This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit


Revision as of 14:46, 11 January 2016 by Nwhysel (talk | contribs)

Jump to: navigation, search


Welcome to the Cairo chapter homepage. The chapter leaders are Mohamed Alfateh and Mostafa Siraj.


OWASP Foundation (Overview Slides) is a professional association of global members and is open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.


Btn donate SM.gif to this chapter or become a local chapter supporter. Or consider the value of Individual, Corporate, or Academic Supporter membership. Ready to become a member? Join Now BlueIcon.JPG

Local News

OWASP Application security event in Ain Shams University Feb. 2016
ASU logo.gif

Registration Details:
Will be opened soon,
It is free and we don't have limitation for the number of attendees

Ain Shams University Khalifa El-Maamon St، Cairo,‬ 11566 , EGYPT

Saturday, December 5th, 2015
10:00 AM until 02:00 PM

Event Agenda:
1- Introduction to application security and OWASP academic program (30 min)
2- OWASP top 10 in details (45 min)
3- OWASP AppSec Projects, how could students contributes and how to get support from Egyptian OWASP members (45 min)
4- Open Discussion panel

Detailed agenda will be updated soon

OWASP Cairo Chapter in Bluekaizen CSCamp 20 Sep. 2015
OWASP Egypt-Bluekaizen.png

Registration Details:
The Attendance will be free of charge without need for conference ticket,

These sessions are served in the way of First Come First Served. The room has a limitation of 50 persons only. If you are interested to attend please try to be there before the session start by a good amount of time.

Intercontinental City Stars, Al saraya Hall, Nasr City, Cairo, EGYPT

Saturday, September 20th, 2015
02:00 AM until 05:00 PM

Event Agenda:
Software Security Assurance
(By: Nadim Barsoum)

Implementing a software security assurance program can be a daunting task that can leave program managers and consultants equally overwhelmed. In this talk we discuss the main building blocks of a software security assurance program and suggest light-weight methods for jump-starting your program with a focus on assurance activities and their relating governance aspects.

Mobile Application Security
(By: Hassan Elhadary)

Nowadays web applications are being transformed into mobile applications allowing users to perform security critical functions such as money transfers and bill payments from their mobile devices. Newly added features on mobile applications expose new attack surface for hackers and thus increase the challenges for developers to defend their mobile applications. This talk will focus on latest techniques utilized by attackers to conduct security attacks on mobile applications. It will include real life stories and demos inspired from professional experience and research in bug bounty programs. Finally, recommendations will be outlined to help developers mitigate most common attacks affecting mobile applications.

Application Threat Modeling
(By: Mohamed Alfateh)

According to the US Computer Emergency Readiness Team (US-CERT), most successful cyber-attacks result from targeting and exploiting software vulnerabilities. Threat Modeling is a critical activity for identifying such vulnerabilities early in the development stages. In this talk, we will discuss application threat modeling process, how to perform threat modeling in systematic way and how to integrate threat modeling in your software development life-cycle.

OWASP Cairo Chapter Event (May 2015)
Logo OWASP Nile.png

Registration Portal: Click Here

Meeting Agenda:

10:00 – 10:30 Registration
10:30 – 11:30 Standards of Information Security, Privacy and Governance in Enterprise Application Security
(By: Adel Abdel Moneim)
11:30 – 12:30 ZAP Project, New Release, New Features
(By: Mohamed Alfateh)
12:30 – 01:00 Break 01:00 – 02:00 HTML5 security
(By: Hassan Mohammed)
02:00 – 03:00 WAF Evasion Techniques and Thoughts of Secure Coding
(By: Ahmed Alaa)

Nile University Juhayna Square - Sheikh Zayed, Giza,

Saturday, May 9, 2015
10:00 AM until 3:30 PM

Chapter Facebook Page:

OWASP Cairo Chapter in Bluekaizen CSCamp 2014
OWASP Egypt-Bluekaizen.png

Registration Details:
The Attendance will be free of charge without need for conference ticket,

These sessions are served in the way of First Come First Served. The room has a limitation of 50 persons only. If you are interested to attend please try to be there before the session start by a good amount of time.

Nile University, New Campus, Sheikh Zayed District, 6th of October, Giza, EGYPT

Saturday, November 29th, 2014
02:30 AM until 05:30 PM

Event Agenda:
Advanced XSS Filter Evasion and Post Exploitation
(By: Ahmed Saafan)
Hands-on Reverse Engineering Android Malware
(By: Anwar Mohamed)
Introduction to web crawling (build a smart web crawler)
(By: Ayman Mohamed)

Chapter Meeting (14 June 2014)

Registration Portal: Click Here

Meeting Agenda:

10:00 – 10:30 Registration
10:30 – 11:15 US AppSec Conference 2013 – Brief about some Interesting Topics
(By: Mostafa Siraj)
11:15 – 12:00 Sleeping your way out of the sandbox
(By: Hassan Mourad)
12:00 – 12:30 Pwning the skiddies using the anonymity weapon
(By: Ahmed Sultan)
12:30 – 01:15 HTML5 security
(By: Hassan Mohammed)
01:15 – 02:00 Break
02:00 – 02:45 Anti "Anti-Crawling" Techniques
(By: Ayman Mohammed)
02:45 – 03:30 Cloud Security Risks - Pain & Relief
(By: Moataz Abd El Khalek)
03:30 – 04:15 Mobile Application hacking and forensics
(By: Adel Abdel Moneim)

56 Gamaet El Dewal El Arabeya St - Al-Mohandiseen Building - In front of Moustafa mahmoud's mosque

Saturday, June 14th, 2014
10:00 AM until 4:00 PM

Chapter Facebook Page:

Sessions Description

Pwning the skiddies using the anonymity weapon
Proxy services and vpn servers are used widely all over the world But , can you really depend on them as secure way to surf the WWW? We gonna demonstrate how the such services are invisibly used to take over thousands of PCs every single hour.

Sleeping your way out of the sandbox
Recently, a new breed of security solutions appeared in the market, Sandbox based Antimalware solutions, promising to be the answer to advanced malware and APTs.

Yet, as always, there are ways to circumvent any control. In this presentation we will examine a new technique to bypass sandbox based solutions, allowing malware to avoid detection and giving it a free pass to your network.

HTML5 security
HTML5 was specially designed to deliver rich content without the need for additional plugins. The current version delivers everything from animation to graphics, music to movies, and can also be used to build complicated web applications. Through introducing these new features new vulnerabilities are introduced as well.

This talk will give an introduction about HTML5 and its new features. Then will select a number of examples to demonstrate the positive, and negative impact of these features for web application security.

Event gifts sponsored by SecurityMeter and ZINAD

Chapter Strategic Meeting (6 May 2014)

This meeting will focus on preparing the chapter activities plan. (2 hours meeting with no educational sessions)
The meeting will be limited for Egyptian AppSec experts only
During this meeting, we will discus (in details) the chapter participation in the application security awareness program (determine the joined resources, selecting workshops materials ..... )

If anyone is interested, please contact the chapter leader Mohamed Alfateh

Event Logo.png

OWASP-Egypt Event (12 April 2014)

Event Presentations

Eg-CERT Cyber security Awareness Team [Ahmed Mashaly]
Living at 21 programmers’ st. Pitfalls in code review [Fady Othman]
OWASP SRDF Project [Anwar Mohamed]
Yahoo Zero Day Vulnerability - Code Point of View [Ebrahim Hegazy]
OWASP Lab Projects Overview [Ahmed Saafan]
OWASP Flagship Projects Overview [Hassan Elhadary]
OWASP Egypt Chapter - Introduction [Mohamed Alfateh]

This event will focus on introducing OWASP to our local community, organizing the chapter contribution and planning the 2014 chapter activities.
The event will be hold on the second Saturday of April (12/4/2014) at EBI (Egyptian Banking Institute)
Meeting Agenda

10:00 – 10: 30 OWASP Egypt Chapter - Introduction (By: Mohamed Alfateh)
10:30 – 11:00 Egypt Cert Application Security Awareness Program (By: Ahmed Mashaly)
11:00 – 11:30 US AppSec Conference 2013 – Brief about some Interesting Topics(By: Mostafa Siraj)
11:30 – 12:00 OWASP Security Research and Development Framework(By: Anwar Mohamed)
12:00 – 12:30 Break
12:30 – 01:00 Effective Bug Hunting for Open Source Applications (By: Fady Othman)
01:00 – 01:30 Yahoo Zero-Day Vulnerability - Code Point of View(By: Ibrahim Hegazy)
01:30 – 02:45 OWASP Projects - Overview(By: Ahmed Saafan, Hassan Alhadary and Mohamed Alfateh)
02:45 – 04:00 Panel Discussion: Information Security Challenges, from Individual Privacy to National Security. (Session moderator: Adel Abdel Moneim)

As of 11 September 2011, there is now a new OWASP Chapter in Mansoura, Egypt. The chapter leader is Ahmed Neil. Click here to learn more about what is going on in Mansoura! OR Click here to view or subscribe to the Mansoura mailing list.

You can Download the OWASP LiveCD presentation HERE ( Presented @ OWASP - Alexandria Meeting and QCERT Event ) January 2009

Chapter Meetings

OWASP-Egypt Presents on the OWASP Live CD

Qatar,January 27th , OWASP Egypt Presented a live DEMO of the OWASP Live CD During the Qatar Chapter Meetings, More than 60 Copies of the Live CD were distributed to the delegates of Carnegie Mellon Qatar and Qatar University Press Release , A copy of the Presentation Can be Found HERE.

OWASP-Egypt Presents on the OWASP Initiatives

Alexandria,Egypt 12th of February 2009, OWASP Egypt presented (Introduction to OWASP Initiatives ) to the IT staff of 2 prominent Oil&Gas Companies

OWASP-Egypt Holds a Presentation in Qatar

Doha,Qatar 24th of February 2008 , OWASP-Egypt participated in a web security awareness session held in Qatar Sponsored by the country's national CERT team.

the delegates were briefed on OWASP and its objectives, the role OWASP-Egypt chapter is playing in promoting web security best practices in the local IT community and our personal experience on how Qatar can start its very own OWASP chapter.

With the amount of enthusiasm we felt we are expecting a new chapter in the region very soon !

Egypt OWASP Chapter Leaders

Cairo chapter leader is Mohamed Alfateh.

The Mansoura chapter leader is Ahmed Neil.