This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Delhi NCR"

From OWASP
Jump to: navigation, search
(May Meet details updated)
(June Meet Details updated)
Line 10: Line 10:
 
= '''Upcoming Meeting/Event(s)''' =
 
= '''Upcoming Meeting/Event(s)''' =
  
May 2015 meet on '''23rd May, 2015 (Saturday) - 03:00 PM IST'''
+
June 2015 meet on '''20th June, 2015 (Saturday) - 11:00 AM IST'''
  
 
'''Note''' – OWASP Delhi chapter meets are free and open to everyone. Prior registrations are mandatory in order to be allowed to attend the meet.  
 
'''Note''' – OWASP Delhi chapter meets are free and open to everyone. Prior registrations are mandatory in order to be allowed to attend the meet.  
  
For '''Registration/RSVP''' please visit - http://bit.ly/1L9sWMn
+
For '''Registration/RSVP''' please visit - http://bit.ly/1QhlN2E
  
 
'''Session Details/Agenda:'''
 
'''Session Details/Agenda:'''
 
----------------------
 
----------------------
'''3:00 PM - 3:15 PM:''' Introductions
+
'''11:00 AM - 11:15 AM:''' Introductions
  
'''3:15 PM - 3:30 PM:''' News Bytes by '''Sandeep Garg'''
+
'''11:15 AM - 11:30 AM:''' News Bytes
  
'''3:30 PM - 4:00 PM:''' SQL Injection behind the scene by '''Prateek Sharma'''
+
'''11:30 AM - 12:00 PM:''' Internet of Things (IoT) - Threats, Risks and Vulnerabilities by '''Sanjay Kumar'''
  
'''About Prateek:''' Prateek is currently working with DELL as a module lead with experience of over 5 years in Software development and application security mainly on .Net
+
'''Abstract:''' The Internet of Things (IoT) opens up a world of possibilities for our connected lives. But what if a hacker could gain control of the things that mean the most to us. The talk would also discuss some possible hacking scenarios that could just happen.
  
'''4:00 PM - 5:00 PM:''' Cryptographic Implementations in Software Development - Part 2 by '''Arjun Singh'''
+
The speaker will also discuss about following points:
  
'''About Arjun:''' Software developer for about 15 years, currently at Adobe. Working on web applications and web application security for last two years.
+
A description of the attack surface
 +
- Threat agents
 +
- Attack vectors
 +
- Security weaknesses
 +
- Technical impacts
 +
- Business impacts
 +
- OWASP Top 10 2014 for IOT
  
'''5:00 PM - 5:15 PM:''' Tea/Coffee/Networking Break
+
'''12:00 PM - 12:30 PM:''' Fido U2F Protocol by '''Ather Ali'''
  
'''5:15 PM – 6:00 PM:''' I know what you installed last summer by '''Saurabh''' (Remote)
+
'''Abstract:'''  
 +
- Introduction to FIDO U2F Protocol
 +
- How it works
 +
- Why we use it in place of others Oath mechanism
 +
- Who is currently using it and ease of use
 +
- How we can implement into different languages(Just reference to Developer link)
  
''' Abstract:''' This talk is going to be centered around Yasuo, an open-source vulnerable application scanner purely written in Ruby. If you search through Exploit-db, there are over 10,000 remotely exploitable vulnerabilities that exist in tons of web applications and could allow an attacker to completely compromise the back-end server. These vulnerabilities range from RCE to malicious file uploads to SQL injection to LFI and so on. We often talk about exploiting JBoss jmx-console, Apache tomcat manager but that’s just scratching the surface.
+
'''12:30 PM - 12:45 PM:''' Tea/Coffee/Networking Break
  
A random wise man once said “It’s not about what, it’s about where”. With all the modern network protections these days, a smart hacker, good or bad, is always looking for that one IP, one port, one application that could be exploited to penetrate through the network. Yasuo is built to quickly scan the network for such vulnerable applications thus serving pwnable targets on a silver platter.
+
'''12:45 PM 1:45 PM:''' So you know all about XSS by '''Vaibhav Gupta'''
  
During this talk, we will elaborate on the development of Yasuo, the problem, the challenges and how it can be effective in hacking an organization in the real-world scenario.
+
'''1:45 PM - 2:00 PM:''' Feedback and Topic Discussion for Next Month
  
''' About Saurabh:''' Saurabh has a bachelor’s degree in Electronics & Telecommunications. He currently works at Trustwave SpiderLabs and is part of Network Pentest team. During his industry experience of over a decade, Saurabh has worked across diversified industry verticals such as Banking, Aerospace, Building solutions, Process and Control Systems and has developed expertise is various aspects of Information security. Saurabh specializes in web application & network security, with secret crush on binary reverse engineering. He has contributed towards proof-of-concept exploits and white papers in infosec domain as well as delivered security trainings to various fortune 500 clients globally and at reputed security conferences such as CansecWest and BlackHat. Saurabh has also spoken at some of the reputed security conferences including Derbycon, Toorcon, Hack3rcon and BSides Toronto.
+
'''When:''' 20th June, 2015 (Saturday) - 11:00 AM IST  
 
 
'''6:00 PM - 6:30 PM:''' Feedback and Topic Discussion for Next Month
 
 
 
'''When:''' 23rd May, 2015 (Saturday) - 03:00 PM IST  
 
  
 
'''Where:'''  
 
'''Where:'''  
Adobe Systems
+
Airtel
I-1A, City Center, Sector-25A,
+
Plot No 16,  
Noida – 201301
+
Udyog Vihar Phase IV,
 
+
Gurgaon, Haryana 122001
'''Nearest Landmark:''' 200 meters ahead of Spice Mall
 
  
'''How to Reach Venue:''' 3 KMs from Noida Sector-18 Metro station. Rickshaw from there should cost ~50 rupees
+
'''How to Reach Venue:''' Auto available from IFFCO Chowk/MG Road Metro Station ( Airtel Office location is Atlas Chowk)
  
 
'''Nearest Metro Stations:'''
 
'''Nearest Metro Stations:'''
1. Noida Sector 18
+
1. IFFCO Chowk Metro Station
2. Noida City Center
+
2. MG Road Metro Station
  
'''Google Maps''' -  http://goo.gl/13WyMa
+
'''Google Maps''' -  http://bit.ly/1G6eCCG
  
 
= '''Stay Updated''' =
 
= '''Stay Updated''' =
Line 91: Line 97:
  
 
= '''Past Events/Archives''' =
 
= '''Past Events/Archives''' =
 +
[https://www.owasp.org/index.php/Null_%26_OWASP_Delhi_Combined_Meeting_May_2015 OWASP Delhi Meeting - May 23rd, 2015] </br>
 
[https://www.owasp.org/index.php/Null_%26_OWASP_Delhi_Combined_Meeting_April_2015 OWASP Delhi Meeting - April 25th, 2015] <br/>
 
[https://www.owasp.org/index.php/Null_%26_OWASP_Delhi_Combined_Meeting_April_2015 OWASP Delhi Meeting - April 25th, 2015] <br/>
 
[https://www.owasp.org/index.php/Null_%26_OWASP_Delhi_Combined_Meeting_March_2015 OWASP Delhi Meeting - March 28th, 2015] <br/>
 
[https://www.owasp.org/index.php/Null_%26_OWASP_Delhi_Combined_Meeting_March_2015 OWASP Delhi Meeting - March 28th, 2015] <br/>

Revision as of 09:52, 8 June 2015

OWASP Delhi

Welcome to the Delhi chapter homepage. The chapter leader is Vishal Asthana with Vaibhav Gupta and Sandeep Singh


Participation

OWASP Foundation (Overview Slides) is a professional association of global members and is open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.

Sponsorship/Membership

Btn donate SM.gif to this chapter or become a local chapter supporter. Or consider the value of Individual, Corporate, or Academic Supporter membership. Ready to become a member? Join Now BlueIcon.JPG


Chapter Sponsors

Adobe logo.png                            Sapient logo.png

Sponsor OWASP Delhi Chapter to help us organize open and free monthly meetings. For more information, contact the chapter leaders

June 2015 meet on 20th June, 2015 (Saturday) - 11:00 AM IST

Note – OWASP Delhi chapter meets are free and open to everyone. Prior registrations are mandatory in order to be allowed to attend the meet.

For Registration/RSVP please visit - http://bit.ly/1QhlN2E

Session Details/Agenda:

11:00 AM - 11:15 AM: Introductions

11:15 AM - 11:30 AM: News Bytes

11:30 AM - 12:00 PM: Internet of Things (IoT) - Threats, Risks and Vulnerabilities by Sanjay Kumar

Abstract: The Internet of Things (IoT) opens up a world of possibilities for our connected lives. But what if a hacker could gain control of the things that mean the most to us. The talk would also discuss some possible hacking scenarios that could just happen.

The speaker will also discuss about following points:

A description of the attack surface - Threat agents - Attack vectors - Security weaknesses - Technical impacts - Business impacts - OWASP Top 10 2014 for IOT

12:00 PM - 12:30 PM: Fido U2F Protocol by Ather Ali

Abstract: - Introduction to FIDO U2F Protocol - How it works - Why we use it in place of others Oath mechanism - Who is currently using it and ease of use - How we can implement into different languages(Just reference to Developer link)

12:30 PM - 12:45 PM: Tea/Coffee/Networking Break

12:45 PM – 1:45 PM: So you know all about XSS by Vaibhav Gupta

1:45 PM - 2:00 PM: Feedback and Topic Discussion for Next Month

When: 20th June, 2015 (Saturday) - 11:00 AM IST

Where: Airtel Plot No 16, Udyog Vihar Phase IV, Gurgaon, Haryana 122001

How to Reach Venue: Auto available from IFFCO Chowk/MG Road Metro Station ( Airtel Office location is Atlas Chowk)

Nearest Metro Stations: 1. IFFCO Chowk Metro Station 2. MG Road Metro Station

Google Maps - http://bit.ly/1G6eCCG

Join our low traffic mailing list for events information and technical discussions

Delhi JoinEmailList.jpg Subscribe to OWASP Delhi Mailing list



Follow @OWASPdelhi for event updates on Twitter

Twitter-bird-cropped-onwhite-40%smaller.png OWASP Delhi Twitter Account



Join our LinkedIn group for event updates on LinkedIn

Delhi linkedin.jpg OWASP Delhi LinkedIn Group



OWASP Delhi Blog

Delhi Blog.jpg OWASP Delhi Blog

OWASP Delhi July, 2014 Monthly Meeting Presentations

Botnets - What, How and Why by Utsav Mittal
Combating Cyber Crime by Priyanka Tomar


Retrieved from "https://wiki.owasp.org/index.php?title=Delhi_NCR&oldid=195867"