OWASP - User contributions [en]

Dhaka

2017-02-18T15:14:24Z

Nahidul kibria: /* Past Events */

{{Chapter Template|chaptername=Bangladesh|extra=The chapter Founder leader is [mailto:moshiul.islam@owasp.org Moshiul Islam Mishu] and Co-leader [mailto:nahidul.kibria@owasp.org Nahidul Kibria].

|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-bangladesh|emailarchives=http://lists.owasp.org/pipermail/owasp-bangladesh}}

[[File:OWASPBD.png]]

[http://lists.owasp.org/mailman/listinfo/owasp-bangladesh ''' Join Bangladesh Chapter Mailing list ''']

[http://www.facebook.com/OWASP.Bangladesh '''Join the Bangladesh chapter Facebook page''']

[http://www.twitter.com/OWASPBangladesh '''Follow us @OWASPBangladesh''']

[http://www.linkedin.com/groups/OWASP-Bangladesh-4046037?gid=4046037&mostPopular=&trk=tyah '''Join the Bangladesh chapter LinkedIn group''']

= Upcoming Activities =

= Past Events =

== securITy – Information Security Conference 2017 ==

Recorded Session: https://www.facebook.com/BASIS.SoftExpo/videos/681561205358997/

fb event : https://www.facebook.com/events/1363319330405785/

Speaker list

Nahidul Kibria
Synack Red Team Researcher,
Co-Founder beetles.io
Principal Software Engineer, Orbitax Bangladesh Ltd.
Co-Leader, OWASP Bangladesh Chapter.

Title: "The memory remains."
Fileless malware makes cyber attacks even more difficult to detect nowadays.Simple signatures are too easy for an intruder to circumvent. Cyber criminals can also program fileless malware to gain persistence after it was written directly to RAM. Fileless malware is not a revolutionary approach, However 2016 certainly saw a dramatic rise in this type of attack as the criminals worked to perfect it. This talk is about triage a system potentially impacted by fileless malware by memory analysis.

Slide: http://www.slideshare.net/nahidupa/the-memory-remains-71761360

Moshiul Islam
CISSP, CISA, CFE
General Manager,Robi Axiata ltd
Founder & Chair, OWASP Bangladesh Chapter

Title: wannabe Cyberpunk; “I don’t know what I’m supposed to do.”
The talk will provide guidance on required skills and industry certification to become successful information security professional

Slide: http://www.slideshare.net/MIslamm/wannabe-cyberpunk-i-dont-know-what-im-supposed-to-do

Shahee Mirza
CEH, MCSA
Co-Founder beetles.io
Security Researcher,
Senior Security Engineer at P1, Basundhara Group.

Title: "DevOps and AppSec"
DevOps is an opportunity to make security an integral part of application development.

Slide :http://www.slideshare.net/shaheemirza/devops-and-application-security

Tarek Siddiki
Synack Red Team Researcher
Co-Founder beetles.io
Core Researcher Cobalt.io

Title: “Trust yourself. You’ll do what’s right.”
This talk is about bug hunter life and some real life web security bug.

Kaisar Y Reagan
IT consultant, Programmer and security enthusiast

Title: Software security : Risk, demonstration and Preventative

Secure coding is the most important practice which in most of the case is the most ignored subject while coding, which may lead to a complete network takeover. Attacks like dll hijack which has been to steal from Military target, as example Beebus attack in 2015, even to compromise the Pentagon network shows the risk behind the attack, which can be mitigated by some good practice while writing code. In this session we will discuss about secure coding, demonstrate a dll hijack attack and how to counter and some good practice while coding to make software more secured.

Slide: http://www.slideshare.net/kaisaryousuf/secure-coding-impact-and-demo

== securITy – Information Security Conference 2015 ==
fb event : https://www.facebook.com/events/508692759270627

[[Image:SecurITy2015.jpg|800x441px]]

Sending A for Ahuh. Win32 Exploit development old school.

Slide: http://www.slideshare.net/nahidupa/sending-a-for-ahuh-win32-exploit-development-old-school

Bug Bounty 101

Slide: http://www.slideshare.net/shaheemirza/bug-bounty-101?qid=c57c47fc-d0c5-4290-9ca6-54e6b54496a2

== '''"securITy" Information Security Conference at BASIS SoftExpo 2014 ==

[[Image:S2014.jpg|800x441px]]

"Malware: ZeuS zombies are using in online banking theft."

Youtube: https://www.youtube.com/watch?v=VE-w-AsfcGk

Slide: http://www.slideshare.net/nahidupa/banking-malware-zeu-s-zombies-are-using-in-online-banking-theft

Nahidul kibria
Co-Leader, OWASP Bangladesh Chapter,
Principal Software Engineer, Orbitax Bangladesh Ltd.

"Payment Card Industry Data Security Standard (PCI DSS) in Banking"
Mr. Omor Farooq Khandaker ,
CISA, CISSP, CISM ,PMP

== '''"Introduction to the Web" Seminar 2012 - Let's all learn web development!==

Web Security - Common security threats and hacking. [[File:WebSecurity_Commonsecuritythreats_and_hacking.pptx]]

== '''"GetRoot" Cyber-Security Challenge'''e on 21 June, 2012. ==

Grooming Session slide(s)

Welcome to info sec world [[File:IUTGetRoot.pptx]]

Myths in Information Security [[File:Owasp-getroot.pptx]]

== '''"securITy" Information Security Conference at BASIS SoftExpo 2012 ==

[[Image:SecurITy.png|700x230px]]

“securITy” Information Security Conference will bring together security experts, executives, technical thought leaders, developers, scientists and researchers from all over Bangladesh for in-depth discussions of cutting-edge information security, risk and control issues. The conference will draw participations from major organizations across various verticals including government, information technology, services and consulting, telecommunications, finance, Banks, Internet service providers, universities and research institutes. Panel discussions will provide sufficient networking opportunities.

OWASP and ISACA would jointly like to welcome you to participate in “securITy” Information Security Conference at BASIS SoftExpo 2012 which will be held on:

Date: Saturday 25 February 2012

Time: 2.30 pm to 7.00 pm

Venue: Green View, Bangabandhu International Conference Centre (BICC), Dhaka

Registration Cost: Nil

Topics & Speakers:

Session opening and Overview of ISACA-Ali Ashfaq, FCA

Overview of OWASP Moshiul Islam, CISA [[File:Overview_of_OWASP.pptx|Overview of OWASP]]

Taking IT to the Boardroom Aniruddha Neogi, FCA, CISA, CGEIT, CRISC

Payment Card Industry Data Security Omor Farooq Khandaker , CISA, CISSP, CISM, PMP [[File:Payment_Card_Industry_Data_Security.pdf‎|Payment Card Industry Data Security]]

IT & Cyber Security Law in Bangladesh Adnan ML Karim, Barrister-at-Law, BSc Computer Science

IT Risk and Control Framework Mohammed Iqbal Hossain, CISA, CGEIT [[File:IT_Risk_and_Control_Framework.pdf|IT Risk and Control Framework]]

Everybody loves HTML5, hackers too Nahidul Kibria [[File:Everybody_loves_html5,h4ck3rs_too.pptx|Everybody loves html5,h4ck3rs too]]

Wireless Security AKM Nazrul Haider

Digital Forensics Motashim Al Razi, CEH [[File:Digital_forensics.pptx|Digital forensics]]

More details are in the attached leaflet.
[[File:SecurITy.pdf]]

Please visit www.softexpo.com.bd/day_plan.php for more information on this conference and other events at BASIS SoftExpo 2012. Your presence will enhance the quality of the conference. We look forward to meeting you at “securITy”.

For more information on ISACA please visit www.isaca.org and for more information on ISACA Dhaka Chapter please visit www.isaca.org/chapters1/Dhaka.

== '''"Byte Knight" Cyber-Security Challenge'''e on 23th February, 2012. ==

''Grooming Session of "Byte Knight" will be held on 11th February, 2012 from 11 AM.''

"Byte Knight" Is a cyber-security challenge competition. Participant needs to defense their own service/software as well as finding the security flaw of opponent team and exploit them. The basic Goal of this contest is motivated the student learn about infosec.

Registration
http://www.bubt-cse.com/fiesta/index.php/scontestcontroller/reg
More
http://www.bubt-cse.com/fiesta/index.php/scontestcontroller/home

'''Who should join "Byte Knight"?'''

All we need is a knowledge seeker, quick learner and someone who has interest in Information Security. We will feed you what you need to know for the competition. We do not expect you to be genius in information security. With this event we will try to show you a path way to enter information security field where you can research farther. If you are interested in programming, how OS work, how packets are travels in network and how a single buffer overflow can give you the full control of a program then this event is for you.

= Past Chapter Meetings =

Kick off meeting 15th October 2011. Slide [[File:10+_years_old_OWASP_Zipped_in_50_minute.pptx]]

__NOTOC__ <headertabs />

[[Category:OWASP_Chapter]] [[Category:Asia]]

Dhaka

2017-02-18T15:14:05Z

Nahidul kibria: /* Past Events */

{{Chapter Template|chaptername=Bangladesh|extra=The chapter Founder leader is [mailto:moshiul.islam@owasp.org Moshiul Islam Mishu] and Co-leader [mailto:nahidul.kibria@owasp.org Nahidul Kibria].

|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-bangladesh|emailarchives=http://lists.owasp.org/pipermail/owasp-bangladesh}}

[[File:OWASPBD.png]]

[http://lists.owasp.org/mailman/listinfo/owasp-bangladesh ''' Join Bangladesh Chapter Mailing list ''']

[http://www.facebook.com/OWASP.Bangladesh '''Join the Bangladesh chapter Facebook page''']

[http://www.twitter.com/OWASPBangladesh '''Follow us @OWASPBangladesh''']

[http://www.linkedin.com/groups/OWASP-Bangladesh-4046037?gid=4046037&mostPopular=&trk=tyah '''Join the Bangladesh chapter LinkedIn group''']

= Upcoming Activities =

= Past Events =

== securITy – Information Security Conference 2017 ==

[[Image:SecurITy2017.jpg|800x441px]]

Recorded Session: https://www.facebook.com/BASIS.SoftExpo/videos/681561205358997/

fb event : https://www.facebook.com/events/1363319330405785/

Speaker list

Nahidul Kibria
Synack Red Team Researcher,
Co-Founder beetles.io
Principal Software Engineer, Orbitax Bangladesh Ltd.
Co-Leader, OWASP Bangladesh Chapter.

Title: "The memory remains."
Fileless malware makes cyber attacks even more difficult to detect nowadays.Simple signatures are too easy for an intruder to circumvent. Cyber criminals can also program fileless malware to gain persistence after it was written directly to RAM. Fileless malware is not a revolutionary approach, However 2016 certainly saw a dramatic rise in this type of attack as the criminals worked to perfect it. This talk is about triage a system potentially impacted by fileless malware by memory analysis.

Slide: http://www.slideshare.net/nahidupa/the-memory-remains-71761360

Moshiul Islam
CISSP, CISA, CFE
General Manager,Robi Axiata ltd
Founder & Chair, OWASP Bangladesh Chapter

Title: wannabe Cyberpunk; “I don’t know what I’m supposed to do.”
The talk will provide guidance on required skills and industry certification to become successful information security professional

Slide: http://www.slideshare.net/MIslamm/wannabe-cyberpunk-i-dont-know-what-im-supposed-to-do

Shahee Mirza
CEH, MCSA
Co-Founder beetles.io
Security Researcher,
Senior Security Engineer at P1, Basundhara Group.

Title: "DevOps and AppSec"
DevOps is an opportunity to make security an integral part of application development.

Slide :http://www.slideshare.net/shaheemirza/devops-and-application-security

Tarek Siddiki
Synack Red Team Researcher
Co-Founder beetles.io
Core Researcher Cobalt.io

Title: “Trust yourself. You’ll do what’s right.”
This talk is about bug hunter life and some real life web security bug.

Kaisar Y Reagan
IT consultant, Programmer and security enthusiast

Title: Software security : Risk, demonstration and Preventative

Secure coding is the most important practice which in most of the case is the most ignored subject while coding, which may lead to a complete network takeover. Attacks like dll hijack which has been to steal from Military target, as example Beebus attack in 2015, even to compromise the Pentagon network shows the risk behind the attack, which can be mitigated by some good practice while writing code. In this session we will discuss about secure coding, demonstrate a dll hijack attack and how to counter and some good practice while coding to make software more secured.

Slide: http://www.slideshare.net/kaisaryousuf/secure-coding-impact-and-demo

== securITy – Information Security Conference 2015 ==
fb event : https://www.facebook.com/events/508692759270627

[[Image:SecurITy2015.jpg|800x441px]]

Sending A for Ahuh. Win32 Exploit development old school.

Slide: http://www.slideshare.net/nahidupa/sending-a-for-ahuh-win32-exploit-development-old-school

Bug Bounty 101

Slide: http://www.slideshare.net/shaheemirza/bug-bounty-101?qid=c57c47fc-d0c5-4290-9ca6-54e6b54496a2

== '''"securITy" Information Security Conference at BASIS SoftExpo 2014 ==

[[Image:S2014.jpg|800x441px]]

"Malware: ZeuS zombies are using in online banking theft."

Youtube: https://www.youtube.com/watch?v=VE-w-AsfcGk

Slide: http://www.slideshare.net/nahidupa/banking-malware-zeu-s-zombies-are-using-in-online-banking-theft

Nahidul kibria
Co-Leader, OWASP Bangladesh Chapter,
Principal Software Engineer, Orbitax Bangladesh Ltd.

"Payment Card Industry Data Security Standard (PCI DSS) in Banking"
Mr. Omor Farooq Khandaker ,
CISA, CISSP, CISM ,PMP

== '''"Introduction to the Web" Seminar 2012 - Let's all learn web development!==

Web Security - Common security threats and hacking. [[File:WebSecurity_Commonsecuritythreats_and_hacking.pptx]]

== '''"GetRoot" Cyber-Security Challenge'''e on 21 June, 2012. ==

Grooming Session slide(s)

Welcome to info sec world [[File:IUTGetRoot.pptx]]

Myths in Information Security [[File:Owasp-getroot.pptx]]

== '''"securITy" Information Security Conference at BASIS SoftExpo 2012 ==

[[Image:SecurITy.png|700x230px]]

“securITy” Information Security Conference will bring together security experts, executives, technical thought leaders, developers, scientists and researchers from all over Bangladesh for in-depth discussions of cutting-edge information security, risk and control issues. The conference will draw participations from major organizations across various verticals including government, information technology, services and consulting, telecommunications, finance, Banks, Internet service providers, universities and research institutes. Panel discussions will provide sufficient networking opportunities.

OWASP and ISACA would jointly like to welcome you to participate in “securITy” Information Security Conference at BASIS SoftExpo 2012 which will be held on:

Date: Saturday 25 February 2012

Time: 2.30 pm to 7.00 pm

Venue: Green View, Bangabandhu International Conference Centre (BICC), Dhaka

Registration Cost: Nil

Topics & Speakers:

Session opening and Overview of ISACA-Ali Ashfaq, FCA

Overview of OWASP Moshiul Islam, CISA [[File:Overview_of_OWASP.pptx|Overview of OWASP]]

Taking IT to the Boardroom Aniruddha Neogi, FCA, CISA, CGEIT, CRISC

Payment Card Industry Data Security Omor Farooq Khandaker , CISA, CISSP, CISM, PMP [[File:Payment_Card_Industry_Data_Security.pdf‎|Payment Card Industry Data Security]]

IT & Cyber Security Law in Bangladesh Adnan ML Karim, Barrister-at-Law, BSc Computer Science

IT Risk and Control Framework Mohammed Iqbal Hossain, CISA, CGEIT [[File:IT_Risk_and_Control_Framework.pdf|IT Risk and Control Framework]]

Everybody loves HTML5, hackers too Nahidul Kibria [[File:Everybody_loves_html5,h4ck3rs_too.pptx|Everybody loves html5,h4ck3rs too]]

Wireless Security AKM Nazrul Haider

Digital Forensics Motashim Al Razi, CEH [[File:Digital_forensics.pptx|Digital forensics]]

More details are in the attached leaflet.
[[File:SecurITy.pdf]]

Please visit www.softexpo.com.bd/day_plan.php for more information on this conference and other events at BASIS SoftExpo 2012. Your presence will enhance the quality of the conference. We look forward to meeting you at “securITy”.

For more information on ISACA please visit www.isaca.org and for more information on ISACA Dhaka Chapter please visit www.isaca.org/chapters1/Dhaka.

== '''"Byte Knight" Cyber-Security Challenge'''e on 23th February, 2012. ==

''Grooming Session of "Byte Knight" will be held on 11th February, 2012 from 11 AM.''

"Byte Knight" Is a cyber-security challenge competition. Participant needs to defense their own service/software as well as finding the security flaw of opponent team and exploit them. The basic Goal of this contest is motivated the student learn about infosec.

Registration
http://www.bubt-cse.com/fiesta/index.php/scontestcontroller/reg
More
http://www.bubt-cse.com/fiesta/index.php/scontestcontroller/home

'''Who should join "Byte Knight"?'''

All we need is a knowledge seeker, quick learner and someone who has interest in Information Security. We will feed you what you need to know for the competition. We do not expect you to be genius in information security. With this event we will try to show you a path way to enter information security field where you can research farther. If you are interested in programming, how OS work, how packets are travels in network and how a single buffer overflow can give you the full control of a program then this event is for you.

= Past Chapter Meetings =

Kick off meeting 15th October 2011. Slide [[File:10+_years_old_OWASP_Zipped_in_50_minute.pptx]]

__NOTOC__ <headertabs />

[[Category:OWASP_Chapter]] [[Category:Asia]]

File:SecurITy2017.jpg

2017-02-18T15:13:30Z

Nahidul kibria: Nahidul kibria uploaded a new version of "File:SecurITy2017.jpg"

File:SecurITy2017.jpg

2017-02-18T15:11:29Z

Nahidul kibria:

Dhaka

2017-02-18T15:07:14Z

Nahidul kibria: /* Past Events */

File:SecurITy2015.jpg

2015-02-15T14:55:18Z

Nahidul kibria: Nahidul kibria uploaded a new version of "File:SecurITy2015.jpg"

2012-08-31T16:12:47Z

Nahidul kibria: "Introduction to the Web" Seminar 2012 - Let's all learn web development! Web Security - Common security threats and hacking.

"Introduction to the Web" Seminar 2012 - Let's all learn web development!
Web Security - Common security threats and hacking.

Dhaka

2012-06-21T17:31:29Z

Nahidul kibria:

Dhaka

2012-06-21T17:30:34Z

Nahidul kibria:

Dhaka

2012-06-21T17:29:04Z

Nahidul kibria:

File:Owasp-getroot.pptx

2012-06-21T17:28:56Z

Nahidul kibria: Myths� in �Information Security

Myths� in �Information Security

File:IUTGetRoot.pptx

2012-06-21T17:28:05Z

Nahidul kibria:

Dhaka

2012-02-28T11:19:25Z

Nahidul kibria:

Dhaka

2012-02-28T11:17:35Z

Nahidul kibria:

File:Payment Card Industry Data Security.pdf

2012-02-28T11:15:56Z

Nahidul kibria: "securITy" Information Security Conference at BASIS SoftExpo 2012

"securITy" Information Security Conference at BASIS SoftExpo 2012

File:Everybody loves html5,h4ck3rs too.pptx

2012-02-26T17:18:17Z

Nahidul kibria: uploaded a new version of "File:Everybody loves html5,h4ck3rs too.pptx"

"securITy" Information Security Conference at BASIS SoftExpo 2012

File:IT Risk and Control Framework.pdf

2012-02-26T17:00:52Z

Nahidul kibria: "securITy" Information Security Conference at BASIS SoftExpo 2012

"securITy" Information Security Conference at BASIS SoftExpo 2012

2012-02-15T05:13:16Z

Nahidul kibria:

File:SecurITy.pdf

2012-02-15T05:04:27Z

Nahidul kibria: “securITy” Information Security Conference at BASIS SoftExpo 2012

“securITy” Information Security Conference at BASIS SoftExpo 2012

File:SecurITy.png

2012-02-15T04:56:07Z

2011-11-01T07:49:38Z

Nahidul kibria: