This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "London"
Dinis.cruz (talk | contribs) (→Next Event) |
(→Next Event) |
||
| Line 3: | Line 3: | ||
== Next Event == | == Next Event == | ||
* '''Wednesday, September 5''' (participating in the [[OWASP Day]] event) | * '''Wednesday, September 5''' (participating in the [[OWASP Day]] event) | ||
| − | ** Location: | + | ** Location: Auriol Kensington Rowing Club ([http://www.akrowing.com/page.php?page=findus map]), starting at 7pm (arrive between 6.30pm and 7pm). |
| + | |||
| + | * '''Programme''': | ||
| + | ** 18h30 Arrive and make yourselves comfortable. | ||
| + | ** 19h00 [http://gnucitizen.org/about/pdp Petko D. Petkov], a.k.a pdp (architect), founder of the [http://gnucitizen.org GNUCITIZEN] group: "For my next trick... hacking Web2.0" (see below for more details). | ||
| + | ** 20h00 Discussion: "Privacy in the 21st Century?", moderator: Ivan Ristic. | ||
| + | ** 21h00 Discussion: "Future of the OWASP London Chapter". | ||
| + | ** 21h30 End | ||
| + | |||
| + | ==== For my next trick... hacking Web2.0 (pdp) ==== | ||
| + | Web2.0, if I can summarize it with a few simple words, is all about communication, distribution, information, agents, clients and servers. Those who understand the 2.0 fundamentals have the power to manipulate the global Web to suit their needs - hackers, the new digital breed of the 2.0 world. Web2.0 hacking is a mean for communicating and distributing critical information in a better way. It can be used to build ghost infrastructures from where to launch attacks - anonymously, no traces, nothing. Web2.0 hacking is also about the thin line between client-side and server-side security. It is about the endpoints and the electronic highways. It is about reaching the masses and yet being able to perform attacks on specific targets. Web2.0 hacking is also about distribution and influence, covert channels, bots, IA, ghosts inside the electronic frame. Web2.0 hacking is also a movement, a cyber subculture where individuals show their technical abilities, and understandings of the world and use that to manipulate their way through the system. | ||
== Past Events == | == Past Events == | ||
Revision as of 14:27, 30 August 2007
OWASP London
Welcome to the London chapter homepage. The chapter leader is Dinis Cruz (since Jan 2007)
Participation
OWASP Foundation (Overview Slides) is a professional association of global members and is open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.
Sponsorship/Membership
to this chapter or become a local chapter supporter.
Or consider the value of Individual, Corporate, or Academic Supporter membership. Ready to become a member? 
Next Event
- Wednesday, September 5 (participating in the OWASP Day event)
- Location: Auriol Kensington Rowing Club (map), starting at 7pm (arrive between 6.30pm and 7pm).
- Programme:
- 18h30 Arrive and make yourselves comfortable.
- 19h00 Petko D. Petkov, a.k.a pdp (architect), founder of the GNUCITIZEN group: "For my next trick... hacking Web2.0" (see below for more details).
- 20h00 Discussion: "Privacy in the 21st Century?", moderator: Ivan Ristic.
- 21h00 Discussion: "Future of the OWASP London Chapter".
- 21h30 End
For my next trick... hacking Web2.0 (pdp)
Web2.0, if I can summarize it with a few simple words, is all about communication, distribution, information, agents, clients and servers. Those who understand the 2.0 fundamentals have the power to manipulate the global Web to suit their needs - hackers, the new digital breed of the 2.0 world. Web2.0 hacking is a mean for communicating and distributing critical information in a better way. It can be used to build ghost infrastructures from where to launch attacks - anonymously, no traces, nothing. Web2.0 hacking is also about the thin line between client-side and server-side security. It is about the endpoints and the electronic highways. It is about reaching the masses and yet being able to perform attacks on specific targets. Web2.0 hacking is also about distribution and influence, covert channels, bots, IA, ghosts inside the electronic frame. Web2.0 hacking is also a movement, a cyber subculture where individuals show their technical abilities, and understandings of the world and use that to manipulate their way through the system.
Past Events
- Thursday 22nd March
- Location: The Water Poet Pub, Liverpool St, London map , description
- We are going to use the downstairs room which you can access from the back of the pub
- Presentations:
- Mark O'Neill "Security Vulnerabilities in AJAX and Web 2.0" - 60 m
- Dinis Cruz "OWASP Spring of Code and Owasp world update " - 30 m
- Thursday 22nd February
- Location: The Water Poet Pub, Liverpool St, London map , description
- We are going to use the downstairs room which you can access from the back of the pub
- Presentations:
- by Dinis Cruz (Chief OWASP Evangelist) :
- OWASP, the Open Web Application Security Project 30m - The Open Web Application Security Project (OWASP) is an open community dedicated to enabling organizations to develop, purchase, and maintain applications that can be trusted. All of the OWASP tools, documents, blogs, and chapters are free and open to anyone interested in improving application security. In this presentation Dinis will show the latest guides and tools from OWASP which should be part of every company's security efforts.
- Buffer Overflows on .Net and Asp.Net 30m - One of the common myths about the .Net Framework is that it is immune to Buffer Overflows. Although this might be correct in pure managed and verifiable .Net code, large percentage of .Net and Asp.Net applications code is unmanaged code. In this talk Dinis will show the areas in .Net and Asp.Net applications that are vulnerable to Buffer Overflows (including the demo of a .Net Buffer Overflow Fuzzer).
- 0wning Vista's userland - The CAS / UAC missed opportunity , and what I think MS should had done - In this presentation Dinis will explore the missed opportunity by Microsoft to use technologies like .Net's CAS (Code Access Security) and Vista's UAC (User Access Control) to create secure and trustworthy userland environments that protect the user's assets. In the hope that might make a small difference, ideas and solutions for the future will also be presented.
- by Ivan Ristic:
- ModSecurity - 30m
- by Dinis Cruz (Chief OWASP Evangelist) :
- Schedule:
- 6pm - 7pm arrive and grab a drink
- 7:00 - OWASP, the Open Web Application Security Project, Dinis Cruz
- 7:45 - ModSecurity, Ivan Ristic
- 8:15 - Buffer Overflows on .Net and Asp.Net, Dinis Cruz
- 8:50 - 0wning Vista's userland - The CAS / UAC missed opportunity, and what I think MS should had done, Dinis Cruz
- 9:00 - Dinner (TBD)
