OWASP - User contributions [en]

Melbourne/meetings/3May2013

2013-05-02T00:30:20Z

Richard Farrell: Created page with "==== When ==== 3 May 2013 12:00 - 14:00 (Please RSVP to richard.farrell@owasp.org) ==== Where ==== ANZ, 833 Collins St, Docklands, Melbourne VIC 3008 Room Location: Cor..."

==== When ====

3 May 2013 12:00 - 14:00 (Please RSVP to richard.farrell@owasp.org)

==== Where ====

ANZ, 833 Collins St, Docklands, Melbourne VIC 3008

Room Location: Core C

Please ask about OWASP at reception and they will direct you to the room (room: Core C).

The easiest way to get there is to hop on the tram number 48 or 11, on Collins St and go right to the end of Collins. Alternatively, walk down Collins St this is a walking distance . This will be the last stop.

==== Speaker One ====

Jim Manico (All the way from the Hawaii doing the OZ circuit)

==== First Topic ====

'''Top Ten Web Defenses'''

We cannot “firewall” or “patch” our way to secure websites. In the past, security professionals thought firewalls, Secure Sockets Layer (SSL), patching, and privacy policies were enough. Today, however, these methods are outdated and ineffective, as attacks on prominent, well-protected websites are occurring every day. Citigroup, PBS, Sega, Nintendo, Gawker, AT&T, the CIA, the US Senate, NASA, Nasdaq, the NYSE, Zynga, and thousands of others have something in common – all have had websites compromised in the last year. No company or industry is immune. Programmers need to learn to build websites differently. This talk will review the top coding techniques developers need to master in order to build a low-risk, high-security web application.

==== About the speaker ====

Jim Manico is the VP of Security Architecture for WhiteHat Security. Jim is also a global board member of OWASP, is the host of the OWASP Podcast Series, is the committee chair of the OWASP Connections Committee, is the project manager of the OWASP Cheatsheet series, and is a significant contributor to several additional OWASP projects. Jim provides secure coding and developer awareness training for WhiteHat Security using his 8+ years of experience delivering developer-training courses for SANS, Aspect Security and others. He brings 16 years of database-driven Web software development and analysis experience to WhiteHat and OWASP as well. Jim works on the beautiful island of Kauai, Hawaii where he lives with his wife Tracey.

 

==== Speaker Two====

Eldar Marcussen

==== Second Topic ====

'''Hiding Apache backdoors'''

A while back I wrote a stealth backdoor for Apache, trying to avoid several types of detection (AV, IDS, etc.) and leave at little forensic evidence as possible. The end result was a very stealthy backdoor and this presentation covers the techniques that were used to achieve this.

==== About the speaker ====

Eldar Marcussen is a Principal Consultant with BAE Systems Detica. In his spare time he’s a dad and sometimes write open source security tools.

 

Hope to see you all there to enjoy the presentation and some refreshments but only if you RSVP! :)

 OWASP Melbourne :)

Melbourne

2013-05-02T00:25:03Z

Richard Farrell:

{{Chapter Template|chaptername=Melbourne|extra=The chapter leaders are [mailto:richard.farrell@owasp.org Richard Farrell], [mailto:serg@owasp.org Serg Belokamen], [mailto:sandeep.nain@owasp.org Sandeep Nain]|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-melbourne|emailarchives=http://lists.owasp.org/pipermail/owasp-melbourne}}

<paypal>Melbourne</paypal>

== Thank You to our sponsors ==

A big thank you to the OWASP Melbourne chapter sponsors for providing ongoing support to our chapter. Thank You.

*'''[http://www.oreilly.com O'Reilly]'''

[[Image:Ug ad 250 viguy.gif]] 

== Quarterly Meeting ==

'''*''' [http://www.owasp.org/index.php/Melbourne/meetings/25feb2011 Next meeting: 25 Feb 2011 13:00]

'''*''' [http://www.owasp.org/index.php/Melbourne/meetings/01jul2011 Next meeting: 01 July 2011 12:00]

'''*''' [http://www.owasp.org/index.php/Melbourne/meetings/25aug2011 Next meeting: 25 Aug 2011 12:00]

'''*''' [http://www.owasp.org/index.php/Melbourne/meetings/09dec2011 Next meeting: 09 December 2011 14:00]

'''*''' [http://www.owasp.org/index.php/Melbourne/meetings/16mar2012 Next meeting: 16 March 2012 12:30]

'''*''' [http://www.owasp.org/index.php/Melbourne/meetings/25may2012 Next meeting: 25 May 2012 13:00]

'''*''' [http://www.owasp.org/index.php/Melbourne/meetings/26jul2012 Next meeting: 26 July 2012 12:30]

'''*''' [http://www.owasp.org/index.php/Melbourne/meetings/7March2013 Next meeting: 7 March 2013 12:00]

'''*''' [http://www.owasp.org/index.php/Melbourne/meetings/3May2013 Next meeting: 3 May 2013 12:00]

 

== Melbourne Chapter Deals, Benefits ==
'''*''' [http://www.owasp.org/index.php/Melbourne/benefits e-books from O'reilly.com]

== Social Events ==

''Coming soon...''

[[Category:OWASP_Chapter]] [[Category:Australia]]

Melbourne/meetings/7March2013

2013-03-04T21:48:51Z

Richard Farrell: Created page with "==== When ==== 7 March 2013 12:00 - 14:00 (Please RSVP to richard.farrell@owasp.org) ==== Where ==== ANZ, 833 Collins St, Docklands, Melbourne VIC 3008 Room Location: C..."

==== When ====

7 March 2013 12:00 - 14:00 (Please RSVP to richard.farrell@owasp.org)

==== Where ====

ANZ, 833 Collins St, Docklands, Melbourne VIC 3008

Room Location: Core C

Please ask about OWASP at reception and they will direct you to the room (room: Core C).

The easiest way to get there is to hop on the tram number 48 or 11, on Collins St and go right to the end of Collins. Alternatively, walk down Collins St this is a walking distance . This will be the last stop.

==== Speaker One ====

Graeme “wily” Bell

==== First Topic ====

'''Leveraging Local File Inclusion'''

Graeme will demonstrate through real-world examples how “trivial” bugs like local file inclusion and arbitrary file read can be leveraged to get yourself a shell. Or at least a better bug. Examples will include some real world 0dayz (ohai mcafee) and some contrived demonstrations that mimic real-world shenanigans.

==== About the speaker ====

Graeme “wily” Bell is a Senior Consultant with BAE Systems Detica. He worked in systems administration and architecture before working out he could get paid to break things. Half comedy/half technology talks are his speciality, as demonstrated at industry conferences including Ruxcon, AusCERT, Syscan.

 

==== Speaker Two====

Andrew Horton

==== Second Topic ====

'''URLCrazy'''

Generate and test domain typos and variations to detect and perform typo squatting, URL hijacking, phishing, and corporate espionage. Some really interesting stories without names.

==== About the speaker ====

Andrew Horton is a Senior Consultant with BAE Systems Detica. Andrew is an author of various interesting security tools.

 

Hope to see you all there to enjoy the presentation and some refreshments but only if you RSVP! :)

 OWASP Melbourne :)

Melbourne

2013-03-04T21:38:37Z

Richard Farrell:

{{Chapter Template|chaptername=Melbourne|extra=The chapter leaders are [mailto:richard.farrell@owasp.org Richard Farrell], [mailto:serg@owasp.org Serg Belokamen], [mailto:sandeep.nain@owasp.org Sandeep Nain]|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-melbourne|emailarchives=http://lists.owasp.org/pipermail/owasp-melbourne}}

<paypal>Melbourne</paypal>

== Thank You to our sponsors ==

A big thank you to the OWASP Melbourne chapter sponsors for providing ongoing support to our chapter. Thank You.

*'''[http://www.oreilly.com O'Reilly]'''

[[Image:Ug ad 250 viguy.gif]] 

== Quarterly Meeting ==

'''*''' [http://www.owasp.org/index.php/Melbourne/meetings/25feb2011 Next meeting: 25 Feb 2011 13:00]

'''*''' [http://www.owasp.org/index.php/Melbourne/meetings/01jul2011 Next meeting: 01 July 2011 12:00]

'''*''' [http://www.owasp.org/index.php/Melbourne/meetings/25aug2011 Next meeting: 25 Aug 2011 12:00]

'''*''' [http://www.owasp.org/index.php/Melbourne/meetings/09dec2011 Next meeting: 09 December 2011 14:00]

'''*''' [http://www.owasp.org/index.php/Melbourne/meetings/16mar2012 Next meeting: 16 March 2012 12:30]

'''*''' [http://www.owasp.org/index.php/Melbourne/meetings/25may2012 Next meeting: 25 May 2012 13:00]

'''*''' [http://www.owasp.org/index.php/Melbourne/meetings/26jul2012 Next meeting: 26 July 2012 12:30]

'''*''' [http://www.owasp.org/index.php/Melbourne/meetings/7March2013 Next meeting: 7 March 2013 12:00]

 

== Melbourne Chapter Deals, Benefits ==
'''*''' [http://www.owasp.org/index.php/Melbourne/benefits e-books from O'reilly.com]

== Social Events ==

''Coming soon...''

[[Category:OWASP_Chapter]] [[Category:Australia]]

Melbourne

2011-12-06T00:00:07Z

Richard Farrell:

{{Chapter Template|chaptername=Melbourne|extra=The chapter leaders are [mailto:richard.farrell@owasp.org Richard Farrell], [mailto:serg@owasp.org Serg Belokamen], [mailto:sandeep.nain@owasp.org Sandeep Nain]|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-melbourne|emailarchives=http://lists.owasp.org/pipermail/owasp-melbourne}}

<paypal>Melbourne</paypal>

== Thank You to our sponsors ==

A big thank you to the OWASP Melbourne chapter sponsors for providing ongoing support to our chapter. Thank You.

*'''[http://www.oreilly.com O'Reilly]'''

[[Image:Ug ad 250 viguy.gif]] 

== Quarterly Meeting ==

'''*''' [http://www.owasp.org/index.php/Melbourne/meetings/25feb2011 Next meeting: 25 Feb 2011 13:00]

'''*''' [http://www.owasp.org/index.php/Melbourne/meetings/01jul2011 Next meeting: 01 July 2011 12:00]

'''*''' [http://www.owasp.org/index.php/Melbourne/meetings/25aug2011 Next meeting: 25 Aug 2011 12:00]

'''*''' [http://www.owasp.org/index.php/Melbourne/meetings/09dec2011 Next meeting: 09 December 2011 14:00]

 

== Melbourne Chapter Deals, Benefits ==
'''*''' [http://www.owasp.org/index.php/Melbourne/benefits e-books from O'reilly.com]

== Social Events ==

''Coming soon...''

[[Category:OWASP_Chapter]] [[Category:Australia]]

Melbourne

2010-12-07T22:01:07Z

Richard Farrell:

{{Chapter Template|chaptername=Melbourne|extra=The chapter leaders are [mailto:richard.farrell@owasp.org Richard Farrell], [mailto:serg@owasp.com Serg Belokamen], [mailto:nainsandeep@gmail.com Sandeep Nain]|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-melbourne|emailarchives=http://lists.owasp.org/pipermail/owasp-melbourne}}

<paypal>Melbourne</paypal>

== Thank You to our sponsors ==

A big thank you to the OWASP Melbourne chapter sponsors for providing ongoing support to our chapter. Thank You.

*'''[http://www.oreilly.com O'Reilly]'''
[[File:Ug_ad_250_viguy.gif]]
 

== Quarterly Meeting ==

''Coming soon...''

 

== Social Events ==

''Coming soon...''

[[Category:OWASP Chapter]]
[[Category:Australia]]

OWASP Trainers/Volunteer 11

2010-11-30T22:48:02Z

Richard Farrell:

{{Template:<includeonly>{{{1}}}</includeonly><noinclude>OWASP Trainers Volunteers Tab</noinclude>
|-
| trainer_name1 = Richard Farrell
| trainer_email1 = ref001@gmail.com
| trainer_wiki_username1 = Richard_Farrell
|-
| project_interested_in_presenting = OWASP Top 10, Secure Coding or any other application security topic
|-
| project_already_presented_name1 = OWASP Top 10
| project_already_presented_url_1 = http://www.owasp.org/index.php/Top_10_2010
| project_already_presented_name2 =
| project_already_presented_url_2 =
| project_already_presented_name3 =
| project_already_presented_url_3 =
| project_already_presented_name4 =
| project_already_presented_url_4 =
| project_already_presented_name5 =
| project_already_presented_url_5 =
|-
| current_location = Melbourne, Australia
|-
| trainer_name_mask =  Volunteer_11
| trainer_home_page =  OWASP_Trainers/Volunteer_11
}}

OWASP Trainers/Volunteer 11

2010-11-30T22:45:43Z

Richard Farrell:

{{Template:<includeonly>{{{1}}}</includeonly><noinclude>OWASP Trainers Volunteers Tab</noinclude>
|-
| trainer_name1 = Richard Farrell
| trainer_email1 = ref001@gmail.com
| trainer_wiki_username1 = Richard_Farrell
|-
| project_interested_in_presenting = OWASP Top 10, Secure Coding or any other application security topic
|-
| project_already_presented_name1 = Secure Developer Training - 3 days (As Deloitte)
| project_already_presented_url_1 =
| project_already_presented_name2 =
| project_already_presented_url_2 =
| project_already_presented_name3 =
| project_already_presented_url_3 =
| project_already_presented_name4 =
| project_already_presented_url_4 =
| project_already_presented_name5 =
| project_already_presented_url_5 =
|-
| current_location = Melbourne, Australia
|-
| trainer_name_mask =  Volunteer_11
| trainer_home_page =  OWASP_Trainers/Volunteer_11
}}