Cable & Wireless in varying roles from Sr. Security Architect and eventually product managing many of the managed security services product lines. He also worked at eBay as a Sr. Global Product Manager of Trust and Safety, focusing on anti-phishing, anti-DHTML malware and anti-virus strategies. Later he worked as a director of product management for Realtor.com. Robert sits on the advisory board for the Intrepidus Group, previously sat on the technical advisory board of ClickForensics and currently contributes to the security strategy of several startup companies.
Mr. Hansen wrote Detecting Malice authors content on O'Reilly and co-authored "XSS Exploits" by Syngress publishing. He sits on the NIST.gov Software Assurance Metrics and Tool Evaluation group focusing on web application security scanners and the Web Application Security Scanners Evaluation Criteria (WASC-WASSEC) group. He also has briefed the DoD at the Pentagon and speaks at SourceBoston, Secure360, GFIRST/US-CERT, CSI, Toorcon, APWG, ISSA, TRISC, World OWASP/WASC conferences, SANS, Microsoft's Bluehat, Blackhat, DefCon, SecTor, BSides, Networld+Interop, and has been the keynote speaker at the New York Cyber Security Conference, NITES, OWASP Appsec Asia and OWASP Appsec Brazil. Mr. Hansen is a member of Infragard, West Austin Rotary, WASC, IACSP, APWG, contributed to the OWASP 2.0 guide and is on the OWASP Connections Committee.

</div><br clear="all">

==Hartmann, Kate==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>Operations Director at OWASP
</div><br clear="all">

==Heiderich, Mario==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>Mario Heiderich works as a researcher for the Ruhr-University in Bochum, Germany and currently focuses on HTML5, SVG security and security implications of the ES5 specification draft. Mario invoked the HTML5 security cheat-sheet and maintains the PHPIDS filter rules. In his spare time he delivers trainings and security consultancy for larger German and international companies. He is also one of the co-authors of Web Application Obfuscation: '-/WAFs..Evasion..Filters//alert(/Obfuscation/)-' – a book on how an attacker would bypass different types of security controls including IDS/IPS.
</div><br clear="all">

==Heyes, Gareth==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>Gareth "Gaz" Heyes calls himself Chief Conspiracy theorist and is affiliated with Microsoft. He is the designer and developer behind JSReg – a Javascript sandbox which converts code using regular expressions; HTMLReg & CSSReg – converters of malicious HTML/CSS into a safe form of HTML. He is also one of the co-authors of Web Application Obfuscation: '-/WAFs..Evasion..Filters//alert(/Obfuscation/)-' – a book on how an attacker would bypass different types of security controls including IDS/IPS.
</div><br clear="all">

==Hinojosa, Kuai==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>Enter bio here.
</div><br clear="all">

==Hodges, Jeff==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>Jeff Hodges is a practicing Security Engineer and Protocol Architect, working at PayPal in the areas of web security, identity, and distributed infrastructure. His interests lie in the areas of web security as well as the nature of "online identity" and its realization via composition of authentication, security, directory, and other technologies.
He participates in various IETF working groups including those whose topics involve HTTP, TLS/SSL, and those that touch upon security/identity. He also participates in various other Internet-based fora, e.g. Internet Identity Workshop (IIW), OASIS (SSTC/SAML committee), Kantara, Identity Commons, etc.
In the recent past, he contributed to the Liberty Alliance effort as an editor and co-author of several of the Liberty ID-WSF and ID-FF protocol specifications. Earlier, he served as co-chair of the OASIS Security Services Technical Committee (SSTC/SAML), shepherding and contributing to the development of SAMLv1.0, as well as subsequently contributing to v1.1 and v2.0.
His prior work has included contributions to the design of the LDAPv3 directory access protocol (in the areas of authentication and security), as well as contributing to the design and deployment of Stanford University's SUNet ID and Registry/Directory infrastructure. He's held architecture, engineering, and management positions at NeuStar, Sun Microsystems, Oblix, Stanford University, and Xerox.

</div><br clear="all">

==Hoff, Jerry==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>Jerry Hoff is a Senior Application Security Engineer at Aspect Security. Jerry
has led and performed numerous application security code reviews for clients
across multiple industries. Jerry also provides training services for clients,
and has over 10 years teaching and development experience. Jerry is also
involved in the Open Web Application Security Project (OWASP) and was the lead developer of AntiSamy.net project. He has a master's degree in
Computer Science from Washington University in St. Louis.

</div><br clear="all">

==Hoffman, Achim==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>"some" Security ..
It's difficult to describe my knowledge in the security world without being subjective, hence replace some by whatever your feel happy with. The official title on the v-card will be senior security and network consultant, which means something too.
(Short) CV
I'm doing software development since early '80s, used to networking all the time, and focused on web application security starting this millenium. Meanwhile I've seen coming, have evaluated, have configured and used, and have seen disappearing a lot of WAFs and web application security scanners. Founded sic[!]sec GmbH in 2010.
OWASP Activities
• Participating in the German Chapter, German Chapter Board Member
• Project leader, maintainer, developer of OWASP EnDe Project
• Reviewer on some other OWASP projects (SoC 2008)
• CAL9000 (added some en-/decoding and request/response functionality; 2006)
• OWASP papers:
o Best Practices: WAF
o Best Practice: Projektierung der Sicherheitsprüfung von Webanwendungen
Public Papers / Work
• HTTP State Management Mechanism (Cookie) current httpstate working group (contributor 2009/2010)
• Best Practice: Projektierung der Sicherheitsprüfung von Webanwendungen (author 2009)
• Web Application Security Threat Classification v2 (contributor 2008/2009/2010)
• Best Practices: Einsatz von Web Application Firewalls (co-author, 2008)
• Sicherheit von Webanwendungen: BSI-Maßnahmenkatalog und Best Practices (author, 2005/2006)
• Web Application Firewall Evaluation Criteria (contributor, 2005)
• Web Application Security Threat Classification v1 (contributor and German translation, 2004/2005)

</div><br clear="all">

==Hofmann, Chris==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>As Director of Engineering and then Special Projects at the Mozilla Foundation and Corporation since 2003, Chris Hofmann has spearheaded the research and development work of thousands of open source contributors around the world. A Netscape employee before joining Mozilla, Chris contributed to every Netscape and Mozilla browser release since 1996.
As the first employee at the Mozilla Foundation in August 2003, Chris led a small but devoted team of the original ten engineers that established the Mozilla Foundation as an independent and self-sustaining organization.
In 2004, Chris managed and executed the first worldwide release of Mozilla Firefox 1.0. Firefox 1.0 helped to fulfill the Mozilla Foundation’s goal of supporting open Web standards and provide innovation and choice for Internet client software and set Firefox on a path to remarkable market share growth over the last several years.
Chris now helps to build and strengthen Mozilla communities around the world. These contributors and communities are involved with localization of Firefox in to over 70 languages, extend Firefox with Addons, and provide support to Firefox users. He engages with security researchers to help improve browser security and manages Mozilla's Security Bug Bounty Program. He is also interested in engaging, helping, and promoting the work done in companies and large institutions to deploy Firefox use and Mozilla technology.

</div><br clear="all">

==Hogben, Giles==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>Dr Giles Hogben is programme manager for secure services at the European Network and Information Security Agency in Greece. He has led numerous studies on Network and Information security, including on topics such as Smartphone security, Cloud computing, Social Network security and European Identity card privacy. Before joining ENISA, he was a researcher at the Joint Research Centre in Ispra, Italy and led work on private credentials. He has a PhD in Computer Science from Gdansk University of Technology in Poland and graduated from Oxford University, UK in 1994 in Physics and Philosophy.
</div><br clear="all">

==Ichnowski, Jeff==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>Principal Architect at SuccessFactors
</div><br clear="all">

==Jimenez, Juan Jose Rider ==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>CEO at WUL4, Spain
• Finantial industry: designer of computer solutions(ecommerce, PCI-DSS, etc)
• Healthcare system architect: ChipCard (https://www.chipcard-salud.es/)
• SOA-related technologies expert
• Web Services expert
• High-performance required application architect
• J2EE related-technologies expert
• IBM Websphere expert
• Payment methods and protocols, ecommerce, Internet, 3D-Secure, 3DSET, SPA/UCAF, etc
• JSF, RichFaces, Ajax
• Team Leadership.
• Business Development.
Specialties: E-Invoice expert(facturae, etc), PCI-DSS, Security for Web Applications, Web Services, e-commerce, SOA, J2EE,...

</div><br clear="all">

==Jorge, Eduardo==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>Enter bio here.
</div><br clear="all">

==Kang, Abraham==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>Work for financial institution in their code review group
Have been working on application security issues for over 8 years
(focused on security code review for last 3+ years). Published
articles related to enterprise application integration, scalability,
and security. Been recently focused on XSS remediation and DOM based
XSS. Also interested in Unicode exploits and filter bypassing using
character set mismatches. Recently contributed the candidate chapter
for Output Encoding for the Web App Security Guide 3.0. Looking to
contribute more to XSS, AJAX security, Unicode content on the OWASP site.

</div><br clear="all">

==Keary, Eoin==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>Eoin is a senior manager with Ernst & Young Risk Advisory Services responsible for Attack and Penetration services for EMEIA. He is a member of the Global Board of OWASP, the founder of the Irish chapter of OWASP and also editor/lead of the published OWASP Code Review (2007/2008) and Testing (V2.0) Guides 2007. He specializes in global large scale penetration testing services. He is also a coordinator for OWASP EU 2011 (to be held in June 2011) and previously organized OWASP Ireland 2009 & 2010
</div><br clear="all">

==Knobloch, Martin==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>Martin Knobloch is a independent Security Consultant at http://www.pervasec.nl. In his previous employment at Sogeti Netherlands B.V., Martin founded and lead the Information security task-force PaSS (Proactive Security Strategy) addressing organization, infrastructure and software. Martin is member of the OWASP Netherlands Chapter Board and Chair of the Global Education Committee. He is leading and contributing to various OWASP Project and is member of the OWASP Summit organization team.
</div><br clear="all">

==Kosturjak, Vlatko==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>Vlatko Kosturjak is security consultant delivering his services in Europe, Middle East and Africa (EMEA) region. He holds multiple certs like PCI QSA, CISSP, CISA, C|EH, LPIC-3...
He likes to contribute to open source (security) software and you can find his code in snort, OpenVAS, Nmap, Metasploit and w3af. He is OWASP Croatia chapter leader and OWASP favicon project leader.

</div><br clear="all">

==Koussa, Sherif==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>Sherif Koussa is an application security independent consultant. Founder and Leader of OWASP Ottawa since 2006. Founder and principal consultant for Software Secured; an application security boutique shop.
</div><br clear="all">

==Kuivenhoven, Marinus==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>Marinus Kuivenhoven works as a Senior Security Specialist at Sogeti Nederland BV. He has experience in developing for and administration of multi-tier systems.
He is one of the founders and an active member of the Sogeti taskforce PaSS (Proactive Security Strategy), which focuses on implementations of the secure development lifecycle.
Marinus developed and teaches several courses in application security for colleagues, educational institutes and customers.
He is actively involved in OWASP. In the past years he has written articles for magazines like Computable and We Love IT. And he spoken on several international events including OWASP, ROOTs, Open Source Developer Conference and Engineering World.

</div><br clear="all">

==Kumar, Nishi==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>Nishi Kumar Systems Architect, FIS. Nishi is an Architect with 20 years of broad industry experience. She is part of OWASP Global Education Committee and project lead for OWASP CBT (Computer based training) project. She is a committed contributor of OWASP. She has spearheaded Secure Code Initiative program in FIS Electronics Payment division. As part of that program, she has delivered OWASP based training to management and development teams to various groups in FIS. She has been involved with PA-DSS certification of several applications in FIS. Since joining FIS in 2004 she has worked as an architect and team lead for several financial payment and fraud applications. She has hands-on accomplishments in design, development and deployment of complex software systems on a variety of platforms. Prior to joining FIS Nishi Kumar has worked for Pavilion, HNC, Fair Isaac, Trajecta, Nationwide Insurance and Data Junction as Senior Software Engineer, Architect and in Project Management roles.
</div><br clear="all">

==Li, Jason==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>• Application security professional with experience in leading code review, penetration testing, and regulatory compliance assessments.
• Proficient software developer including time spent as technical lead for Java and Java EE applications.
• Broad training background including development of courses about software development and application as well as delivery in live, virtual and eLearning formats.
• Heavy involvement in the Open Web Application Security Project (OWASP) Foundation including:
- Co-Chair of the OWASP Global Projects and Tools Committee
- Frequent speaker at OWASP Conferences
- Project Lead for the OWASP JSP Testing Tool
- Core Contributor to the OWASP AntiSamy Project

</div><br clear="all">

==Lindsay, David==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>David Lindsay is a Senior Security Consultant with Cigital. His
primary areas of interest include web application vulnerabilities,
cryptography and web standards. His primary area of disinterest is
writing bios.

</div><br clear="all">

==Long, Jeremy==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>Jeremy Long is an Information Security Engineer for a large financial institution. He has been involved in drafting secure coding policies, delivering secure development training, and performing security code reviews. He has a MS in Information Security from James Madison University and currently holds the CISSP and GSSP-J certifications.
</div><br clear="all">

==Loureiro, Nuno ==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>Nuno has a MSc in Information Technology - Information Security from Carnegie Mellon University and currently works for SAPO where he's leading the Security Team. Besides his passion for Security and Web Security, he loves hiking and traveling.
</div><br clear="all">

==Luptak, Pavol==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>Pavol gained his MSc in Computer Science at the Czech Technical University in Prague / Czech Republic with master thesis focused on ultra-secure systems. He holds many prestigious security certifications including CISSP and CEH, he is Slovak OWASP chapter leader, co-founder of the first Slovak hackerspace Progressbar and Society for Open Technologies (SOIT) where he is main responsible for IT security.
Pavol uses to have regular presentations at various worldwide security conferences (in Netherlands, Luxembourg, Berlin, Warsaw, Krakow, Prague). In the past, he demonstrated vulnerabilities in the public transport SMS tickets in all major cities in Europe, together with his colleague Norbert Szetei he practically demonstrated vulnerabilities in Mifare Classic RFID
cards. He has 14 years experience in IT security, penetration testing and comprehensive OWASP security audits including social engineering and digital forensic analysis.
He is one of the co-author of the OWASP Testing Guide v3, has a deep knowledge of the OSSTMM, ISO17799/27001 and many years experience in seeking vulnerabilities.
At this time he is focused on web application obfuscation and GSM security.

</div><br clear="all">

==Lyon, Chris==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>Chris Lyon is the Director of Infrastructure Security at Mozilla.
</div><br clear="all">

==Manico, Jim ==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>Jim Manico is the producer and host of the OWASP Podcast Series. He is also the project manager of the OWASP ESAPI project, a contributor to the OWASP Cheat-sheet Series, the chair of the OWASP Connections committee, and a member of the OWASP mobile project.
Jim is currently an independent Application Security Architect and Educator. He has 15 years of experience developing Java‐based data‐driven web applications for organization such as FoxMedia (MySpace), GE, CitiBank, Sun Microsystems and Aspect Security. For more information, please see http://www.manico.net. Jim has also provided Application Security Developer Education services for Fortune 10, Government, and NGO Institutions.

</div><br clear="all">

==Maor, Ofer==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>CTO, Hacktics, Chairman, OWASP Isarel
Ofer Maor has over fifteen years of experience in the Information Technology and Security. Mr. Maor is a pioneer in the Application Security field: he has been involved in leading research initiatives, has published numerous papers, appears regularly at leading conferences and is considered a leading authority by his peers. He also currently serves as the Chairman of OWASP Israel. Before founding Hacktics, Mr. Maor led Imperva's Application Defense Center, a research group focused on application security services and education. In this capacity, he advanced research activities and was responsible for all the application security services conducted by the company. He was previously a Senior Security Consultant at eDvice, an application security consulting firm, and served for three years as an Information Security Officer in the Israeli Defense Forces.

</div><br clear="all">

==Mancini, Lucilla==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>Degree in Economics and large experience in finance, trading and derivatives.
Later I joined this experience with ICT matters; and now after having worked for some years for Getronics both in Italy and in worldwide groups, now I lead in Business-e e the consulting team of about 25 persons.
Main activities are in Governance, Audit and Ethical hacking with a group of 10 testers.
My main certificates are Cisa, Lead auditor ISO27001, Itil v3, CRISC , Cobit

</div><br clear="all">

==Martinez, Mateo==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>Many years of experience in a variety of challenging Senior Information Security, Risk Management, Business Continuity Planning and Consultancy roles. Up to the moment I have been working at Tata Consultancy Services as the Information Security Manager since 2007. I´m in charge of the Information Security Area, Implementing ISO 27001, Internal Audit, Security Incidents Management, Architecture & Design Review, Penetration Testing, Software Security for Latinamerican region and in charge of the Advisory of Security Services department. I´m CISSP. BCP and Information Security projects executed in Chicago, US and in Dubai, UAE. I have previous experience working in PricewaterhouseCoopers as a Senior BCP Consultant. I have realized business continuity plans for many of our clients.
</div><br clear="all">

==Martorella, Christian==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>Christian Martorella has been working in the field of information security for the last 10 years, starting his career in Argentina IRS as security consultant, now he's Practice Leader in Threat and Vulnerability - EMEA in Verizon Business. He is cofounder an active member of Edge-Security team, where security tools and research is released. He has been speaker at What The Hack!, NoConName, FIST Conferences, OWASP Summit 2008 and OWASP Spain IV & VI, Source Conference Barcelona and Hack.LU. Christian has contributed with open source assessment tools like OWASP WebSlayer and Metagoofil. He likes all related to Information Gathering and Penetration testing. Christian currently holds the President position at the FIST Conferences board, and in the past taught Ethical Hacking at the IT Security Master of La Salle University.
</div><br clear="all">

==Matatall, Neil==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>Neil Matatall is a Consultant for FishNet Security as part of the Applicaiton Security team. After starting off as a developer, Neil was asked to investigate application security and he hasn't looked back since. In OWASP, Neil has been a conference organizer (AppSec US 2010 and AppSec Academia '09), chapter leader (Orange County), project committer (ESAPI), and global conference committee member.
</div><br clear="all">

==McGeehan, Ryan==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>Internet threat generalist with a research background. Currently managing the Security Incident Response team at Facebook, handling all high severity security incidents.
Specialties - Phishing, Botnets, Spam, Social Networks, Social Media, Security Team Building, Security Community Engagement, Security Strategy, Security Investigations, Security Management, Web pplication Security, Startup Security

</div><br clear="all">

==Melo, Ricardo==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>I'm the CTO at DRI, a Portuguese company focused on on open source environments. I have +10 years working with Linux and open source technologies like PHP and Mysql. I've been involved on a large number of projects, both web and non web applications, from small sized to +100 computer clusters both as developer, system administrator and software architect.
</div><br clear="all">

==Mendo, Tiago==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>I've worked in the security area for a few years, mostly in network security doing traffic analysis and network reverse engineering. I'm a member of the Portuguese Honeynet Project and I'm currently working for SAPO, which is the most visited site in Portugal, in the Web Security team.
</div><br clear="all">

==Meucci, Matteo==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>Matteo has undergraduate degrees in Computer Science Engineering from the University of Bologna (Italy).
He is the OWASP-Italy Founder and Chair from January 2005 (http://www.owasp.org/index.php/Italy), leads the new OWASP Testing Guide from 2006 (http://www.owasp.org/index.php/OWASP_Testing_Project), and he is starting the OWASP Common Vulnerability list with Anurag Agarwal and Eoin Keary (http://www.owasp.org/index.php/OWASP_Common_Vulnerability_List). He is one of contributor of OWASP SAMM (http://www.opensamm.org). He holds CISSP, CISA certification, Matteo is the CEO and a cofounder of Minded Security, an Application Security Consulting Company, with more than 10 years of specializing in information security and collaborates from several years at the OWASP project. Matteo is invited as speaker at many events all around the world talking about Web Application Security.

</div><br clear="all">

==Montero, David==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>David is CISA, CISM and CRISC by ISACA, as well as the only one degree ISMS Lead Auditor issued by IRCA in Spain. He is the founder of OWASP-Andalucia chapter in Spain (http://www.owasp.org/index.php/Andalucia), and founder of Grupo iSoluciones, group of companies specialized in information security with presence in Spain and Uruguay. His interest areas are pentesting and cyberwar, where write articles and essays with the alias "Raistlin".

</div><br clear="all">

==Nagra, Jasvir==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>Jasvir Nagra is a researcher and software engineer at Google. He is one of the designers and developers of Caja - a secure subset of HTML, CSS and JavaScript; co-author of Surreptitious Software - a book on obfuscation, software watermarking and tamper-proofing; contributer to Shindig - the reference implementation of OpenSocial; and an escaped perl hacker.
</div><br clear="all">

==Neaves, Tom==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>Tom "c0redump" Neaves M.Sc, B.Sc (Hons) is a Principal Security Consultant at Verizon Business (formerly NetSec) where he is part of the Threat and Vulnerability Consulting EMEA Practice. Tom is also studying for a Ph.D in Information Security on a part-time basis back at Royal Holloway, University of London. Anything that speaks HTTP or gets transmitted over the air has his full attention!
</div><br clear="all">

==Paiva, Sandra==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>I have assumed, in October 2010, the position of OWASP Training Manager and will be responsible for managing the OWASP ‘Chapter-lead’ Training activities and operationalising the concept of 'OWASP Academies'. Throughout this process, I will be managed by Dinis Cruz and report directly to the OWASP Board. I was, up to the end of July 2010, Head of Customer Relationship Management (CRM) for Europe, Middle East and Africa at the Mergermarket Group (part of the Financial Times Group), having joined the company in July 2007 as a CRM Executive. I have a graduate degree in Statistics and Management of Information and a post-graduate degree in the same area. Before joining Mergermarket, I worked for two years at Dealogic on the Mergers & Acquisitions and Loan Markets products.
Prior to moving to London in 2004, I have worked in several universities in Portugal where I firstly, for roundly half a dozen of years, taught Maths and Statistics and thereafter, throughout an academic year, worked in the conceptualization, development and production of materials to support academic and scientific events and in the creation of methodologies to repackage contents and support academic and scientific activity.

</div><br clear="all">

==Pegorelli, Marta==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>Dr Konstantinos Papapanagiotou has more than 7 years of experience in
the field of Information Security both as a corporate consultant and
as a researcher. Currently, he is Information Security Risk Management
Services Manager of Syntax IT Inc and leader of the OWASP Greek
Chapter. He holds a BSc from the Department of Informatics and
Telecommunications, University of Athens, an MSc with distinction in
Information Security from Royal Holloway, University of London and a
PhD in Information and Network Security from the Department of
Informatics and Telecommunications, University of Athens. He is the
author of more than 10 scientific publications. He is a member of the
ACM, IEEE and also a founding member of the Institute of Information
Security Professionals (IISP). His current research interests are in
the areas of application security, trust and security in pervasive and
ubiquitous computing and steganography.

</div><br clear="all">

==Perego, Paolo==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>Paolo was born in 1976 in Milan, Italy. Since he was 5, he started disassembling toys trying to understand their internals... it was very rare he was able to put
the pieces back in their place. So his infancy was full of broken toys... but at least he discovered what's inside a little car moving by itself. Let's call this Paolo's life phase: 'Breaking the law'
When he discovered computers, Paolo learnt also to repair software he broke. He started patching buffer overflows, format bugs and other crappy C programs. It was 1996, he discovered Linux, the networking and the kernel land. It was the time Pink Floyd were in loop in Paolo's walkman. Let's call this Paolo's life phase: 'So your instruction pointer is full of
0x41?'Nowadays Paolo's interest in reviewing and fixing broken code turn him in an application security specialist. He wrote software for an Italian web agency, and he has a side project as Independent Software Vendor as armoredcode.com. He is involved in Owasp as Project Leader of Owasp Orizon (a code review engine) and Owasp ESAPI for Ruby porting. He is also in the Owasp Italian chapter board. It's the time that Pearl Jam and old school metal music fill Paolo's mp3 player, he is a husband, a proud father, a guitarist and he is close from being black
belt Taekwon-do ITF martial artists. Let's call this Paolo's life phase: 'Stay hungry, stay foolish'

</div><br clear="all">

==Potjes, Linda==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>Linda, from the Netherlands, is a Java Programmer in daily life.
Living with an active OWASP member, she's been visiting a lot of
conferences , slowly getting more and more interested in security.This
week, she's on the support team for the OWASP summit, helping out with
whatever needs to be done.

</div><br clear="all">

==Reinhart, Ralf==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>OWASP member and senior consultant focused on web application security living in Munich, Germany. You can find some more specific information at my Xing.com's profile.

I'm organizing once a month the "OWASP regular's table" in Munich, Germany. You might want to have a look at the Stammtisch-Initiative if you are visiting Germany, being fed up with Neuschwanstein and alike and seeking for some nerdy tech talk in combination with Bavarian beer consumption tradition ;-)

Founder of Sic!Sec

</div><br clear="all">

==Richler, Heiko==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>Georg Simon Ohm University of Applied Sciences. OWASP University Chapter
</div><br clear="all">

==Rohr, Mathias==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>Enter bio here.
</div><br clear="all">

==Ross, David==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>David Ross is a Principal Security Software Engineer on the MSRC Engineering team at Microsoft. Prior to joining MSRC Engineering in 2002, David spent his formative years on the Internet Explorer Security Team and wears the battle scars with pride. David’s blog: http://blogs.msdn.com/dross
</div><br clear="all">

==Roth-Mandutz, Elke==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>
I am working as research assistant at the Georg-Simon-Ohm University of Applied Sciences in Nuremberg, Germany.
The research project started in September 2010 with the objection to detect and evaluate the privacy
impact of web-sites based on client-side analysis. The privacy impact should be made user visible.

Prior to the research project, I worked for many years in the mobile communication sector, mostly as system engineer for GSM and UMTS infrastructure.
</div><br clear="all">

==Saario, Mikko==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>* Working in a complex and diversified mobile/web environment.
* Member of the board (in 2007) in the Finnish Information Security Association i.e. Tietoturva ry (www.tietoturva.org).
* Founded and chaired the OWASP Helsinki Chapter (www.owasp.org).

</div><br clear="all">

==Samuel, Michael==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>Mike Samuel is an engineer in Google's Applied Security group working on programming language based approaches to web application security. He is involved in the EcmaScript standards process and is one of the implementors of Caja, a system that allows for secure composition of web applications using existing standards. Lately he has been working on static type reasoning to make template languages robust against XSS.
</div><br clear="all">

==Schmidt, Chris==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>Christopher Schmidt: GIS and Web Hacker

I am a professional web application developer, and have spent the past several years developing server and client side tools for the creation of web applications, especially applications which relate to mapping. Some of my most visible work over the past year is in the OpenLayers/TileCache/FeatureServer stack, a collection of open source tools designed to help users build mapping applications.

</div><br clear="all">

==Schuh, Justin==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>I've held a variety of different positions across the IT spectrum, with most of my time focused on the security side of the industry. I like interesting technical challenges solving unique problems.

Specialties: Software reverse engineering, security assessment, exploit development. Software development on a wide range of languages, platforms and technologies. Management of software development and security consulting teams.

</div><br clear="all">

==Schwartz, Stephen==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>Enter bio here.
</div><br clear="all">

==Searle, Justin==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>Justin Searle is a Senior Security Analyst with InGuardians,
specializing in the penetration testing of web applications, networks, and embedded devices, especially those pertaining to the Smart Grid. Justin is an active member of ASAP-SG (Advanced Security Acceleration Project for the Smart Grid) and led the Smart Grid Security Architecture group in the creation of NIST Interagency Report 7628. Previously, Justin served as JetBlue Airway’s IT Security Architect, and has taught courses in hacking techniques, forensics, networking, and intrusion detection for multiple universities and corporations. Justin has presented at top security conferences including DEFCON, ToorCon, ShmooCon, and SANS. Justin co-leads prominent open source projects including the Samurai Web Testing Framework, Middler, Yokoso!, and Laudnum. Justin has an MBA in International Technology and is a CISSP and SANS GIAC certified Incident Handler (GCIH), Intrusion Analyst (GCIA), and Web Application Penetration Tester (GWAPT).

</div><br clear="all">

==Secker, Tanya==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>Application Security Specialist - Trustwave
</div><br clear="all">

==Serrao, Carlos==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>Assistant Professor at ISCTE-IUL (Lisbon University Institute)/SoTA (School of Technology and Architecture)/DCTI, where I teach several subjects related to Information Systems, Information Security, IT/IS Project Management and Entrepreneurship (both on BSc and MSc programs).
ADETTI-IUL Researcher and Project Manager where I'm working mostly on the following research topics:
- Distributed Systems, Applications and Information Security
- Management and Protection of e-Intellectual Property and e-Contents
- Web-based and Mobile-based Information Systems
Projects. Experience in participation in multiple national and international co-operation IT/IS projects and provision of consulting services to different companies.
OWASP.PT leader. Currently working to evangelize OWASP good practices and OWASP mission in improving the web applications security.
Author. I'm the author and co-author of several articles published on scientific conferences, proceedings, journals and project deliverables. Also the co-author of one of the best selling portuguese books about PHP programming. Geek. Love technology. Huge fan of gadgets.
OS agnostic. Linux, Mac OS X, Windows. Bring them all!!!

</div><br clear="all">

==Stasinopoulos, Anastasios==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>Anastasios Stasinopoulos is a Certificated Network Administrator of CompTIA (Computing Technology Industry Association) computer-security enthusiast and also a hobbist penetration tester. He is basically deals with Networking and Data Communications, Security as Fedora Security Spin Contributor (http://fedoraproject.org/wiki/Security_Lab) and Penetration testing. He is also the developer of a set of Hackademic Challenges that anyone can practice for real world applications attacks and penetration tests (http://hackademic.s3cure.gr).For more information about Anastasios : http://www.owasp.org/index.php/User:Stasinopoulos_Anastasios
</div><br clear="all">

==Sterne, Brandon==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>Brandon Sterne is the Security Program Manager at Mozilla where he works on security releases and designs and implements browser security features.
</div><br clear="all">

==Steven, John==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>John Steven is the Senior Director, Advanced Technology Consulting at Cigital with over a decade of hands-on experience in software security. John's expertise runs the gamut of software security from threat modeling and architectural risk analysis, through static analysis (with an emphasis on automation), to security testing. As a consultant, John has provided strategic direction as a trusted advisor to many multi-national corporations. John's keen interest in automation keeps Cigital technology at the cutting edge. He has served as co-editor of the Building Security In department of IEEE Security & Privacy magazine, speaks with regularity at conferences and trade shows, and is the leader of the Northern Virginia OWASP chapter. John holds a B.S. in Computer Engineering and an M.S. in Computer Science both from Case Western Reserve University.
</div><br clear="all">

==Su, Cecil==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>Ever since Cecil Su began working in the financial services industry, his interest of information security (and especially of application security) was stoked. For his extra-curricular activities after office hours, he took every opportunity to learn about the craft. Now, ten years on, Cecil’s day job is as a director of Grant Thornton LLP in Singapore. As head of the Technology Advisory unit, he leads various engagement teams on diversified projects across vertical industries. His area of focus is in IT Assurance, IT Security Advisory and Digital Forensics.
Aside from being a committee member of the OWASP GEC, he has also contributed to the OWASP Testing Guide, and coordinated efforts for the internationalisation of Asian languages of OWASP materials. Cecil is also the current Chapter Lead for the Singapore Honeynet Project, ExCo member for the Association of Information Security Professionals (AISP), and a member of the security Controls and Security Services Working Group (Singapore representative body for ISO/IEC JTC 1/SC 27/WG 4).

</div><br clear="all">

==Tasar, Vehbi==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>Dr. Vehbi Tasar, CISSP, CSSLP, Director of Professional Programs Development - Vehbi is in charge of all exam development at (ISC)². His responsibilities include exam question and content development, psychometric oversight of the exam questions, and maintenance of the ANSI certification for all (ISC)² credentials. Vehbi has joined (ISC)² in June 2008 to develop a new security credential called Certified Secure Software Lifecycle Professional (CSSLP). Prior to joining (ISC)², Vehbi worked in software industry for over 30 years. He has a broad spectrum of application development expertise ranging from high performance computing to the database application development, and distributed enterprise computing for the IT infrastructure. Vehbi holds a B.S degree in Electrical Engineering from the Middle East Technical University from his native Ankara, Turkey. He received a M.S degree in Computer Science from the University of Missouri, Rolla, and a Doctor of Engineering Degree in Electrical Engineering from the University of Detroit, Mercy in Detroit, Michigan.
</div><br clear="all">

==Taylor, Jason==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>Chief Technology Officer, Secure Innovation
Mr. Taylor leads the strategic direction for all technology initiatives and manages world-class development teams for the company's product lines. He has spent his career focused on application development and testing with a primary focus on application security. His unrivaled understanding of application behavior provided the impetus for Security Innovation’s industry pioneering fault injection tool, Holodeck Enterprise Edition, and critical enhancements to the company’s internal testing and development tools. Mr. Taylor was the visionary and designer of the Company’s “Creating Secure Code” methodology and course which has been taught to several of the world's largest technology organizations.
Prior to joining Security Innovation, Mr. Taylor served as test architect, security lead and development manager at Microsoft for various releases of Internet Explorer and Windows. He was the first member of the Internet Explorer security test team, and as the security team lead, he grew it from a solitary operation to the leading application security test team at Microsoft. Later, he built the Test Model Toolkit which became the standard model-based testing tool at Microsoft, winning a Best Practice Award along the way.
Mr. Taylor is an external reviewer, contributor and primary author for Microsoft patterns & practices security guidance. He has published several whitepapers including “Web Services Risk Assessment and Recommendations” and “Security Threats: Risks, Protection & Limitations" for CIO Update. He is co-author of "Team Development with Visual Studio Team Foundation Server" and “Improving Web Services Security” with J.D. Meier of Microsoft. Mr. Taylor received his C.S. degree from Montana State University.

</div><br clear="all">

==Tesauro, Matt==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>Matt has been involved in the Information Technology industry for more
than 10 years. Prior to joining Praetorian, Matt was a Security
Consultant at Trustwave's Spider Labs. Matt's focus has been in
application security including testing, code reviews, design reviews and
training. His background in web application development and system
administration helped bring a holistic focus to Secure SDLC efforts he's
driven. He has taught both graduate level university courses and for
large financial institutions. Matt has presented and provided training a
various industry events including DHS Software Assurance Workshop,
AppSec EU, AppSec US, AppSec Academia, and AppSec Brazil.
Matt is currently on the board of the OWASP Foundation and highly involved in many OWASP projects and committees. Matt is the project leader of the OWASP WTE (Web Testing Environment) which is the source of the OWASP Live CD Project and Virtual Machines pre-configured with tools and documentation for testing web applications.
Industry designations include the Certified Information Systems Security Professional (CISSP) and Certified Ethical Hacker (CEH). Matt Tesauro has a B.S. in Economics and a M.S in Management Information Systems from Texas A&M University.

</div><br clear="all">

==Thomas, Mark==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>Mark Thomas is a Staff Engineer with the SpringSource division of VMware. The majority of Mark's time is spent on the development of Apache Tomcat but he also provides expert Tomcat advice to the SpringSource support team and he leads the SpringSource security team as well as the integration of Tomcat with tc Server.
Mark has been using and developing Apache Tomcat for more than seven years. He became involved in the development of Tomcat when he needed better control over the SSL configuration than was available at the time. After fixing that first Bugzilla issue, he started working his way through the remaining Tomcat issues and is still going. Along the way, Mark became a Tomcat committer and PMC member, undertook the majority of the Servlet 3.0, JSP 2.2 and EL 2.2 development for Tomcat 7, created the Tomcat security pages, became a member of the ASF, joined the Apache Security Committee and is an Apache Commons PMC member where he contributes to Commons Pool, DBCP and Daemon. He is currently the Tomcat 7 release manager and also helps maintain the ASF's Bugzilla and Jira instances.
Mark has a MEng in Electronic and Electrical Engineering from the University of Birmingham, United Kingdom.

</div><br clear="all">

==Tomhave, Benjamin==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>Ben Tomhave is a Senior Security Analyst with Gemini Security Solutions in Chantilly, VA, specializing in solutions architecture, security planning, security program development and management, and other strategic security solutions.
Ben holds a Master of Science in Information Security Management from The George Washington University. He is a Certified Information Systems Security Professional (CISSP), co-vice chair of the American Bar Association Information Security Committee, member of ISSA, member of OWASP, and member of the IEEE Computer Society. He is a published author and an experienced public speaker.
Prior to his current endeavor, Ben has worked in a variety of security roles for companies including BT Professional Services, AOL, Wells Fargo, ICSA Labs, and Ernst & Young.

</div><br clear="all">

==Turpin, Keith==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>Over the years I have held a number of positions at The Boeing Company including: Application and Information Security Assessments team leader, lead IT security adviser for international operations, supplier security analyst, engineering systems integrator, software developer and senior manufacturing engineer on the 747 airplane program.

• I represent Boeing at the International Committee for Information Technology Standard's cyber security technical committee.
• I represent the United States as a delegate to the International Standards Organization's (ISO) sub committee on cyber security.
• I recently joined the national Software Assurance (SwA) Working Group
• I am the Director of the HPPV Northwest regional engineering competition.
• My work with college engineering education led to a 2005 national award from the American Society of Engineering Education.
• You can see my OWASP project on secure coding practices here: http://www.owasp.org/index.php/OWASP_Secure_Coding_Practices_-_Quick_Reference_Guide
• The presentation on my OWASP project at AppSec USA 2010 can be found here: http://vimeo.com/17018329
• You can see the video of my AppSec USA 2009 presentation on Building Security Assessment Teams here: http://vimeo.com/8989378

2010 Accomplishments:
-----------------------------------
- Selected as Eastern Washington University's 2010 Distinguished Alumni of the Year for service to the community
- Launched new OWASP project: Secure Coding Practices - Quick Reference Guide
- Speaker at AppSec USA
- Speaker at OWASP DC
- Speaker at the Department of Homeland Security's Software Assurance Forum
- Contributor to The Open Group white paper "Trusted Technology Provider Framework"

</div><br clear="all">

==Tusha, Ervis==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>Enter bio here.
</div><br clear="all">

==UcedaVelez, Tony==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>Develop and lead strategic IT & IS solutions for businesses that seek to mitigate IT operational and security risk through robust, cost effective programs, while maintaining a strategic alignment to key business objectives and providing overall value to the enterprise.

Specialties - Security Risk Management, Risk Assessment Methodologies, Business Impact Analysis, Business Process Engineering, Maturity Modeling, Security Training, Vulnerability Assessment, Policy Management, Compliance Audits, Business Continuity Planning, Remediation Management

</div><br clear="all">

==Uhley, Peleus==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>Platform Security Strategist at Adobe
</div><br clear="all">

==van der Baan, Steven==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>I'm Steven van der Baan. I'm a father of two (boy and girl) and I work as a Software Architect and Security Consultant for Sogeti Nederland BV. I am using computers already for 27 years, starting with the ZX81 where I learned to program inside a memory of a whooping 1K. Every other computer thereafter was a bundle of joy and adventure. This adventure is something that I'm now trying to share with my kids.
I started with OWASP through Martin Knobloch, then a colleague of mine. He washosting the CTF at Appsec DC 2009. He called me up due to some minor problems and (ofcourse) I helped. This became somewhat regular that I took over the project leadership form him of the CTF project.

</div><br clear="all">

==Vasilopoulos, Kyprianos==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>Senior Security Consultant Greece at Atos Origin
</div><br clear="all">

==Vela, Eduardo==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>WebAppSec Researcher (sirdarckcat)

Experienced web application security researcher, has assisted several companies in the resolution of security issues like Adobe, Apple, Google, Microsoft, Mozilla, Oracle, Symantec, between others.

Imparted courses and security conferences on DNS International, Microsoft Bluehat V8 (October 2008), BlackHat USA (2009), XCon (2009), BlackHat Europe (2010), OWASP day Mexico (2010), OWASP AppSec Sweeden (2010) between others.

Knowledgeable on SQL, PHP, Python and Ruby for web development, and C/C++ for application development with extreme caution on making fast and efficient code, but must of all, secure.

He's also an enthusiast on Internet Culture and Social Networking research, music, literature, as well as a fan on solving algorithmic problems.

Specialties
Web Application Security, Programming (C/C++, PHP, Java, JavaScript, Python, Ruby, Batch/Bash, Perl)

</div><br clear="all">

==Vilares Da Silva, Luis==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>Luis Vilares da Silva worked in the Portuguese central statistics office (INE) as systems and network engineer, software engineer from 1990 to 1999. Worked as a webmaster, web developer and software engineer in the European police office (EUROPOL) in The Hague from 1999 to 2009. In that period did his MSc in IT Security and CISSP certification, MS training 70-340 and is MSTS for SharePoint 2007. He did some audits and risk mitigation in the finance systems in Portugal in 2010 and is back to The Hague to work as a software architect within the Organisation for the Prohibition of Chemical Weapons (OPCW) where he is trying to leverage some security into the various developed and under development applications. Last but not least, Luis is in the process of finalizing a MSc in forensic computing sand cybercrime investigations from UCD Dublin open to law enforcement only.
</div><br clear="all">

==Vlachos, Vasileios==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>Dr. Vasileios Vlachos is lecturer at the department of Computer
Science and Telecommunications of the Technological Educational Institutions (TEI) of Larissa. He was a senior R & D engineer at the Research Academic Computer Technology Institute (R.A.C.T.I.) of Patras, Greece. He was a member of the Digital Awareness and Response to Threats (DART) team of the Special Secretariat for Digital Planning of the Hellenic Ministry of Economy and Finance. Dr. Vlachos holds a Diploma of Engineering in Electronic & Computer Engineering from Technical University of Crete, a MSc in Integrated Hardware and Software Systems from the Department of Computer Engineering and
Informatics of the University of Patras and a PhD in Information Systems Security from the Department of Management Science and Technology of Athens University of Economics and Business. Dr. Vlachos has taught at the University of Thessalia the University of Central Greece and the University of Piraeus.

</div><br clear="all">

== Vroom, Ferdinand ==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>Security Officer at Nationale-Nederlanden (ING)
</div><br clear="all">

==Watson, Colin==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>Colin Watson is a consultant and co-founder of Watson Hall Ltd. Colin has a production and process engineering background, but has worked in information systems for fourteen years, concentrating exclusively on web application development, security and compliance. His work involves the management of application risk, building security and privacy into systems development and keeping abreast of relevant international legislation and standards. He has a particular interest in creating user trust in web systems and the relationships between security and usability. Colin has spoken at several OWASP chapter meetings and conferences on topics including web content accessibility guidelines, the Open Software Assurance Maturity Model and AppSensor. He contributes to a number of OWASP projects and is a member of the OWASP Global Industry Committee, having been its chair for 2009-2010. He writes a blog about web security, usability and design under the pseudonym Clerkendweller. He holds a BSc in Chemical Engineering, and an MSc in Computation from the University of Oxford.
</div><br clear="all">

==Weston, David==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>David Weston is a Security Engineer at Microsoft where he works on the team responsible for the security testing of Windows. David previously worked as a security consultant at a major defense contractor where worked on projects for Department of Defense, Federal, and Enterprise customers. He is an experienced security researcher and has presented at numerous security conferences such as Blackhat and Defcon in addition to discovering vulnerabilities in several major software packages.
</div><br clear="all">

==Wichers, Dave==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>Information Security consultant continuously since 1989. Current focus area is in Application Security Consulting, including Developer Training, Security Code Reviews, Application Penetration Testing, Technology Selection, Security Policy Development, Infusing Security into the Software Development Lifecycle, and the development of Standard Security Controls. Particular expertise in Security of Web Applications.
Currently member of the OWASP Board, the OWASP Conferences Chair, and coauthor and project lead of the OWASP Top Ten Most Critical Web Application Security Vulnerabilities (http://www.owasp.org/index.php?Top10).
Early career focused on InfoSec for DoD, including C&A, Trusted Product Evaluations, Multilevel Security, and Cross Domain Solutions (e.g., Guards) for product vendors, large DoD integrators, and the NSA.
Specialties - Application Security Consulting (specialty focus on Web Application Security), Information Security, Certification & Accreditation, Multilevel Security, Cross Domain Solutions (Guards), Secure Software Development in Java

</div><br clear="all">

==Wilander, John==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>John Wilander is an application security researcher and consultant. He is a partner and evangelist at Omegapoint, a consultancy firm based in Sweden. John typically works as a security focused software developer. Java and JavaScript are his languages of choice. After his Master's degree in Computer Science and Engineering from Linköping University (Sweden) and Nanyang Technological University (Singapore) he pursued a PhD in application security. Last paper still pending but John's research publications can be found at: http://www.ida.liu.se/~johwi/research_publications/ John started the Swedish OWASP Chapter in 2007 and has since been leader and co-leader. In 2010 he chaired the most successful OWASP AppSec EU conference so far – OWASP AppSec Research 2010. John along with the Swedish chapter are listed as contributors to OWASP Top 10 2010.
</div><br clear="all">

==Williams, Jeff==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>Jeff Williams is the founder and CEO of Aspect Security, specializing in application security services including code review, penetration testing, training, and eLearning. Jeff also serves as the volunteer Chair of the Open Web Application Security Project (OWASP) where he has made extensive contributions, including the Top Ten, WebGoat, Secure Software Contract Annex, Enterprise Security API, Application Security Verification Standard, OWASP Risk Rating Methodology, starting the worldwide local chapters program, and starting the Rugged Software movement. Jeff holds advanced degrees in psychology, computer science, and human factors, and graduated cum laude from Georgetown Law. You can contact Jeff at jeff.williams@aspectsecurity.com.
</div><br clear="all">

==Wilson, Doug==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>Doug Wilson is one of the co-chairs of the Washington DC OWASP chapter, and one of the organizers of the OWASP AppSec DC conference in Washington DC. He is a Principal Consultant for MANDIANT, a full service security company based out of the Washington DC area.
Doug has been involved in information security for over a decade. He got his start in the Web 1.0 dot-com years working for web hosting companies, and ended up doing government contracting, with expertise in incident response and multi-tiered application architecture. He currently supports government contracts exploring ways of improving software assurance and confidence in COTS software. He has spoken at a wide variety of professional events in Washington DC, including Shmoocon, and the High Confidence Software and Systems (HCSS) conference.

</div><br clear="all">

== Wuensch, Stefan ==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>Starting as soon as he could grip a screwdriver, Stefan spent his formative years hacking and tinkering with anything run by electricity. Later Stefan joined the Boston-area hacker group L0pht, and was a member for five years. In 1998 Stefan and the other L0pht members testified before the United States Senate as part of a series of hearings on "Weak Computer Security in Government: Is the Public at Risk?" For the past 13 years Stefan has been working at Harvard University where he has been involved with security, high-performance research computing, networking, and systems infrastructure. His current role is Senior UNIX Engineer.
</div><br clear="all">

==Wysopal, Chris==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>Chris Wysopal, Veracode’s CTO and Co-Founder, is responsible for the company’s software security analysis capabilities. In 2008 he was named one of InfoWorld's Top 25 CTO's and one of the 100 most influential people in IT by eWeek. One of the original vulnerability researchers and a member of L0pht Heavy Industries, he has testified on Capitol Hill in the US on the subjects of government computer security and how vulnerabilities are discovered in software. He is the author of “The Art of Software Security Testing” published by Addison-Wesley.
</div><br clear="all">

==Yeo, John==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>John Yeo is Director of Trustwave’s SpiderLabs for the EMEA region. SpiderLabs, one of the world’s largest global security practices, is the advanced security division within Trustwave. SpiderLabs is focused on application security, incident response, penetration testing, physical security and security research. At Trustwave John is responsible for managing the various SpiderLabs teams and all aspects of service delivery within the EMEA region.
</div><br clear="all">

==Zusman, Mike==

<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:PicComingSoon.jpg|150px]]</div><div style=“text-align:justify”>Michael Zusman is a Managing Principal Consultant with the Intrepidus Group. At Intrepidus, his focus is on assisting clients in architecting secure mobile solutions and applications for various platforms including iOS, Android, and RIM. Prior to joining Intrepidus Group, Mike has held the positions of Escalation Engineer at Microsoft, Security Program Manager at Automatic Data Processing, and lead architect & developer at a number of smaller firms.
In addition to his corporate experience, Mike is an independent security researcher, and has responsibly disclosed a number of critical vulnerabilities to commercial software vendors and other clients. He has spoken about mobile application security at a number of top industry events including Black Hat, CanSecWest, OWASP meetings and at local colleges including Polytechnic University.
Mike brings 12 years of security, technology, and business experience to Intrepidus Group. He has attained the CISSP certification, and is a co-leader of the OWASP Mobile Security Project.

</div><br clear="all">

Briechenstein Software Studio
Introducing structure, guidelines, principles and leadership to the technical aspects of Open Web Application Security Software Projects. Framework for software architecture refactoring using model transformations and semantic annotations.
--------------------------------------------------------------------------------

Formal architecture modeling of business applications- software maintenance case studies.
--------------------------------------------------------------------------------

A method for modeling aspect-oriented dynamic software architecture.
--------------------------------------------------------------------------------

Constraint-Based Consistency Checking between Design Decisions and Component Models for Supporting Software Architecture Evolution
--------------------------------------------------------------------------------

A new configuration management model for software based on distributed components and layered architecture.
--------------------------------------------------------------------------------
http://www.owasp.org/index.php/User:Briechenstein_Software_Studio www.owasp.org/index.php/User:Briechenstein_Software_Studio

Summit 2011 Attendee Bios

2012-05-10T18:50:11Z

Briechenstein Software Studio:

File:OWASP Books logo.png

2012-04-29T21:54:24Z

Briechenstein Software Studio: uploaded a new version of "File:OWASP Books logo.png"

User talk:Briechenstein Software Studio

2012-04-07T18:21:02Z

Briechenstein Software Studio: *Briechenstein Cryptographic Software Studio Application - OWASP

'''Welcome to ''OWASP''!'''
<Cryptography Open Web Software Application.>
Copyright (C) <2007> <Briechenstein Software Studio-OWASP>
GNU GENERAL PUBLIC LICENSE
Version 3, 29 June 2007
Copyright © 2007 Free Software Foundation, Inc. <http://fsf.org/>
Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed.
Preamble
The GNU General Public License is a free, copyleft license for software and other kinds of works.
The licenses for most software and other practical works are designed to take away your freedom to share and change the works. By contrast, the GNU General Public License is intended to guarantee your freedom to share and change all versions of a program--to make sure it remains free software for all its users. We, the Free Software Foundation, use the GNU General Public License for most of our software; it applies also to any other work released this way by its authors. You can apply it to your programs, too.
When we speak of free software, we are referring to freedom, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for them if you wish), that you receive source code or can get it if you want it, that you can change the software or use pieces of it in new free programs, and that you know you can do these things.
To protect your rights, we need to prevent others from denying you these rights or asking you to surrender the rights. Therefore, you have certain responsibilities if you distribute copies of the software, or if you modify it: responsibilities to respect the freedom of others.
For example, if you distribute copies of such a program, whether gratis or for a fee, you must pass on to the recipients the same freedoms that you received. You must make sure that they, too, receive or can get the source code. And you must show them these terms so they know their rights.
Developers that use the GNU GPL protect your rights with two steps: (1) assert copyright on the software, and (2) offer you this License giving you legal permission to copy, distribute and/or modify it.
For the developers' and authors' protection, the GPL clearly explains that there is no warranty for this free software. For both users' and authors' sake, the GPL requires that modified versions be marked as changed, so that their problems will not be attributed erroneously to authors of previous versions.
Some devices are designed to deny users access to install or run modified versions of the software inside them, although the manufacturer can do so. This is fundamentally incompatible with the aim of protecting users' freedom to change the software. The systematic pattern of such abuse occurs in the area of products for individuals to use, which is precisely where it is most unacceptable. Therefore, we have designed this version of the GPL to prohibit the practice for those products. If such problems arise substantially in other domains, we stand ready to extend this provision to those domains in future versions of the GPL, as needed to protect the freedom of users.
Finally, every program is threatened constantly by software patents. States should not allow patents to restrict development and use of software on general-purpose computers, but in those that do, we wish to avoid the special danger that patents applied to a free program could make it effectively proprietary. To prevent this, the GPL assures that patents cannot be used to render the program non-free.
The precise terms and conditions for copying, distribution and modification follow.
TERMS AND CONDITIONS
0. Definitions.
“This License” refers to version 3 of the GNU General Public License.
“Copyright” also means copyright-like laws that apply to other kinds of works, such as semiconductor masks.
“The Program” refers to any copyrightable work licensed under this License. Each licensee is addressed as “you”. “Licensees” and “recipients” may be individuals or organizations.
To “modify” a work means to copy from or adapt all or part of the work in a fashion requiring copyright permission, other than the making of an exact copy. The resulting work is called a “modified version” of the earlier work or a work “based on” the earlier work.
A “covered work” means either the unmodified Program or a work based on the Program.
To “propagate” a work means to do anything with it that, without permission, would make you directly or secondarily liable for infringement under applicable copyright law, except executing it on a computer or modifying a private copy. Propagation includes copying, distribution (with or without modification), making available to the public, and in some countries other activities as well.
To “convey” a work means any kind of propagation that enables other parties to make or receive copies. Mere interaction with a user through a computer network, with no transfer of a copy, is not conveying.
An interactive user interface displays “Appropriate Legal Notices” to the extent that it includes a convenient and prominently visible feature that (1) displays an appropriate copyright notice, and (2) tells the user that there is no warranty for the work (except to the extent that warranties are provided), that licensees may convey the work under this License, and how to view a copy of this License. If the interface presents a list of user commands or options, such as a menu, a prominent item in the list meets this criterion.
1. Source Code.
The “source code” for a work means the preferred form of the work for making modifications to it. “Object code” means any non-source form of a work.
A “Standard Interface” means an interface that either is an official standard defined by a recognized standards body, or, in the case of interfaces specified for a particular programming language, one that is widely used among developers working in that language.
The “System Libraries” of an executable work include anything, other than the work as a whole, that (a) is included in the normal form of packaging a Major Component, but which is not part of that Major Component, and (b) serves only to enable use of the work with that Major Component, or to implement a Standard Interface for which an implementation is available to the public in source code form. A “Major Component”, in this context, means a major essential component (kernel, window system, and so on) of the specific operating system (if any) on which the executable work runs, or a compiler used to produce the work, or an object code interpreter used to run it.
The “Corresponding Source” for a work in object code form means all the source code needed to generate, install, and (for an executable work) run the object code and to modify the work, including scripts to control those activities. However, it does not include the work's System Libraries, or general-purpose tools or generally available free programs which are used unmodified in performing those activities but which are not part of the work. For example, Corresponding Source includes interface definition files associated with source files for the work, and the source code for shared libraries and dynamically linked subprograms that the work is specifically designed to require, such as by intimate data communication or control flow between those subprograms and other parts of the work.
The Corresponding Source need not include anything that users can regenerate automatically from other parts of the Corresponding Source.
The Corresponding Source for a work in source code form is that same work.
2. Basic Permissions.
All rights granted under this License are granted for the term of copyright on the Program, and are irrevocable provided the stated conditions are met. This License explicitly affirms your unlimited permission to run the unmodified Program. The output from running a covered work is covered by this License only if the output, given its content, constitutes a covered work. This License acknowledges your rights of fair use or other equivalent, as provided by copyright law.
You may make, run and propagate covered works that you do not convey, without conditions so long as your license otherwise remains in force. You may convey covered works to others for the sole purpose of having them make modifications exclusively for you, or provide you with facilities for running those works, provided that you comply with the terms of this License in conveying all material for which you do not control copyright. Those thus making or running the covered works for you must do so exclusively on your behalf, under your direction and control, on terms that prohibit them from making any copies of your copyrighted material outside their relationship with you.
Conveying under any other circumstances is permitted solely under the conditions stated below. Sublicensing is not allowed; section 10 makes it unnecessary.
3. Protecting Users' Legal Rights From Anti-Circumvention Law.
No covered work shall be deemed part of an effective technological measure under any applicable law fulfilling obligations under article 11 of the WIPO copyright treaty adopted on 20 December 1996, or similar laws prohibiting or restricting circumvention of such measures.
When you convey a covered work, you waive any legal power to forbid circumvention of technological measures to the extent such circumvention is effected by exercising rights under this License with respect to the covered work, and you disclaim any intention to limit operation or modification of the work as a means of enforcing, against the work's users, your or third parties' legal rights to forbid circumvention of technological measures.
4. Conveying Verbatim Copies.
You may convey verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice; keep intact all notices stating that this License and any non-permissive terms added in accord with section 7 apply to the code; keep intact all notices of the absence of any warranty; and give all recipients a copy of this License along with the Program.
You may charge any price or no price for each copy that you convey, and you may offer support or warranty protection for a fee.
5. Conveying Modified Source Versions.
You may convey a work based on the Program, or the modifications to produce it from the Program, in the form of source code under the terms of section 4, provided that you also meet all of these conditions:
a) The work must carry prominent notices stating that you modified it, and giving a relevant date.
b) The work must carry prominent notices stating that it is released under this License and any conditions added under section 7. This requirement modifies the requirement in section 4 to “keep intact all notices”.
c) You must license the entire work, as a whole, under this License to anyone who comes into possession of a copy. This License will therefore apply, along with any applicable section 7 additional terms, to the whole of the work, and all its parts, regardless of how they are packaged. This License gives no permission to license the work in any other way, but it does not invalidate such permission if you have separately received it.
d) If the work has interactive user interfaces, each must display Appropriate Legal Notices; however, if the Program has interactive interfaces that do not display Appropriate Legal Notices, your work need not make them do so.
A compilation of a covered work with other separate and independent works, which are not by their nature extensions of the covered work, and which are not combined with it such as to form a larger program, in or on a volume of a storage or distribution medium, is called an “aggregate” if the compilation and its resulting copyright are not used to limit the access or legal rights of the compilation's users beyond what the individual works permit. Inclusion of a covered work in an aggregate does not cause this License to apply to the other parts of the aggregate.
6. Conveying Non-Source Forms.
You may convey a covered work in object code form under the terms of sections 4 and 5, provided that you also convey the machine-readable Corresponding Source under the terms of this License, in one of these ways:
a) Convey the object code in, or embodied in, a physical product (including a physical distribution medium), accompanied by the Corresponding Source fixed on a durable physical medium customarily used for software interchange.
b) Convey the object code in, or embodied in, a physical product (including a physical distribution medium), accompanied by a written offer, valid for at least three years and valid for as long as you offer spare parts or customer support for that product model, to give anyone who possesses the object code either (1) a copy of the Corresponding Source for all the software in the product that is covered by this License, on a durable physical medium customarily used for software interchange, for a price no more than your reasonable cost of physically performing this conveying of source, or (2) access to copy the Corresponding Source from a network server at no charge.
c) Convey individual copies of the object code with a copy of the written offer to provide the Corresponding Source. This alternative is allowed only occasionally and noncommercially, and only if you received the object code with such an offer, in accord with subsection 6b.
d) Convey the object code by offering access from a designated place (gratis or for a charge), and offer equivalent access to the Corresponding Source in the same way through the same place at no further charge. You need not require recipients to copy the Corresponding Source along with the object code. If the place to copy the object code is a network server, the Corresponding Source may be on a different server (operated by you or a third party) that supports equivalent copying facilities, provided you maintain clear directions next to the object code saying where to find the Corresponding Source. Regardless of what server hosts the Corresponding Source, you remain obligated to ensure that it is available for as long as needed to satisfy these requirements.
e) Convey the object code using peer-to-peer transmission, provided you inform other peers where the object code and Corresponding Source of the work are being offered to the general public at no charge under subsection 6d.
A separable portion of the object code, whose source code is excluded from the Corresponding Source as a System Library, need not be included in conveying the object code work.
A “User Product” is either (1) a “consumer product”, which means any tangible personal property which is normally used for personal, family, or household purposes, or (2) anything designed or sold for incorporation into a dwelling. In determining whether a product is a consumer product, doubtful cases shall be resolved in favor of coverage. For a particular product received by a particular user, “normally used” refers to a typical or common use of that class of product, regardless of the status of the particular user or of the way in which the particular user actually uses, or expects or is expected to use, the product. A product is a consumer product regardless of whether the product has substantial commercial, industrial or non-consumer uses, unless such uses represent the only significant mode of use of the product.
“Installation Information” for a User Product means any methods, procedures, authorization keys, or other information required to install and execute modified versions of a covered work in that User Product from a modified version of its Corresponding Source. The information must suffice to ensure that the continued functioning of the modified object code is in no case prevented or interfered with solely because modification has been made.
If you convey an object code work under this section in, or with, or specifically for use in, a User Product, and the conveying occurs as part of a transaction in which the right of possession and use of the User Product is transferred to the recipient in perpetuity or for a fixed term (regardless of how the transaction is characterized), the Corresponding Source conveyed under this section must be accompanied by the Installation Information. But this requirement does not apply if neither you nor any third party retains the ability to install modified object code on the User Product (for example, the work has been installed in ROM).
The requirement to provide Installation Information does not include a requirement to continue to provide support service, warranty, or updates for a work that has been modified or installed by the recipient, or for the User Product in which it has been modified or installed. Access to a network may be denied when the modification itself materially and adversely affects the operation of the network or violates the rules and protocols for communication across the network.
Corresponding Source conveyed, and Installation Information provided, in accord with this section must be in a format that is publicly documented (and with an implementation available to the public in source code form), and must require no special password or key for unpacking, reading or copying.
7. Additional Terms.
“Additional permissions” are terms that supplement the terms of this License by making exceptions from one or more of its conditions. Additional permissions that are applicable to the entire Program shall be treated as though they were included in this License, to the extent that they are valid under applicable law. If additional permissions apply only to part of the Program, that part may be used separately under those permissions, but the entire Program remains governed by this License without regard to the additional permissions.
When you convey a copy of a covered work, you may at your option remove any additional permissions from that copy, or from any part of it. (Additional permissions may be written to require their own removal in certain cases when you modify the work.) You may place additional permissions on material, added by you to a covered work, for which you have or can give appropriate copyright permission.
Notwithstanding any other provision of this License, for material you add to a covered work, you may (if authorized by the copyright holders of that material) supplement the terms of this License with terms:
a) Disclaiming warranty or limiting liability differently from the terms of sections 15 and 16 of this License; or
b) Requiring preservation of specified reasonable legal notices or author attributions in that material or in the Appropriate Legal Notices displayed by works containing it; or
c) Prohibiting misrepresentation of the origin of that material, or requiring that modified versions of such material be marked in reasonable ways as different from the original version; or
d) Limiting the use for publicity purposes of names of licensors or authors of the material; or
e) Declining to grant rights under trademark law for use of some trade names, trademarks, or service marks; or
f) Requiring indemnification of licensors and authors of that material by anyone who conveys the material (or modified versions of it) with contractual assumptions of liability to the recipient, for any liability that these contractual assumptions directly impose on those licensors and authors.
All other non-permissive additional terms are considered “further restrictions” within the meaning of section 10. If the Program as you received it, or any part of it, contains a notice stating that it is governed by this License along with a term that is a further restriction, you may remove that term. If a license document contains a further restriction but permits relicensing or conveying under this License, you may add to a covered work material governed by the terms of that license document, provided that the further restriction does not survive such relicensing or conveying.
If you add terms to a covered work in accord with this section, you must place, in the relevant source files, a statement of the additional terms that apply to those files, or a notice indicating where to find the applicable terms.
Additional terms, permissive or non-permissive, may be stated in the form of a separately written license, or stated as exceptions; the above requirements apply either way.
8. Termination.
You may not propagate or modify a covered work except as expressly provided under this License. Any attempt otherwise to propagate or modify it is void, and will automatically terminate your rights under this License (including any patent licenses granted under the third paragraph of section 11).
However, if you cease all violation of this License, then your license from a particular copyright holder is reinstated (a) provisionally, unless and until the copyright holder explicitly and finally terminates your license, and (b) permanently, if the copyright holder fails to notify you of the violation by some reasonable means prior to 60 days after the cessation.
Moreover, your license from a particular copyright holder is reinstated permanently if the copyright holder notifies you of the violation by some reasonable means, this is the first time you have received notice of violation of this License (for any work) from that copyright holder, and you cure the violation prior to 30 days after your receipt of the notice.
Termination of your rights under this section does not terminate the licenses of parties who have received copies or rights from you under this License. If your rights have been terminated and not permanently reinstated, you do not qualify to receive new licenses for the same material under section 10.
9. Acceptance Not Required for Having Copies.
You are not required to accept this License in order to receive or run a copy of the Program. Ancillary propagation of a covered work occurring solely as a consequence of using peer-to-peer transmission to receive a copy likewise does not require acceptance. However, nothing other than this License grants you permission to propagate or modify any covered work. These actions infringe copyright if you do not accept this License. Therefore, by modifying or propagating a covered work, you indicate your acceptance of this License to do so.
10. Automatic Licensing of Downstream Recipients.
Each time you convey a covered work, the recipient automatically receives a license from the original licensors, to run, modify and propagate that work, subject to this License. You are not responsible for enforcing compliance by third parties with this License.
An “entity transaction” is a transaction transferring control of an organization, or substantially all assets of one, or subdividing an organization, or merging organizations. If propagation of a covered work results from an entity transaction, each party to that transaction who receives a copy of the work also receives whatever licenses to the work the party's predecessor in interest had or could give under the previous paragraph, plus a right to possession of the Corresponding Source of the work from the predecessor in interest, if the predecessor has it or can get it with reasonable efforts.
You may not impose any further restrictions on the exercise of the rights granted or affirmed under this License. For example, you may not impose a license fee, royalty, or other charge for exercise of rights granted under this License, and you may not initiate litigation (including a cross-claim or counterclaim in a lawsuit) alleging that any patent claim is infringed by making, using, selling, offering for sale, or importing the Program or any portion of it.
11. Patents.
A “contributor” is a copyright holder who authorizes use under this License of the Program or a work on which the Program is based. The work thus licensed is called the contributor's “contributor version”.
A contributor's “essential patent claims” are all patent claims owned or controlled by the contributor, whether already acquired or hereafter acquired, that would be infringed by some manner, permitted by this License, of making, using, or selling its contributor version, but do not include claims that would be infringed only as a consequence of further modification of the contributor version. For purposes of this definition, “control” includes the right to grant patent sublicenses in a manner consistent with the requirements of this License.
Each contributor grants you a non-exclusive, worldwide, royalty-free patent license under the contributor's essential patent claims, to make, use, sell, offer for sale, import and otherwise run, modify and propagate the contents of its contributor version.
In the following three paragraphs, a “patent license” is any express agreement or commitment, however denominated, not to enforce a patent (such as an express permission to practice a patent or covenant not to sue for patent infringement). To “grant” such a patent license to a party means to make such an agreement or commitment not to enforce a patent against the party.
If you convey a covered work, knowingly relying on a patent license, and the Corresponding Source of the work is not available for anyone to copy, free of charge and under the terms of this License, through a publicly available network server or other readily accessible means, then you must either (1) cause the Corresponding Source to be so available, or (2) arrange to deprive yourself of the benefit of the patent license for this particular work, or (3) arrange, in a manner consistent with the requirements of this License, to extend the patent license to downstream recipients. “Knowingly relying” means you have actual knowledge that, but for the patent license, your conveying the covered work in a country, or your recipient's use of the covered work in a country, would infringe one or more identifiable patents in that country that you have reason to believe are valid.
If, pursuant to or in connection with a single transaction or arrangement, you convey, or propagate by procuring conveyance of, a covered work, and grant a patent license to some of the parties receiving the covered work authorizing them to use, propagate, modify or convey a specific copy of the covered work, then the patent license you grant is automatically extended to all recipients of the covered work and works based on it.
A patent license is “discriminatory” if it does not include within the scope of its coverage, prohibits the exercise of, or is conditioned on the non-exercise of one or more of the rights that are specifically granted under this License. You may not convey a covered work if you are a party to an arrangement with a third party that is in the business of distributing software, under which you make payment to the third party based on the extent of your activity of conveying the work, and under which the third party grants, to any of the parties who would receive the covered work from you, a discriminatory patent license (a) in connection with copies of the covered work conveyed by you (or copies made from those copies), or (b) primarily for and in connection with specific products or compilations that contain the covered work, unless you entered into that arrangement, or that patent license was granted, prior to 28 March 2007.
Nothing in this License shall be construed as excluding or limiting any implied license or other defenses to infringement that may otherwise be available to you under applicable patent law.
12. No Surrender of Others' Freedom.
If conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot convey a covered work so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not convey it at all. For example, if you agree to terms that obligate you to collect a royalty for further conveying from those to whom you convey the Program, the only way you could satisfy both those terms and this License would be to refrain entirely from conveying the Program.
13. Use with the GNU Affero General Public License.
Notwithstanding any other provision of this License, you have permission to link or combine any covered work with a work licensed under version 3 of the GNU Affero General Public License into a single combined work, and to convey the resulting work. The terms of this License will continue to apply to the part which is the covered work, but the special requirements of the GNU Affero General Public License, section 13, concerning interaction through a network will apply to the combination as such.
14. Revised Versions of this License.
The Free Software Foundation may publish revised and/or new versions of the GNU General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns.
Each version is given a distinguishing version number. If the Program specifies that a certain numbered version of the GNU General Public License “or any later version” applies to it, you have the option of following the terms and conditions either of that numbered version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of the GNU General Public License, you may choose any version ever published by the Free Software Foundation.
If the Program specifies that a proxy can decide which future versions of the GNU General Public License can be used, that proxy's public statement of acceptance of a version permanently authorizes you to choose that version for the Program.
Later license versions may give you additional or different permissions. However, no additional obligations are imposed on any author or copyright holder as a result of your choosing to follow a later version.
15. Disclaimer of Warranty.
THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM “AS IS” WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION.
16. Limitation of Liability.
IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
17. Interpretation of Sections 15 and 16.
If the disclaimer of warranty and limitation of liability provided above cannot be given local legal effect according to their terms, reviewing courts shall apply local law that most closely approximates an absolute waiver of all civil liability in connection with the Program, unless a warranty or assumption of liability accompanies a copy of the Program in return for a fee.
END OF TERMS AND CONDITIONS
How to Apply These Terms to Your New Programs
If you develop a new program, and you want it to be of the greatest possible use to the public, the best way to achieve this is to make it free software which everyone can redistribute and change under these terms.
To do so, attach the following notices to the program. It is safest to attach them to the start of each source file to most effectively state the exclusion of warranty; and each file should have at least the “copyright” line and a pointer to where the full notice is found.
<one line to give the program's name and a brief idea of what it does.>
Copyright (C) <year> <name of author>

This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
Also add information on how to contact you by electronic and paper mail.
If the program does terminal interaction, make it output a short notice like this when it starts in an interactive mode:
<program> Copyright (C) <year> <name of author>
This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
This is free software, and you are welcome to redistribute it
under certain conditions; type `show c' for details.
The hypothetical commands `show w' and `show c' should show the appropriate parts of the General Public License. Of course, your program's commands might be different; for a GUI interface, you would use an “about box”.
You should also get your employer (if you work as a programmer) or school, if any, to sign a “copyright disclaimer” for the program, if necessary. For more information on this, and how to apply and follow the GNU GPL, see <http://www.gnu.org/licenses/>.
The GNU General Public License does not permit incorporating your program into proprietary programs. If your program is a subroutine library, you may consider it more useful to permit linking proprietary applications with the library. If this is what you want to do, use the GNU Lesser General Public License instead of this License. But first, please read <http://www.gnu.org/philosophy/why-not-lgpl.html>.

[[Category:Cryptographic Control]]

User talk:Briechenstein Software Studio

2012-04-07T18:10:56Z

Briechenstein Software Studio: *Briechenstein

'''Welcome to ''OWASP''!'''
<one line to give the program's name and a brief idea of what it does.>
Copyright (C) <2007> <Briechenstein Software Studio-OWASP>
GNU GENERAL PUBLIC LICENSE
Version 3, 29 June 2007
Copyright © 2007 Free Software Foundation, Inc. <http://fsf.org/>
Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed.
Preamble
The GNU General Public License is a free, copyleft license for software and other kinds of works.
The licenses for most software and other practical works are designed to take away your freedom to share and change the works. By contrast, the GNU General Public License is intended to guarantee your freedom to share and change all versions of a program--to make sure it remains free software for all its users. We, the Free Software Foundation, use the GNU General Public License for most of our software; it applies also to any other work released this way by its authors. You can apply it to your programs, too.
When we speak of free software, we are referring to freedom, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for them if you wish), that you receive source code or can get it if you want it, that you can change the software or use pieces of it in new free programs, and that you know you can do these things.
To protect your rights, we need to prevent others from denying you these rights or asking you to surrender the rights. Therefore, you have certain responsibilities if you distribute copies of the software, or if you modify it: responsibilities to respect the freedom of others.
For example, if you distribute copies of such a program, whether gratis or for a fee, you must pass on to the recipients the same freedoms that you received. You must make sure that they, too, receive or can get the source code. And you must show them these terms so they know their rights.
Developers that use the GNU GPL protect your rights with two steps: (1) assert copyright on the software, and (2) offer you this License giving you legal permission to copy, distribute and/or modify it.
For the developers' and authors' protection, the GPL clearly explains that there is no warranty for this free software. For both users' and authors' sake, the GPL requires that modified versions be marked as changed, so that their problems will not be attributed erroneously to authors of previous versions.
Some devices are designed to deny users access to install or run modified versions of the software inside them, although the manufacturer can do so. This is fundamentally incompatible with the aim of protecting users' freedom to change the software. The systematic pattern of such abuse occurs in the area of products for individuals to use, which is precisely where it is most unacceptable. Therefore, we have designed this version of the GPL to prohibit the practice for those products. If such problems arise substantially in other domains, we stand ready to extend this provision to those domains in future versions of the GPL, as needed to protect the freedom of users.
Finally, every program is threatened constantly by software patents. States should not allow patents to restrict development and use of software on general-purpose computers, but in those that do, we wish to avoid the special danger that patents applied to a free program could make it effectively proprietary. To prevent this, the GPL assures that patents cannot be used to render the program non-free.
The precise terms and conditions for copying, distribution and modification follow.
TERMS AND CONDITIONS
0. Definitions.
“This License” refers to version 3 of the GNU General Public License.
“Copyright” also means copyright-like laws that apply to other kinds of works, such as semiconductor masks.
“The Program” refers to any copyrightable work licensed under this License. Each licensee is addressed as “you”. “Licensees” and “recipients” may be individuals or organizations.
To “modify” a work means to copy from or adapt all or part of the work in a fashion requiring copyright permission, other than the making of an exact copy. The resulting work is called a “modified version” of the earlier work or a work “based on” the earlier work.
A “covered work” means either the unmodified Program or a work based on the Program.
To “propagate” a work means to do anything with it that, without permission, would make you directly or secondarily liable for infringement under applicable copyright law, except executing it on a computer or modifying a private copy. Propagation includes copying, distribution (with or without modification), making available to the public, and in some countries other activities as well.
To “convey” a work means any kind of propagation that enables other parties to make or receive copies. Mere interaction with a user through a computer network, with no transfer of a copy, is not conveying.
An interactive user interface displays “Appropriate Legal Notices” to the extent that it includes a convenient and prominently visible feature that (1) displays an appropriate copyright notice, and (2) tells the user that there is no warranty for the work (except to the extent that warranties are provided), that licensees may convey the work under this License, and how to view a copy of this License. If the interface presents a list of user commands or options, such as a menu, a prominent item in the list meets this criterion.
1. Source Code.
The “source code” for a work means the preferred form of the work for making modifications to it. “Object code” means any non-source form of a work.
A “Standard Interface” means an interface that either is an official standard defined by a recognized standards body, or, in the case of interfaces specified for a particular programming language, one that is widely used among developers working in that language.
The “System Libraries” of an executable work include anything, other than the work as a whole, that (a) is included in the normal form of packaging a Major Component, but which is not part of that Major Component, and (b) serves only to enable use of the work with that Major Component, or to implement a Standard Interface for which an implementation is available to the public in source code form. A “Major Component”, in this context, means a major essential component (kernel, window system, and so on) of the specific operating system (if any) on which the executable work runs, or a compiler used to produce the work, or an object code interpreter used to run it.
The “Corresponding Source” for a work in object code form means all the source code needed to generate, install, and (for an executable work) run the object code and to modify the work, including scripts to control those activities. However, it does not include the work's System Libraries, or general-purpose tools or generally available free programs which are used unmodified in performing those activities but which are not part of the work. For example, Corresponding Source includes interface definition files associated with source files for the work, and the source code for shared libraries and dynamically linked subprograms that the work is specifically designed to require, such as by intimate data communication or control flow between those subprograms and other parts of the work.
The Corresponding Source need not include anything that users can regenerate automatically from other parts of the Corresponding Source.
The Corresponding Source for a work in source code form is that same work.
2. Basic Permissions.
All rights granted under this License are granted for the term of copyright on the Program, and are irrevocable provided the stated conditions are met. This License explicitly affirms your unlimited permission to run the unmodified Program. The output from running a covered work is covered by this License only if the output, given its content, constitutes a covered work. This License acknowledges your rights of fair use or other equivalent, as provided by copyright law.
You may make, run and propagate covered works that you do not convey, without conditions so long as your license otherwise remains in force. You may convey covered works to others for the sole purpose of having them make modifications exclusively for you, or provide you with facilities for running those works, provided that you comply with the terms of this License in conveying all material for which you do not control copyright. Those thus making or running the covered works for you must do so exclusively on your behalf, under your direction and control, on terms that prohibit them from making any copies of your copyrighted material outside their relationship with you.
Conveying under any other circumstances is permitted solely under the conditions stated below. Sublicensing is not allowed; section 10 makes it unnecessary.
3. Protecting Users' Legal Rights From Anti-Circumvention Law.
No covered work shall be deemed part of an effective technological measure under any applicable law fulfilling obligations under article 11 of the WIPO copyright treaty adopted on 20 December 1996, or similar laws prohibiting or restricting circumvention of such measures.
When you convey a covered work, you waive any legal power to forbid circumvention of technological measures to the extent such circumvention is effected by exercising rights under this License with respect to the covered work, and you disclaim any intention to limit operation or modification of the work as a means of enforcing, against the work's users, your or third parties' legal rights to forbid circumvention of technological measures.
4. Conveying Verbatim Copies.
You may convey verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice; keep intact all notices stating that this License and any non-permissive terms added in accord with section 7 apply to the code; keep intact all notices of the absence of any warranty; and give all recipients a copy of this License along with the Program.
You may charge any price or no price for each copy that you convey, and you may offer support or warranty protection for a fee.
5. Conveying Modified Source Versions.
You may convey a work based on the Program, or the modifications to produce it from the Program, in the form of source code under the terms of section 4, provided that you also meet all of these conditions:
a) The work must carry prominent notices stating that you modified it, and giving a relevant date.
b) The work must carry prominent notices stating that it is released under this License and any conditions added under section 7. This requirement modifies the requirement in section 4 to “keep intact all notices”.
c) You must license the entire work, as a whole, under this License to anyone who comes into possession of a copy. This License will therefore apply, along with any applicable section 7 additional terms, to the whole of the work, and all its parts, regardless of how they are packaged. This License gives no permission to license the work in any other way, but it does not invalidate such permission if you have separately received it.
d) If the work has interactive user interfaces, each must display Appropriate Legal Notices; however, if the Program has interactive interfaces that do not display Appropriate Legal Notices, your work need not make them do so.
A compilation of a covered work with other separate and independent works, which are not by their nature extensions of the covered work, and which are not combined with it such as to form a larger program, in or on a volume of a storage or distribution medium, is called an “aggregate” if the compilation and its resulting copyright are not used to limit the access or legal rights of the compilation's users beyond what the individual works permit. Inclusion of a covered work in an aggregate does not cause this License to apply to the other parts of the aggregate.
6. Conveying Non-Source Forms.
You may convey a covered work in object code form under the terms of sections 4 and 5, provided that you also convey the machine-readable Corresponding Source under the terms of this License, in one of these ways:
a) Convey the object code in, or embodied in, a physical product (including a physical distribution medium), accompanied by the Corresponding Source fixed on a durable physical medium customarily used for software interchange.
b) Convey the object code in, or embodied in, a physical product (including a physical distribution medium), accompanied by a written offer, valid for at least three years and valid for as long as you offer spare parts or customer support for that product model, to give anyone who possesses the object code either (1) a copy of the Corresponding Source for all the software in the product that is covered by this License, on a durable physical medium customarily used for software interchange, for a price no more than your reasonable cost of physically performing this conveying of source, or (2) access to copy the Corresponding Source from a network server at no charge.
c) Convey individual copies of the object code with a copy of the written offer to provide the Corresponding Source. This alternative is allowed only occasionally and noncommercially, and only if you received the object code with such an offer, in accord with subsection 6b.
d) Convey the object code by offering access from a designated place (gratis or for a charge), and offer equivalent access to the Corresponding Source in the same way through the same place at no further charge. You need not require recipients to copy the Corresponding Source along with the object code. If the place to copy the object code is a network server, the Corresponding Source may be on a different server (operated by you or a third party) that supports equivalent copying facilities, provided you maintain clear directions next to the object code saying where to find the Corresponding Source. Regardless of what server hosts the Corresponding Source, you remain obligated to ensure that it is available for as long as needed to satisfy these requirements.
e) Convey the object code using peer-to-peer transmission, provided you inform other peers where the object code and Corresponding Source of the work are being offered to the general public at no charge under subsection 6d.
A separable portion of the object code, whose source code is excluded from the Corresponding Source as a System Library, need not be included in conveying the object code work.
A “User Product” is either (1) a “consumer product”, which means any tangible personal property which is normally used for personal, family, or household purposes, or (2) anything designed or sold for incorporation into a dwelling. In determining whether a product is a consumer product, doubtful cases shall be resolved in favor of coverage. For a particular product received by a particular user, “normally used” refers to a typical or common use of that class of product, regardless of the status of the particular user or of the way in which the particular user actually uses, or expects or is expected to use, the product. A product is a consumer product regardless of whether the product has substantial commercial, industrial or non-consumer uses, unless such uses represent the only significant mode of use of the product.
“Installation Information” for a User Product means any methods, procedures, authorization keys, or other information required to install and execute modified versions of a covered work in that User Product from a modified version of its Corresponding Source. The information must suffice to ensure that the continued functioning of the modified object code is in no case prevented or interfered with solely because modification has been made.
If you convey an object code work under this section in, or with, or specifically for use in, a User Product, and the conveying occurs as part of a transaction in which the right of possession and use of the User Product is transferred to the recipient in perpetuity or for a fixed term (regardless of how the transaction is characterized), the Corresponding Source conveyed under this section must be accompanied by the Installation Information. But this requirement does not apply if neither you nor any third party retains the ability to install modified object code on the User Product (for example, the work has been installed in ROM).
The requirement to provide Installation Information does not include a requirement to continue to provide support service, warranty, or updates for a work that has been modified or installed by the recipient, or for the User Product in which it has been modified or installed. Access to a network may be denied when the modification itself materially and adversely affects the operation of the network or violates the rules and protocols for communication across the network.
Corresponding Source conveyed, and Installation Information provided, in accord with this section must be in a format that is publicly documented (and with an implementation available to the public in source code form), and must require no special password or key for unpacking, reading or copying.
7. Additional Terms.
“Additional permissions” are terms that supplement the terms of this License by making exceptions from one or more of its conditions. Additional permissions that are applicable to the entire Program shall be treated as though they were included in this License, to the extent that they are valid under applicable law. If additional permissions apply only to part of the Program, that part may be used separately under those permissions, but the entire Program remains governed by this License without regard to the additional permissions.
When you convey a copy of a covered work, you may at your option remove any additional permissions from that copy, or from any part of it. (Additional permissions may be written to require their own removal in certain cases when you modify the work.) You may place additional permissions on material, added by you to a covered work, for which you have or can give appropriate copyright permission.
Notwithstanding any other provision of this License, for material you add to a covered work, you may (if authorized by the copyright holders of that material) supplement the terms of this License with terms:
a) Disclaiming warranty or limiting liability differently from the terms of sections 15 and 16 of this License; or
b) Requiring preservation of specified reasonable legal notices or author attributions in that material or in the Appropriate Legal Notices displayed by works containing it; or
c) Prohibiting misrepresentation of the origin of that material, or requiring that modified versions of such material be marked in reasonable ways as different from the original version; or
d) Limiting the use for publicity purposes of names of licensors or authors of the material; or
e) Declining to grant rights under trademark law for use of some trade names, trademarks, or service marks; or
f) Requiring indemnification of licensors and authors of that material by anyone who conveys the material (or modified versions of it) with contractual assumptions of liability to the recipient, for any liability that these contractual assumptions directly impose on those licensors and authors.
All other non-permissive additional terms are considered “further restrictions” within the meaning of section 10. If the Program as you received it, or any part of it, contains a notice stating that it is governed by this License along with a term that is a further restriction, you may remove that term. If a license document contains a further restriction but permits relicensing or conveying under this License, you may add to a covered work material governed by the terms of that license document, provided that the further restriction does not survive such relicensing or conveying.
If you add terms to a covered work in accord with this section, you must place, in the relevant source files, a statement of the additional terms that apply to those files, or a notice indicating where to find the applicable terms.
Additional terms, permissive or non-permissive, may be stated in the form of a separately written license, or stated as exceptions; the above requirements apply either way.
8. Termination.
You may not propagate or modify a covered work except as expressly provided under this License. Any attempt otherwise to propagate or modify it is void, and will automatically terminate your rights under this License (including any patent licenses granted under the third paragraph of section 11).
However, if you cease all violation of this License, then your license from a particular copyright holder is reinstated (a) provisionally, unless and until the copyright holder explicitly and finally terminates your license, and (b) permanently, if the copyright holder fails to notify you of the violation by some reasonable means prior to 60 days after the cessation.
Moreover, your license from a particular copyright holder is reinstated permanently if the copyright holder notifies you of the violation by some reasonable means, this is the first time you have received notice of violation of this License (for any work) from that copyright holder, and you cure the violation prior to 30 days after your receipt of the notice.
Termination of your rights under this section does not terminate the licenses of parties who have received copies or rights from you under this License. If your rights have been terminated and not permanently reinstated, you do not qualify to receive new licenses for the same material under section 10.
9. Acceptance Not Required for Having Copies.
You are not required to accept this License in order to receive or run a copy of the Program. Ancillary propagation of a covered work occurring solely as a consequence of using peer-to-peer transmission to receive a copy likewise does not require acceptance. However, nothing other than this License grants you permission to propagate or modify any covered work. These actions infringe copyright if you do not accept this License. Therefore, by modifying or propagating a covered work, you indicate your acceptance of this License to do so.
10. Automatic Licensing of Downstream Recipients.
Each time you convey a covered work, the recipient automatically receives a license from the original licensors, to run, modify and propagate that work, subject to this License. You are not responsible for enforcing compliance by third parties with this License.
An “entity transaction” is a transaction transferring control of an organization, or substantially all assets of one, or subdividing an organization, or merging organizations. If propagation of a covered work results from an entity transaction, each party to that transaction who receives a copy of the work also receives whatever licenses to the work the party's predecessor in interest had or could give under the previous paragraph, plus a right to possession of the Corresponding Source of the work from the predecessor in interest, if the predecessor has it or can get it with reasonable efforts.
You may not impose any further restrictions on the exercise of the rights granted or affirmed under this License. For example, you may not impose a license fee, royalty, or other charge for exercise of rights granted under this License, and you may not initiate litigation (including a cross-claim or counterclaim in a lawsuit) alleging that any patent claim is infringed by making, using, selling, offering for sale, or importing the Program or any portion of it.
11. Patents.
A “contributor” is a copyright holder who authorizes use under this License of the Program or a work on which the Program is based. The work thus licensed is called the contributor's “contributor version”.
A contributor's “essential patent claims” are all patent claims owned or controlled by the contributor, whether already acquired or hereafter acquired, that would be infringed by some manner, permitted by this License, of making, using, or selling its contributor version, but do not include claims that would be infringed only as a consequence of further modification of the contributor version. For purposes of this definition, “control” includes the right to grant patent sublicenses in a manner consistent with the requirements of this License.
Each contributor grants you a non-exclusive, worldwide, royalty-free patent license under the contributor's essential patent claims, to make, use, sell, offer for sale, import and otherwise run, modify and propagate the contents of its contributor version.
In the following three paragraphs, a “patent license” is any express agreement or commitment, however denominated, not to enforce a patent (such as an express permission to practice a patent or covenant not to sue for patent infringement). To “grant” such a patent license to a party means to make such an agreement or commitment not to enforce a patent against the party.
If you convey a covered work, knowingly relying on a patent license, and the Corresponding Source of the work is not available for anyone to copy, free of charge and under the terms of this License, through a publicly available network server or other readily accessible means, then you must either (1) cause the Corresponding Source to be so available, or (2) arrange to deprive yourself of the benefit of the patent license for this particular work, or (3) arrange, in a manner consistent with the requirements of this License, to extend the patent license to downstream recipients. “Knowingly relying” means you have actual knowledge that, but for the patent license, your conveying the covered work in a country, or your recipient's use of the covered work in a country, would infringe one or more identifiable patents in that country that you have reason to believe are valid.
If, pursuant to or in connection with a single transaction or arrangement, you convey, or propagate by procuring conveyance of, a covered work, and grant a patent license to some of the parties receiving the covered work authorizing them to use, propagate, modify or convey a specific copy of the covered work, then the patent license you grant is automatically extended to all recipients of the covered work and works based on it.
A patent license is “discriminatory” if it does not include within the scope of its coverage, prohibits the exercise of, or is conditioned on the non-exercise of one or more of the rights that are specifically granted under this License. You may not convey a covered work if you are a party to an arrangement with a third party that is in the business of distributing software, under which you make payment to the third party based on the extent of your activity of conveying the work, and under which the third party grants, to any of the parties who would receive the covered work from you, a discriminatory patent license (a) in connection with copies of the covered work conveyed by you (or copies made from those copies), or (b) primarily for and in connection with specific products or compilations that contain the covered work, unless you entered into that arrangement, or that patent license was granted, prior to 28 March 2007.
Nothing in this License shall be construed as excluding or limiting any implied license or other defenses to infringement that may otherwise be available to you under applicable patent law.
12. No Surrender of Others' Freedom.
If conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot convey a covered work so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not convey it at all. For example, if you agree to terms that obligate you to collect a royalty for further conveying from those to whom you convey the Program, the only way you could satisfy both those terms and this License would be to refrain entirely from conveying the Program.
13. Use with the GNU Affero General Public License.
Notwithstanding any other provision of this License, you have permission to link or combine any covered work with a work licensed under version 3 of the GNU Affero General Public License into a single combined work, and to convey the resulting work. The terms of this License will continue to apply to the part which is the covered work, but the special requirements of the GNU Affero General Public License, section 13, concerning interaction through a network will apply to the combination as such.
14. Revised Versions of this License.
The Free Software Foundation may publish revised and/or new versions of the GNU General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns.
Each version is given a distinguishing version number. If the Program specifies that a certain numbered version of the GNU General Public License “or any later version” applies to it, you have the option of following the terms and conditions either of that numbered version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of the GNU General Public License, you may choose any version ever published by the Free Software Foundation.
If the Program specifies that a proxy can decide which future versions of the GNU General Public License can be used, that proxy's public statement of acceptance of a version permanently authorizes you to choose that version for the Program.
Later license versions may give you additional or different permissions. However, no additional obligations are imposed on any author or copyright holder as a result of your choosing to follow a later version.
15. Disclaimer of Warranty.
THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM “AS IS” WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION.
16. Limitation of Liability.
IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
17. Interpretation of Sections 15 and 16.
If the disclaimer of warranty and limitation of liability provided above cannot be given local legal effect according to their terms, reviewing courts shall apply local law that most closely approximates an absolute waiver of all civil liability in connection with the Program, unless a warranty or assumption of liability accompanies a copy of the Program in return for a fee.
END OF TERMS AND CONDITIONS
How to Apply These Terms to Your New Programs
If you develop a new program, and you want it to be of the greatest possible use to the public, the best way to achieve this is to make it free software which everyone can redistribute and change under these terms.
To do so, attach the following notices to the program. It is safest to attach them to the start of each source file to most effectively state the exclusion of warranty; and each file should have at least the “copyright” line and a pointer to where the full notice is found.
<one line to give the program's name and a brief idea of what it does.>
Copyright (C) <year> <name of author>

This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
Also add information on how to contact you by electronic and paper mail.
If the program does terminal interaction, make it output a short notice like this when it starts in an interactive mode:
<program> Copyright (C) <year> <name of author>
This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
This is free software, and you are welcome to redistribute it
under certain conditions; type `show c' for details.
The hypothetical commands `show w' and `show c' should show the appropriate parts of the General Public License. Of course, your program's commands might be different; for a GUI interface, you would use an “about box”.
You should also get your employer (if you work as a programmer) or school, if any, to sign a “copyright disclaimer” for the program, if necessary. For more information on this, and how to apply and follow the GNU GPL, see <http://www.gnu.org/licenses/>.
The GNU General Public License does not permit incorporating your program into proprietary programs. If your program is a subroutine library, you may consider it more useful to permit linking proprietary applications with the library. If this is what you want to do, use the GNU Lesser General Public License instead of this License. But first, please read <http://www.gnu.org/philosophy/why-not-lgpl.html>.

[[Category:Cryptographic Control]]

Category:OWASP Application Security Verification Standard Project Proposal

2012-04-05T23:15:20Z

Briechenstein Software Studio:

Category:OWASP Application Security Verification Standard Project Proposal

2012-04-05T23:13:23Z

Briechenstein Software Studio: