OWASP - User contributions [en]

August 2006 Austin Chapter Meeting

2006-08-11T19:22:47Z

MatthewFranz: /* Agenda */

= Agenda =

'''AJAX Security: Here We Go Again'''
by Dan Cornell of [http://www.denimgroup.com Denim Group]

''Abstract''

AJAX (or Asynchronous JavaScript And XML) is the hot new web programming technique being used to create rich Internet applications. By interacting with the server behind the scenes and updating web page DOMs, AJAX applications bring a new level of responsiveness to the web and opens exciting new possibilities for creating new classes of applications. The success of applications such as Google Maps and Flickr is a testament to the exciting potential AJAX techniques bring to the discipline of web application development.

Unfortunately many organizations implementing these techniques are doing so without considering the security implications on application design and development. Furthermore, because these techniques are so new the threats and countermeasures are not well understood. This presentation will give an explanation of AJAX techniques and will examine the underlying constructs and their behavior. Next it will examine how common web application vulnerabilities translate to AJAX environments well as new threats that are specific to AJAX applications. The presentation will conclude with a demonstration of "sprajax," an alpha-release open-source tool developed by Denim Group that analyzes web applications for potential security vulnerabilities exposed through the use of AJAX.

''Presenter Bio''

Dan Cornell is a Principal of the Denim Group, a Texas-based consultancy providing software development and application security services. He has extensive experience architecting and developing enterprise web applications on a variety of platforms as well as training and mentoring development teams on application security and secure coding techniques. Dan is the creator and primary author of the sprajax open source AJAX security assessment tool. He is an MCSD as well as a Java 2 Certified Programmer.

= Directions =

August 2006 Austin Chapter Meeting

2006-08-11T19:22:27Z

MatthewFranz: /* Agenda */

= Agenda =

'''AJAX Security: Here We Go Again'''
by Dan Cornell of [http://www.denimgroup.com Denim Group]

''Abstract''
AJAX (or Asynchronous JavaScript And XML) is the hot new web programming technique being used to create rich Internet applications. By interacting with the server behind the scenes and updating web page DOMs, AJAX applications bring a new level of responsiveness to the web and opens exciting new possibilities for creating new classes of applications. The success of applications such as Google Maps and Flickr is a testament to the exciting potential AJAX techniques bring to the discipline of web application development.

Unfortunately many organizations implementing these techniques are doing so without considering the security implications on application design and development. Furthermore, because these techniques are so new the threats and countermeasures are not well understood. This presentation will give an explanation of AJAX techniques and will examine the underlying constructs and their behavior. Next it will examine how common web application vulnerabilities translate to AJAX environments well as new threats that are specific to AJAX applications. The presentation will conclude with a demonstration of "sprajax," an alpha-release open-source tool developed by Denim Group that analyzes web applications for potential security vulnerabilities exposed through the use of AJAX.

''Presenter Bio''
Dan Cornell is a Principal of the Denim Group, a Texas-based consultancy providing software development and application security services. He has extensive experience architecting and developing enterprise web applications on a variety of platforms as well as training and mentoring development teams on application security and secure coding techniques. Dan is the creator and primary author of the sprajax open source AJAX security assessment tool. He is an MCSD as well as a Java 2 Certified Programmer.

= Directions =

August 2006 Austin Chapter Meeting

2006-08-11T19:21:43Z

MatthewFranz: /* Agenda */

= Agenda =

'''AJAX Security: Here We Go Again'''
by Dan Cornell of [http://www.denimgroup.com Denim Group]

[[Abstract]]
AJAX (or Asynchronous JavaScript And XML) is the hot new web programming technique being used to create rich Internet applications. By interacting with the server behind the scenes and updating web page DOMs, AJAX applications bring a new level of responsiveness to the web and opens exciting new possibilities for creating new classes of applications. The success of applications such as Google Maps and Flickr is a testament to the exciting potential AJAX techniques bring to the discipline of web application development.

Unfortunately many organizations implementing these techniques are doing so without considering the security implications on application design and development. Furthermore, because these techniques are so new the threats and countermeasures are not well understood. This presentation will give an explanation of AJAX techniques and will examine the underlying constructs and their behavior. Next it will examine how common web application vulnerabilities translate to AJAX environments well as new threats that are specific to AJAX applications. The presentation will conclude with a demonstration of "sprajax," an alpha-release open-source tool developed by Denim Group that analyzes web applications for potential security vulnerabilities exposed through the use of AJAX.

[[Presenter Bio]]

Dan Cornell is a Principal of the Denim Group, a Texas-based consultancy providing software development and application security services. He has extensive experience architecting and developing enterprise web applications on a variety of platforms as well as training and mentoring development teams on application security and secure coding techniques. Dan is the creator and primary author of the sprajax open source AJAX security assessment tool. He is an MCSD as well as a Java 2 Certified Programmer.

= Directions =

August 2006 Austin Chapter Meeting

2006-08-11T19:20:39Z

MatthewFranz: /* Agenda */

= Agenda =

'''AJAX Security: Here We Go Again'''
by Dan Cornell of [http://www.denimgroup.com Denim Group]

''AJAX (or Asynchronous JavaScript And XML) is the hot new web programming technique being used to create rich Internet applications. By interacting with the server behind the scenes and updating web page DOMs, AJAX applications bring a new level of responsiveness to the web and opens exciting new possibilities for creating new classes of applications. The success of applications such as Google Maps and Flickr is a testament to the exciting potential AJAX techniques bring to the discipline of web application development.

Unfortunately many organizations implementing these techniques are doing so without considering the security implications on application design and development. Furthermore, because these techniques are so new the threats and countermeasures are not well understood. This presentation will give an explanation of AJAX techniques and will examine the underlying constructs and their behavior. Next it will examine how common web application vulnerabilities translate to AJAX environments well as new threats that are specific to AJAX applications. The presentation will conclude with a demonstration of "sprajax," an alpha-release open-source tool developed by Denim Group that analyzes web applications for potential security vulnerabilities exposed through the use of AJAX.''

''Presenter Bio:''

Dan Cornell is a Principal of the Denim Group, a Texas-based consultancy providing software development and application security services. He has extensive experience architecting and developing enterprise web applications on a variety of platforms as well as training and mentoring development teams on application security and secure coding techniques. Dan is the creator and primary author of the sprajax open source AJAX security assessment tool. He is an MCSD as well as a Java 2 Certified Programmer.

= Directions =

August 2006 Austin Chapter Meeting

2006-08-11T18:10:35Z

MatthewFranz:

= Agenda =

= Directions =

Austin

2006-08-10T15:58:12Z

MatthewFranz: /* Local News */

{{Chapter Template|chaptername=Austin|extra=The chapter leader is [mailto:cdewitt@indepthsec.com Cris Dewitt]|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-austin}}

== Local News ==

''If a link is available, click for more details on directions, speakers, etc. You can also review [http://lists.owasp.org/pipermail/owasp-austin/ Email Archives] to see what folks have been talking about''

'''Austin OWASP chapter kickoff meeting''' - Thursday, 7/27, 12-2pm @ Whole Foods Market (downtown, plaza level, sign in with receptionist)

[[August 2006 Austin Chapter Meeting]] - Tuesday- 8/29, 11:30-1:30 at a TBD National Instruments conference room. See [http://maps.google.com/maps?f=q&hl=en&q=11500+N+Mo-Pac+Expy,+Austin,+TX+78759&ie=UTF8&ll=30.406377,-97.726135&spn=0.017211,0.036778&om=1 directions to National Instruments]. ''Hint:'' It is on your left on MOPAC if you were heading up to Fry's from Austin.

[[September 2006 Austin Chapter Meeting]] - 9/26, 12-1:00 at Texas ACCESS Alliance building located at the intersection of IH-35 South and Ben White

== Presentation Archives ==

The following presentations have been given at local chapter meetings:

* Single Sign On (7/27)

* [http://www.threatmind.net/papers/franz-basic-j2ee-tools-owasp-austin.pdf A Rough Start of a Toolset for Assessing Java/J2EE Web Apps] (7/27) - [[MatthewFranz]] discussed some custom Python tools he has been writing for conducting security testing of a Struts (and other Java) web applications.

Austin

2006-08-10T15:57:40Z

MatthewFranz: /* Local News */

{{Chapter Template|chaptername=Austin|extra=The chapter leader is [mailto:cdewitt@indepthsec.com Cris Dewitt]|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-austin}}

== Local News ==

''If a link is available, click for more details on directions, speakers, etc.''

You can also review [http://lists.owasp.org/pipermail/owasp-austin/ Email Archives]

'''Austin OWASP chapter kickoff meeting''' - Thursday, 7/27, 12-2pm @ Whole Foods Market (downtown, plaza level, sign in with receptionist)

[[August 2006 Austin Chapter Meeting]] - Tuesday- 8/29, 11:30-1:30 at a TBD National Instruments conference room. See [http://maps.google.com/maps?f=q&hl=en&q=11500+N+Mo-Pac+Expy,+Austin,+TX+78759&ie=UTF8&ll=30.406377,-97.726135&spn=0.017211,0.036778&om=1 directions to National Instruments]. ''Hint:'' It is on your left on MOPAC if you were heading up to Fry's from Austin.

[[September 2006 Austin Chapter Meeting]] - 9/26, 12-1:00 at Texas ACCESS Alliance building located at the intersection of IH-35 South and Ben White

== Presentation Archives ==

The following presentations have been given at local chapter meetings:

* Single Sign On (7/27)

* [http://www.threatmind.net/papers/franz-basic-j2ee-tools-owasp-austin.pdf A Rough Start of a Toolset for Assessing Java/J2EE Web Apps] (7/27) - [[MatthewFranz]] discussed some custom Python tools he has been writing for conducting security testing of a Struts (and other Java) web applications.

File:OWASP-Single-Sign-On-Vijay.pdf

2006-08-06T04:00:56Z

MatthewFranz:

Austin

2006-08-03T18:34:02Z

MatthewFranz: /* Local News */

{{Chapter Template|chaptername=Austin|extra=The chapter leader is [mailto:cdewitt@indepthsec.com Cris Dewitt]|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-austin}}

== Local News ==

''If a link is available, click for more details on directions, speakers, etc.''

'''Austin OWASP chapter kickoff meeting''' - Thursday, 7/27, 12-2pm @ Whole Foods Market (downtown, plaza level, sign in with receptionist)

[[August 2006 Austin Chapter Meeting]] - Tuesday- 8/29, 11:30-1:30 at a TBD National Instruments conference room. See [http://maps.google.com/maps?f=q&hl=en&q=11500+N+Mo-Pac+Expy,+Austin,+TX+78759&ie=UTF8&ll=30.406377,-97.726135&spn=0.017211,0.036778&om=1 directions to National Instruments]. ''Hint:'' It is on your left on MOPAC if you were heading up to Fry's from Austin.

[[September 2006 Austin Chapter Meeting]] - 9/26, 12-1:00 at Texas ACCESS Alliance building located at the intersection of IH-35 South and Ben White

== Presentation Archives ==

The following presentations have been given at local chapter meetings:

* Single Sign On (7/27)

* [http://www.threatmind.net/papers/franz-basic-j2ee-tools-owasp-austin.pdf A Rough Start of a Toolset for Assessing Java/J2EE Web Apps] (7/27) - [[MatthewFranz]] discussed some custom Python tools he has been writing for conducting security testing of a Struts (and other Java) web applications.

Austin

2006-08-03T18:33:38Z

MatthewFranz: /* Local News */

{{Chapter Template|chaptername=Austin|extra=The chapter leader is [mailto:cdewitt@indepthsec.com Cris Dewitt]|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-austin}}

== Local News ==

''If a link is available, click for more details on directions, speakers, etc.''

'''Austin OWASP chapter kickoff meeting''' - Thursday, 7/27, 12-2pm @ Whole Foods Market (downtown, plaza level, sign in with receptionist)

[[Augst 2006 Austin Chapter Meeting]] - Tuesday- 8/29, 11:30-1:30 at a TBD National Instruments conference room. See [http://maps.google.com/maps?f=q&hl=en&q=11500+N+Mo-Pac+Expy,+Austin,+TX+78759&ie=UTF8&ll=30.406377,-97.726135&spn=0.017211,0.036778&om=1 directions to National Instruments]. ''Hint:'' It is on your left on MOPAC if you were heading up to Fry's from Austin.

[[September 2006 Austin Chapter Meeting]] - 9/26, 12-1:00 at Texas ACCESS Alliance building located at the intersection of IH-35 South and Ben White

== Presentation Archives ==

The following presentations have been given at local chapter meetings:

* Single Sign On (7/27)

* [http://www.threatmind.net/papers/franz-basic-j2ee-tools-owasp-austin.pdf A Rough Start of a Toolset for Assessing Java/J2EE Web Apps] (7/27) - [[MatthewFranz]] discussed some custom Python tools he has been writing for conducting security testing of a Struts (and other Java) web applications.

September 2006 Austin Chapter Meeting

2006-08-03T18:32:11Z

MatthewFranz: /* Directions */

= Date & Time =

12:00 - 1:00 PM September 26

= Agenda =

= Directions =
I am pleased to confirm availability of a conference room on September
26th from noon to 1:00 pm for the Austin OWASP Chapter meeting.

We will be meeting in Conference Room 194 (Capacity 25) of the Texas
ACCESS Alliance building located at the intersection of IH-35 South and
Ben White. The street address is 4000 S. IH-35 South, 78704. The
facility is a 9 story office building on the northwest side of the
interchange. The face of the building is marked with Southfield and
Accenture signs.

A map is located at http://www.google.com/maps?f=q&hl=en&q=4000+I-35+S,+Austin,+TX+78704&ie=UTF8&om=1

Attendees should enter from the rear entrance (west side) and sign in at
the Reception Desk. There is limited visitor parking located on that
side of the bulding; attendees should plan to arrive a few minutes
before the meeting to ensure that a parking sopt can be found.

The conference room has a data projector and Internet access. A small
kitchen/coffee bar is located adjacent to the room to set up a buffet
lunch.

Austin

2006-08-03T18:30:25Z

MatthewFranz: /* Local News */

{{Chapter Template|chaptername=Austin|extra=The chapter leader is [mailto:cdewitt@indepthsec.com Cris Dewitt]|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-austin}}

== Local News ==

''If a link is available, click for more details on directions, speakers, etc.''

'''Austin OWASP chapter kickoff meeting''' - Thursday, 7/27, 12-2pm @ Whole Foods Market (downtown, plaza level, sign in with receptionist)

'''August Austin OWASP Meeting''' - Tuesday- 8/29, 11:30-1:30 at a TBD National Instruments conference room. See [http://maps.google.com/maps?f=q&hl=en&q=11500+N+Mo-Pac+Expy,+Austin,+TX+78759&ie=UTF8&ll=30.406377,-97.726135&spn=0.017211,0.036778&om=1 directions to National Instruments]. ''Hint:'' It is on your left on MOPAC if you were heading up to Fry's from Austin.

[[September 2006 Austin Chapter Meeting]] - 9/26, 12-1:00 at Texas ACCESS Alliance building located at the intersection of IH-35 South and Ben White

== Presentation Archives ==

The following presentations have been given at local chapter meetings:

* Single Sign On (7/27)

* [http://www.threatmind.net/papers/franz-basic-j2ee-tools-owasp-austin.pdf A Rough Start of a Toolset for Assessing Java/J2EE Web Apps] (7/27) - [[MatthewFranz]] discussed some custom Python tools he has been writing for conducting security testing of a Struts (and other Java) web applications.

September 2006 Austin Chapter Meeting

2006-08-03T18:29:11Z

MatthewFranz:

= Date & Time =

12:00 - 1:00 PM September 26

= Agenda =

= Directions =
I am pleased to confirm availability of a conference room on September
26th from noon to 1:00 pm for the Austin OWASP Chapter meeting.

We will be meeting in Conference Room 194 (Capacity 25) of the Texas
ACCESS Alliance building located at the intersection of IH-35 South and
Ben White. The street address is 4000 S. IH-35 South, 78704. The
facility is a 9 story office building on the northwest side of the
interchange. The face of the building is marked with Southfield and
Accenture signs.

A map is located at http://www.google.com/maps?f=q&hl=en&q=4000+I-35+S,+Austin,+TX+78704&ie=
UTF8&om=1

Attendees should enter from the rear entrance (west side) and sign in at
the Reception Desk. There is limited visitor parking located on that
side of the bulding; attendees should plan to arrive a few minutes
before the meeting to ensure that a parking sopt can be found.

The conference room has a data projector and Internet access. A small
kitchen/coffee bar is located adjacent to the room to set up a buffet
lunch.

September 2006 Austin Chapter Meeting

2006-08-03T18:27:50Z

MatthewFranz:

# Agenda #

# Directions #
I am pleased to confirm availability of a conference room on September
26th from noon to 1:00 pm for the Austin OWASP Chapter meeting.

We will be meeting in Conference Room 194 (Capacity 25) of the Texas
ACCESS Alliance building located at the intersection of IH-35 South and
Ben White. The street address is 4000 S. IH-35 South, 78704. The
facility is a 9 story office building on the northwest side of the
interchange. The face of the building is marked with Southfield and
Accenture signs.

A map is located at http://www.google.com/maps?f=q&hl=en&q=4000+I-35+S,+Austin,+TX+78704&ie=
UTF8&om=1

Attendees should enter from the rear entrance (west side) and sign in at
the Reception Desk. There is limited visitor parking located on that
side of the bulding; attendees should plan to arrive a few minutes
before the meeting to ensure that a parking sopt can be found.

The conference room has a data projector and Internet access. A small
kitchen/coffee bar is located adjacent to the room to set up a buffet
lunch.

Austin

2006-08-03T18:26:45Z

MatthewFranz: /* Local News */

{{Chapter Template|chaptername=Austin|extra=The chapter leader is [mailto:cdewitt@indepthsec.com Cris Dewitt]|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-austin}}

== Local News ==

''If a link is available, click for more details on directions, speakers, etc.''

'''Austin OWASP chapter kickoff meeting''' - Thursday, 7/27, 12-2pm @ Whole Foods Market (downtown, plaza level, sign in with receptionist)

'''August Austin OWASP Meeting''' - Tuesday- 8/29, 11:30-1:30 at a TBD National Instruments conference room. See [http://maps.google.com/maps?f=q&hl=en&q=11500+N+Mo-Pac+Expy,+Austin,+TX+78759&ie=UTF8&ll=30.406377,-97.726135&spn=0.017211,0.036778&om=1 directions to National Instruments]. ''Hint:'' It is on your left on MOPAC if you were heading up to Fry's from Austin.

[[September 2006 Austin Chapter Meeting]]

== Presentation Archives ==

The following presentations have been given at local chapter meetings:

* Single Sign On (7/27)

* [http://www.threatmind.net/papers/franz-basic-j2ee-tools-owasp-austin.pdf A Rough Start of a Toolset for Assessing Java/J2EE Web Apps] (7/27) - [[MatthewFranz]] discussed some custom Python tools he has been writing for conducting security testing of a Struts (and other Java) web applications.

Austin

2006-08-03T18:26:07Z

MatthewFranz: /* Local News */

{{Chapter Template|chaptername=Austin|extra=The chapter leader is [mailto:cdewitt@indepthsec.com Cris Dewitt]|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-austin}}

== Local News ==

''If a link is available, click for more details on directions, speakers, etc.''

'''Austin OWASP chapter kickoff meeting''' - Thursday, 7/27, 12-2pm @ Whole Foods Market (downtown, plaza level, sign in with receptionist)

'''August Austin OWASP Meeting''' - Tuesday- 8/29, 11:30-1:30 at a TBD National Instruments conference room. See [http://maps.google.com/maps?f=q&hl=en&q=11500+N+Mo-Pac+Expy,+Austin,+TX+78759&ie=UTF8&ll=30.406377,-97.726135&spn=0.017211,0.036778&om=1 directions to National Instruments]. ''Hint:'' It is on your left on MOPAC if you were heading up to Fry's from Austin.

[["AustinSept06" September '06 Meeting]]

== Presentation Archives ==

The following presentations have been given at local chapter meetings:

* Single Sign On (7/27)

* [http://www.threatmind.net/papers/franz-basic-j2ee-tools-owasp-austin.pdf A Rough Start of a Toolset for Assessing Java/J2EE Web Apps] (7/27) - [[MatthewFranz]] discussed some custom Python tools he has been writing for conducting security testing of a Struts (and other Java) web applications.

Austin

2006-08-03T18:25:48Z

MatthewFranz: /* Local News */

{{Chapter Template|chaptername=Austin|extra=The chapter leader is [mailto:cdewitt@indepthsec.com Cris Dewitt]|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-austin}}

== Local News ==

''If a link is available, click for more details on directions, speakers, etc.''

'''Austin OWASP chapter kickoff meeting''' - Thursday, 7/27, 12-2pm @ Whole Foods Market (downtown, plaza level, sign in with receptionist)

'''August Austin OWASP Meeting''' - Tuesday- 8/29, 11:30-1:30 at a TBD National Instruments conference room. See [http://maps.google.com/maps?f=q&hl=en&q=11500+N+Mo-Pac+Expy,+Austin,+TX+78759&ie=UTF8&ll=30.406377,-97.726135&spn=0.017211,0.036778&om=1 directions to National Instruments]. ''Hint:'' It is on your left on MOPAC if you were heading up to Fry's from Austin.

["AustinSept06" September '06 Meeting]

== Presentation Archives ==

The following presentations have been given at local chapter meetings:

* Single Sign On (7/27)

* [http://www.threatmind.net/papers/franz-basic-j2ee-tools-owasp-austin.pdf A Rough Start of a Toolset for Assessing Java/J2EE Web Apps] (7/27) - [[MatthewFranz]] discussed some custom Python tools he has been writing for conducting security testing of a Struts (and other Java) web applications.

Austin

2006-08-03T18:25:26Z

MatthewFranz: /* Local News */

{{Chapter Template|chaptername=Austin|extra=The chapter leader is [mailto:cdewitt@indepthsec.com Cris Dewitt]|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-austin}}

== Local News ==

''If a link is available, click for more details on directions, speakers, etc.''

'''Austin OWASP chapter kickoff meeting''' - Thursday, 7/27, 12-2pm @ Whole Foods Market (downtown, plaza level, sign in with receptionist)

'''August Austin OWASP Meeting''' - Tuesday- 8/29, 11:30-1:30 at a TBD National Instruments conference room. See [http://maps.google.com/maps?f=q&hl=en&q=11500+N+Mo-Pac+Expy,+Austin,+TX+78759&ie=UTF8&ll=30.406377,-97.726135&spn=0.017211,0.036778&om=1 directions to National Instruments]. ''Hint:'' It is on your left on MOPAC if you were heading up to Fry's from Austin.

[AustinSept06]

== Presentation Archives ==

The following presentations have been given at local chapter meetings:

* Single Sign On (7/27)

* [http://www.threatmind.net/papers/franz-basic-j2ee-tools-owasp-austin.pdf A Rough Start of a Toolset for Assessing Java/J2EE Web Apps] (7/27) - [[MatthewFranz]] discussed some custom Python tools he has been writing for conducting security testing of a Struts (and other Java) web applications.

Austin

2006-08-03T18:25:06Z

MatthewFranz: /* Local News */

{{Chapter Template|chaptername=Austin|extra=The chapter leader is [mailto:cdewitt@indepthsec.com Cris Dewitt]|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-austin}}

== Local News ==

''If a link is available, click for more details on directions, speakers, etc.''

'''Austin OWASP chapter kickoff meeting''' - Thursday, 7/27, 12-2pm @ Whole Foods Market (downtown, plaza level, sign in with receptionist)

'''August Austin OWASP Meeting''' - Tuesday- 8/29, 11:30-1:30 at a TBD National Instruments conference room. See [http://maps.google.com/maps?f=q&hl=en&q=11500+N+Mo-Pac+Expy,+Austin,+TX+78759&ie=UTF8&ll=30.406377,-97.726135&spn=0.017211,0.036778&om=1 directions to National Instruments]. ''Hint:'' It is on your left on MOPAC if you were heading up to Fry's from Austin.

[AustinSept06 September Meeting]

== Presentation Archives ==

The following presentations have been given at local chapter meetings:

* Single Sign On (7/27)

* [http://www.threatmind.net/papers/franz-basic-j2ee-tools-owasp-austin.pdf A Rough Start of a Toolset for Assessing Java/J2EE Web Apps] (7/27) - [[MatthewFranz]] discussed some custom Python tools he has been writing for conducting security testing of a Struts (and other Java) web applications.

Austin

2006-08-03T18:24:22Z

MatthewFranz: /* Local News */

{{Chapter Template|chaptername=Austin|extra=The chapter leader is [mailto:cdewitt@indepthsec.com Cris Dewitt]|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-austin}}

== Local News ==

''If a link is available, click for more details on directions, speakers, etc.''

'''Austin OWASP chapter kickoff meeting''' - Thursday, 7/27, 12-2pm @ Whole Foods Market (downtown, plaza level, sign in with receptionist)

'''August Austin OWASP Meeting''' - Tuesday- 8/29, 11:30-1:30 at a TBD National Instruments conference room. See [http://maps.google.com/maps?f=q&hl=en&q=11500+N+Mo-Pac+Expy,+Austin,+TX+78759&ie=UTF8&ll=30.406377,-97.726135&spn=0.017211,0.036778&om=1 directions to National Instruments]. ''Hint:'' It is on your left on MOPAC if you were heading up to Fry's from Austin.

[

== Presentation Archives ==

The following presentations have been given at local chapter meetings:

* Single Sign On (7/27)

* [http://www.threatmind.net/papers/franz-basic-j2ee-tools-owasp-austin.pdf A Rough Start of a Toolset for Assessing Java/J2EE Web Apps] (7/27) - [[MatthewFranz]] discussed some custom Python tools he has been writing for conducting security testing of a Struts (and other Java) web applications.

Austin

2006-08-02T12:47:49Z

MatthewFranz: /* Local News */

{{Chapter Template|chaptername=Austin|extra=The chapter leader is [mailto:cdewitt@indepthsec.com Cris Dewitt]|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-austin}}

== Local News ==

'''Austin OWASP chapter kickoff meeting''' - Thursday, 7/27, 12-2pm @ Whole Foods Market (downtown, plaza level, sign in with receptionist)

'''2nd Austin OWASP Meeting''' - Tuesday- 8/29, 11:30-1:30 at a TBD National Instruments conference room. See [http://maps.google.com/maps?f=q&hl=en&q=11500+N+Mo-Pac+Expy,+Austin,+TX+78759&ie=UTF8&ll=30.406377,-97.726135&spn=0.017211,0.036778&om=1 directions to National Instruments]. ''Hint:'' It is on your left on MOPAC if you were heading up to Fry's from Austin.

== Presentation Archives ==

The following presentations have been given at local chapter meetings:

* Single Sign On (7/27)

* [http://www.threatmind.net/papers/franz-basic-j2ee-tools-owasp-austin.pdf A Rough Start of a Toolset for Assessing Java/J2EE Web Apps] (7/27) - [[MatthewFranz]] discussed some custom Python tools he has been writing for conducting security testing of a Struts (and other Java) web applications.

Austin

2006-08-02T12:47:30Z

MatthewFranz: /* Local News */

{{Chapter Template|chaptername=Austin|extra=The chapter leader is [mailto:cdewitt@indepthsec.com Cris Dewitt]|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-austin}}

== Local News ==

'''Austin OWASP chapter kickoff meeting''' - Thursday, 7/27, 12-2pm @ Whole Foods Market (downtown, plaza level, sign in with receptionist)

'''2nd Austin OWASP Meeting''' - Tuesday- 8/29, 11:30-1:30 at a TBD National Instruments conference room. See [http://maps.google.com/maps?f=q&hl=en&q=11500+N+Mo-Pac+Expy,+Austin,+TX+78759&ie=UTF8&ll=30.406377,-97.726135&spn=0.017211,0.036778&om=1 directions to National Instruments]. ''Hint:'' It is on your left on MOPAC if you were heading up to Fry's from Austin.

[[/Aus7JulyMeeting Blah]]

== Presentation Archives ==

The following presentations have been given at local chapter meetings:

* Single Sign On (7/27)

* [http://www.threatmind.net/papers/franz-basic-j2ee-tools-owasp-austin.pdf A Rough Start of a Toolset for Assessing Java/J2EE Web Apps] (7/27) - [[MatthewFranz]] discussed some custom Python tools he has been writing for conducting security testing of a Struts (and other Java) web applications.

Austin

2006-08-02T12:47:03Z

MatthewFranz: /* Local News */

{{Chapter Template|chaptername=Austin|extra=The chapter leader is [mailto:cdewitt@indepthsec.com Cris Dewitt]|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-austin}}

== Local News ==

'''Austin OWASP chapter kickoff meeting''' - Thursday, 7/27, 12-2pm @ Whole Foods Market (downtown, plaza level, sign in with receptionist)

'''2nd Austin OWASP Meeting''' - Tuesday- 8/29, 11:30-1:30 at a TBD National Instruments conference room. See [http://maps.google.com/maps?f=q&hl=en&q=11500+N+Mo-Pac+Expy,+Austin,+TX+78759&ie=UTF8&ll=30.406377,-97.726135&spn=0.017211,0.036778&om=1 directions to National Instruments]. ''Hint:'' It is on your left on MOPAC if you were heading up to Fry's from Austin.

[[Aus7JulyMeeting Blah]]

== Presentation Archives ==

The following presentations have been given at local chapter meetings:

* Single Sign On (7/27)

* [http://www.threatmind.net/papers/franz-basic-j2ee-tools-owasp-austin.pdf A Rough Start of a Toolset for Assessing Java/J2EE Web Apps] (7/27) - [[MatthewFranz]] discussed some custom Python tools he has been writing for conducting security testing of a Struts (and other Java) web applications.

Austin

2006-08-02T12:46:42Z

MatthewFranz: /* Local News */

{{Chapter Template|chaptername=Austin|extra=The chapter leader is [mailto:cdewitt@indepthsec.com Cris Dewitt]|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-austin}}

== Local News ==

'''Austin OWASP chapter kickoff meeting''' - Thursday, 7/27, 12-2pm @ Whole Foods Market (downtown, plaza level, sign in with receptionist)

'''2nd Austin OWASP Meeting''' - Tuesday- 8/29, 11:30-1:30 at a TBD National Instruments conference room. See [http://maps.google.com/maps?f=q&hl=en&q=11500+N+Mo-Pac+Expy,+Austin,+TX+78759&ie=UTF8&ll=30.406377,-97.726135&spn=0.017211,0.036778&om=1 directions to National Instruments]. ''Hint:'' It is on your left on MOPAC if you were heading up to Fry's from Austin.

[[Aus7JulyMeeting]]

== Presentation Archives ==

The following presentations have been given at local chapter meetings:

* Single Sign On (7/27)

* [http://www.threatmind.net/papers/franz-basic-j2ee-tools-owasp-austin.pdf A Rough Start of a Toolset for Assessing Java/J2EE Web Apps] (7/27) - [[MatthewFranz]] discussed some custom Python tools he has been writing for conducting security testing of a Struts (and other Java) web applications.

Austin

2006-08-02T02:33:03Z

MatthewFranz: /* Presentation Archives */

{{Chapter Template|chaptername=Austin|extra=The chapter leader is [mailto:cdewitt@indepthsec.com Cris Dewitt]|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-austin}}

== Local News ==

'''Austin OWASP chapter kickoff meeting''' - Thursday, 7/27, 12-2pm @ Whole Foods Market (downtown, plaza level, sign in with receptionist)

'''2nd Austin OWASP Meeting''' - Tuesday- 8/29, 11:30-1:30 at a TBD National Instruments conference room. See [http://maps.google.com/maps?f=q&hl=en&q=11500+N+Mo-Pac+Expy,+Austin,+TX+78759&ie=UTF8&ll=30.406377,-97.726135&spn=0.017211,0.036778&om=1 directions to National Instruments]. ''Hint:'' It is on your left on MOPAC if you were heading up to Fry's from Austin.

== Presentation Archives ==

The following presentations have been given at local chapter meetings:

* Single Sign On (7/27)

* [http://www.threatmind.net/papers/franz-basic-j2ee-tools-owasp-austin.pdf A Rough Start of a Toolset for Assessing Java/J2EE Web Apps] (7/27) - [[MatthewFranz]] discussed some custom Python tools he has been writing for conducting security testing of a Struts (and other Java) web applications.

Austin

2006-08-02T02:32:01Z

MatthewFranz: /* Presentation Archives */

{{Chapter Template|chaptername=Austin|extra=The chapter leader is [mailto:cdewitt@indepthsec.com Cris Dewitt]|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-austin}}

== Local News ==

'''Austin OWASP chapter kickoff meeting''' - Thursday, 7/27, 12-2pm @ Whole Foods Market (downtown, plaza level, sign in with receptionist)

'''2nd Austin OWASP Meeting''' - Tuesday- 8/29, 11:30-1:30 at a TBD National Instruments conference room. See [http://maps.google.com/maps?f=q&hl=en&q=11500+N+Mo-Pac+Expy,+Austin,+TX+78759&ie=UTF8&ll=30.406377,-97.726135&spn=0.017211,0.036778&om=1 directions to National Instruments]. ''Hint:'' It is on your left on MOPAC if you were heading up to Fry's from Austin.

== Presentation Archives ==

The following presentations have been given at local chapter meetings:

* Single Sign On (7/27)

* [http://www.threatmind.net/papers/franz-basic-j2ee-tools-owasp-austin.pdf A Rough Start of a Toolset for Assessing Java/J2EE Web Apps] (7/27) - [[MatthewFranz]] discussed some Python tools for conducting security testing of a Struts (and other Java) web applications.

Austin

2006-08-02T02:21:30Z

MatthewFranz: /* Local News */

{{Chapter Template|chaptername=Austin|extra=The chapter leader is [mailto:cdewitt@indepthsec.com Cris Dewitt]|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-austin}}

== Local News ==

'''Austin OWASP chapter kickoff meeting''' - Thursday, 7/27, 12-2pm @ Whole Foods Market (downtown, plaza level, sign in with receptionist)

'''2nd Austin OWASP Meeting''' - Tuesday- 8/29, 11:30-1:30 at a TBD National Instruments conference room. See [http://maps.google.com/maps?f=q&hl=en&q=11500+N+Mo-Pac+Expy,+Austin,+TX+78759&ie=UTF8&ll=30.406377,-97.726135&spn=0.017211,0.036778&om=1 directions to National Instruments]. ''Hint:'' It is on your left on MOPAC if you were heading up to Fry's from Austin.

== Presentation Archives ==

The following presentations have been given at local chapter meetings:

* Single Sign On (7/27)

* [http://www.threatmind.net/papers/franz-basic-j2ee-tools-owasp-austin.pdf A Rough Start of a Toolset for Assessing Java/J2EE Web Apps] by [[MatthewFranz]] (7/27)

Austin

2006-08-01T23:49:18Z

MatthewFranz: /* Local News */

{{Chapter Template|chaptername=Austin|extra=The chapter leader is [mailto:cdewitt@indepthsec.com Cris Dewitt]|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-austin}}

== Local News ==

'''Austin OWASP chapter kickoff meeting''' - Thursday, 7/27, 12-2pm @ Whole Foods Market (downtown, plaza level, sign in with receptionist)

'''2nd Austin OWASP Meeting''' - Tuesday- 8/29, 11:30-1:30 at a TBD National Instruments conference room. See [http://maps.google.com/maps?f=q&hl=en&q=11500+N+Mo-Pac+Expy,+Austin,+TX+78759&ie=UTF8&ll=30.406377,-97.726135&spn=0.017211,0.036778&om=1 directions to National Instruments]

== Presentation Archives ==

The following presentations have been given at local chapter meetings:

* Single Sign On (7/27)

* [http://www.threatmind.net/papers/franz-basic-j2ee-tools-owasp-austin.pdf A Rough Start of a Toolset for Assessing Java/J2EE Web Apps] by [[MatthewFranz]] (7/27)

Austin

2006-08-01T23:48:57Z

MatthewFranz: /* Local News */

{{Chapter Template|chaptername=Austin|extra=The chapter leader is [mailto:cdewitt@indepthsec.com Cris Dewitt]|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-austin}}

== Local News ==

'''Austin OWASP chapter kickoff meeting''' - Thursday, 7/27, 12-2pm @ Whole Foods Market (downtown, plaza level, sign in with receptionist)

'''2nd Austin OWASP Meeting''' - Tuesday- 8/29, 11:30-1:30 at a TBD National Instruments conference room [http://maps.google.com/maps?f=q&hl=en&q=11500+N+Mo-Pac+Expy,+Austin,+TX+78759&ie=UTF8&ll=30.406377,-97.726135&spn=0.017211,0.036778&om=1 directions to National Instruments]

== Presentation Archives ==

The following presentations have been given at local chapter meetings:

* Single Sign On (7/27)

* [http://www.threatmind.net/papers/franz-basic-j2ee-tools-owasp-austin.pdf A Rough Start of a Toolset for Assessing Java/J2EE Web Apps] by [[MatthewFranz]] (7/27)

Austin

2006-08-01T23:44:54Z

MatthewFranz: /* Local News */

{{Chapter Template|chaptername=Austin|extra=The chapter leader is [mailto:cdewitt@indepthsec.com Cris Dewitt]|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-austin}}

== Local News ==

'''Austin OWASP chapter kickoff meeting''' - Thursday, 7/27, 12-2pm @ Whole Foods Market (downtown, plaza level, sign in with receptionist)

'''2nd Austin OWASP Meeting''' - [http://maps.google.com/maps?f=q&hl=en&q=11500+N+Mo-Pac+Expy,+Austin,+TX+78759&ie=UTF8&ll=30.406377,-97.726135&spn=0.017211,0.036778&om=1 directions to National Instruments]

== Presentation Archives ==

The following presentations have been given at local chapter meetings:

* Single Sign On (7/27)

* [http://www.threatmind.net/papers/franz-basic-j2ee-tools-owasp-austin.pdf A Rough Start of a Toolset for Assessing Java/J2EE Web Apps] by [[MatthewFranz]] (7/27)

Austin

2006-08-01T23:42:36Z

MatthewFranz: /* Presentation Archives */

{{Chapter Template|chaptername=Austin|extra=The chapter leader is [mailto:cdewitt@indepthsec.com Cris Dewitt]|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-austin}}

== Local News ==

'''Austin OWASP chapter kickoff meeting''' - Thursday, 7/27, 12-2pm @ Whole Foods Market (downtown, plaza level, sign in with receptionist)

== Presentation Archives ==

The following presentations have been given at local chapter meetings:

* Single Sign On (7/27)

* [http://www.threatmind.net/papers/franz-basic-j2ee-tools-owasp-austin.pdf A Rough Start of a Toolset for Assessing Java/J2EE Web Apps] by [[MatthewFranz]] (7/27)

Austin

2006-08-01T23:36:57Z

MatthewFranz: /* Presentation Archives */

{{Chapter Template|chaptername=Austin|extra=The chapter leader is [mailto:cdewitt@indepthsec.com Cris Dewitt]|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-austin}}

== Local News ==

'''Austin OWASP chapter kickoff meeting''' - Thursday, 7/27, 12-2pm @ Whole Foods Market (downtown, plaza level, sign in with receptionist)

== Presentation Archives ==

The following presentations have been given at local chapter meetings

* [http://www.threatmind.net/papers/franz-basic-j2ee-tools-owasp-austin.pdf A Rough Start of a Toolset for Assessing Java/J2EE Web Apps] by [[MatthewFranz]] (7/27)

Austin

2006-08-01T23:36:32Z

MatthewFranz: /* Presentation Archives */

{{Chapter Template|chaptername=Austin|extra=The chapter leader is [mailto:cdewitt@indepthsec.com Cris Dewitt]|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-austin}}

== Local News ==

'''Austin OWASP chapter kickoff meeting''' - Thursday, 7/27, 12-2pm @ Whole Foods Market (downtown, plaza level, sign in with receptionist)

== Presentation Archives ==

The following presentations were

* [http://www.threatmind.net/papers/franz-basic-j2ee-tools-owasp-austin.pdf A Rough Start of a Toolset for Assessing Java/J2EE Web Apps] by [[MatthewFranz]] (7/27)

MatthewFranz

2006-08-01T23:35:53Z

MatthewFranz: /* Overview */

* This is my Owasp Wiki Page. I'm still learning MediaWiki but have been a [http://moinmoin.wikiwikiweb.de/ MoinMoin] user for quite a while

* You may also want to check out my [http://www.threatmind.net/secwiki/ ThreatMind Security Wiki]

MatthewFranz

2006-08-01T23:35:33Z

MatthewFranz: /* Contact Info */

= Overview =

* This is my Owasp Wiki Page placeholder. I'm still learning MediaWiki but have been a [http://moinmoin.wikiwikiweb.de/ MoinMoin] user for quite a while

* You may also want to check out my [http://www.threatmind.net/secwiki/ ThreatMind Security Wiki]

MatthewFranz

2006-08-01T23:33:20Z

MatthewFranz: /* Overview */

MatthewFranz

2006-08-01T23:32:32Z

MatthewFranz: /* Overview */

= Overview =

* This is my Owasp Wiki Page placeholder. I'm still learning MediaWiki but have been a [http://moinmoin.wikiwikiweb.de/ MoinMoin] user for quite a while

*

= Contact Info =

MatthewFranz

2006-08-01T23:32:17Z

MatthewFranz: /* Overview */

= Overview =

* This is my Owasp Wiki Page placeholder. I'm still learning MediaWiki but have been a [http://moinmoin.wikiwikiweb.de/MoinMoin] user for quite a while

*

= Contact Info =

MatthewFranz

2006-08-01T23:31:39Z

MatthewFranz: /* Overview */

= Overview =

* This is my Owasp Wiki Page placeholder. I'm still learning MediaWiki but have been a [MoinMoin http://moinmoin.wikiwikiweb.de/] user for quite a while

*

= Contact Info =

MatthewFranz

2006-08-01T23:31:02Z

MatthewFranz:

= Overview =

* This is my Owasp Wiki Page placeholder. I'm still learning MediaWiki but have been a [MoinMoin]

*

= Contact Info =

Austin

2006-08-01T23:29:36Z

MatthewFranz: /* Presentation Archives */

{{Chapter Template|chaptername=Austin|extra=The chapter leader is [mailto:cdewitt@indepthsec.com Cris Dewitt]|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-austin}}

== Local News ==

'''Austin OWASP chapter kickoff meeting''' - Thursday, 7/27, 12-2pm @ Whole Foods Market (downtown, plaza level, sign in with receptionist)

== Presentation Archives ==

The following presentations were

[http://www.threatmind.net/papers/franz-basic-j2ee-tools-owasp-austin.pdf A Rough Start of a Toolset for Assessing Java/J2EE Web Apps] by [[MatthewFranz]]

Austin

2006-08-01T23:29:15Z

MatthewFranz: /* Presentation Archives */

{{Chapter Template|chaptername=Austin|extra=The chapter leader is [mailto:cdewitt@indepthsec.com Cris Dewitt]|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-austin}}

== Local News ==

'''Austin OWASP chapter kickoff meeting''' - Thursday, 7/27, 12-2pm @ Whole Foods Market (downtown, plaza level, sign in with receptionist)

== Presentation Archives ==

The following presentations were

[http://www.threatmind.net/papers/franz-basic-j2ee-tools-owasp-austin.pdf A Rough Start of a Toolset for Assessing Java/J2EE Web Apps] by [MatthewFranz]

Austin

2006-08-01T23:28:54Z

MatthewFranz: /* Presentation Archives */

{{Chapter Template|chaptername=Austin|extra=The chapter leader is [mailto:cdewitt@indepthsec.com Cris Dewitt]|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-austin}}

== Local News ==

'''Austin OWASP chapter kickoff meeting''' - Thursday, 7/27, 12-2pm @ Whole Foods Market (downtown, plaza level, sign in with receptionist)

== Presentation Archives ==

The following presentations were

[http://www.threatmind.net/papers/franz-basic-j2ee-tools-owasp-austin.pdf A Rough Start of a Toolset for Assessing Java/J2EE Web Apps]

Austin

2006-08-01T23:27:58Z

MatthewFranz: /* Presentation Archives */

{{Chapter Template|chaptername=Austin|extra=The chapter leader is [mailto:cdewitt@indepthsec.com Cris Dewitt]|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-austin}}

== Local News ==

'''Austin OWASP chapter kickoff meeting''' - Thursday, 7/27, 12-2pm @ Whole Foods Market (downtown, plaza level, sign in with receptionist)

== Presentation Archives ==

http://www.threatmind.net/papers/franz-basic-j2ee-tools-owasp-austin.pdf

Austin

2006-08-01T23:26:59Z

MatthewFranz: /* Local News */

{{Chapter Template|chaptername=Austin|extra=The chapter leader is [mailto:cdewitt@indepthsec.com Cris Dewitt]|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-austin}}

== Local News ==

'''Austin OWASP chapter kickoff meeting''' - Thursday, 7/27, 12-2pm @ Whole Foods Market (downtown, plaza level, sign in with receptionist)

== Presentation Archives ==

Austin

2006-08-01T23:25:01Z

MatthewFranz: /* Local News */

{{Chapter Template|chaptername=Austin|extra=The chapter leader is [mailto:cdewitt@indepthsec.com Cris Dewitt]|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-austin}}

== Local News ==

'''Austin OWASP chapter kickoff meeting''' - Thursday, 7/27, 12-2pm @ Whole Foods Market (downtown, plaza level, sign in with receptionist)

[[Meetings]]