(367 intermediate revisions by 5 users not shown) |
Line 1: |
Line 1: |
− | {{Chapter Template|chaptername=New Jersey|extra= The chapter leaders are: Professor Osama Eljabri, Thomas Brennan, Tom Ryan and Joe Bernik - contact 973-296-3862 if you have any questions.|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-newjersey|emailarchives=http://lists.owasp.org/pipermail/owasp-newjersey}}
| + | = OWASP Northern New Jersey = |
| | | |
− | == Meeting News ==
| + | <h2>[https://www.meetup.com/owaspnycnj/ https://www.owasp.org/images/8/82/Meetup_logo3.jpg] [https://www.meetup.com/owaspnycnj/ New Jersey Chapter] |
− | | |
− | '''OWASP NJ SEPTEMBER 25th MEETING''' [http://fs19.formsite.com/NJOWASP/form194214401/index.html RSVP]
| |
− | | |
− | '''WHEN:'''
| |
− | September 25th 2006 5:00pm - 9:00pm
| |
− | | |
− | '''WHERE:'''
| |
− | New Jersey Institute of Technology
| |
− | GITC Building 3rd Floor, University Heights Newark, New Jersey 07102-1982
| |
− | [http://www.njit.edu/about/visiting/driving.php DIRECTIONS]
| |
− | | |
| |
− | Location Sponsor: [http://www.njit.edu New Jersey Institute of Technology]
| |
− | | |
− | '''Corporate Sponsors:''' [http://www.miragenetworks.com Mirage Networks] and [http://www.accessitgroup.com AccessIT Group]
| |
− | | |
| |
− | | |
− | ----
| |
− | | |
| |
− | This talk will focus on basic components/capabilities of controling the endpoints in the network and the developing standards that you should be aware of.
| |
− | Speaker: Larry Fermi
| |
− | | |
− | | |
| |
− | This talk will highlight of weaknesses in 3rd party
| |
− | token generation algorithms, session fixation and weaknesses in expiration.
| |
− | Speaker: James Landis
| |
− | | |
− | | |
| |
− | For enterprises with wireless LAN networks,as well as those without, Wi-Fi brings a new set of security threats that cannot be protected against by your current firewall and VPN security systems. This talk will cover a current wireless computer security vunerability attack vectors and provide a live demo of the problems and the hacks. Round table discussion will follow concerning risk mitigation of the issues for business and personal.
| |
− | Speaker: Anthony Paladino
| |
− | | |
− | | |
− | '''TOPIC D: OWASP LABRAT Project'''
| |
− | This talk will provide a updated on LabRat = The first version Application Security Testing CD developed with the OWASP project leader: Joshua Perrymon. Download the Alpha ISO and burn a copy [http://www.packetfocus.com/hackos LABRAT]. Be sure to bring it with you to the event.
| |
− | Speaker: Tom Brennan
| |
− | | |
− | <br> | |
− | PLEASE RSVP FOR THIS EVENT - [http://fs19.formsite.com/NJOWASP/form194214401/index.html RSVP]
| |
− | | |
− | == Meeting News ==
| |
− | | |
| |
− | | |
− | '''WHEN:'''
| |
− | December 7th 2006 5:30pm - 9:30pm
| |
− | | |
− | '''WHERE:'''
| |
− | ABN AMRO Bank
| |
− | 499 Washington Ave., (1st Floor) Jersey City, NJ 07310
| |
− | | |
| |
− | Location Sponsor: [http://www.abnamro.com/com/about/about.jsp ABN AMRO]
| |
− | | |
− | '''Corporate Sponsors:''' TBD - call 973-296-3862
| |
− | | |
− | | |
− | ----
| |
− | | |
− | '''TOPIC A: The Rules of Information Security Has Changed '''
| |
− | The Gunny currently serves on the operations staff of the New York Naval Guard as a subject matter expert on cyber warfare, counter-terrorism, communications and intelligence services. Gunny also serves on the Executive Advisory Board for Alliance America, a homeland security readiness network initiative.
| |
− | | |
− | Speaker: Gunnery Sergeant M. Sedano Reynolds, United States Marine Corps
| |
− | | |
− | | |
− | '''TOPIC B: Metasploit Framework and Buffer Overflows '''
| |
− | This talk will cover the [http://www.metasploit.org/donate.html Metasploit] framework with how-to information and details on using it to exploit systems. Learn tips, tricks
| |
− | | |
− | Speaker: Paul Battista
| |
− | | |
− | | |
− | '''TOPIC C: Hacking The Payment Gateway & Effective Countermeasures '''
| |
− | Payment gateways give merchants the ability to perform real-time credit card and check authorizations from a website over the Internet. 0-day exploits in the wild will be revealed
| |
− | | |
− | Speaker: Tom Ryan
| |
− | | |
− | | |
− | '''TOPIC D: KARMA '''
| |
− | This presentation will discuss and demonstrate [http://www.theta44.org/main.html#about KARMA ]an
| |
− | open-source assessment framework that demonstrates this risk with a modified wireless driver that responds as any network that a client may be looking for, a set of rogue services to capture client
| |
− | credentials, and client-side exploits and discuss other wireless client security issues including the vulnerabilities revealed in some wireless drivers such as the one demonstrated at BlackHat by David Maynor and Johnny Cache.
| |
− | | |
− | Speaker: Dino Dai Zovi
| |
− | | |
− | | |
− | '''TOPIC E: Incident Response '''
| |
− | 7-Things you need to know to respond to respond effectively to a computer security incident at your organization. This talk will cover both network and web applications
| |
− | | |
− | Speaker: Incident Response
| |
− | | |
− | | |
− | Unoffical XMas Party ;) ''' [http://www.dorrians.com/jc/priv.html DORRIANS]
| |
− | Just several doors down from the meeting is DORRIANS, take this time to raise a toast with your peers and plan OWASP talks, elections, locations and speakers for 2007'
| |
− | | |
− | For any questions or to volunteer place call 973-296-3862
| |