Difference between revisions of "Ghana"

Revision as of 17:45, 27 November 2018

OWASP Ghana

Welcome to the Ghana chapter homepage. The chapter leaders are Ash Dastmalchi and Hassan Abudu. Follow chapter news on Twitter at http://twitter.com/OWASPGhana

Participation

OWASP Foundation (Overview Slides) is a professional association of global members and is open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.

Sponsorship/Membership

to this chapter or become a local chapter supporter. Or consider the value of Individual, Corporate, or Academic Supporter membership. Ready to become a member?

Stay in Touch:

Chapter Sponsors

We are currently seeking OWASP Corporate Members who would like to aligned themselves with the Ghana chapter and therefore contribute funds to our chapter. Alternatively you can be a facility/venue sponsor or a refreshments sponsors. If Interested please get in touch with the Chapter leaders.

Meeting Sponsors

The following is the list of organisations who have generously provided us with space for OWASP Ghana chapter meetings:

Next Meeting/Event(s)

Chapter meetings are held several times a year, typically at a location provided by our current facility sponsor.

February or March 2019 - Exact Date and venue TBC

Code of Conduct:

We hope you enjoy our events, we care deeply about inclusivity and diversity so that OWASP is a comfortable and welcoming community for everyone. Please reach out to one of our chapter leaders if you have any feedback or would like to speak to us, we take these matters very seriously. You can find out more about our policies here: https://www.owasp.org/index.php/Governance/Conference_Policies

Speaking at OWASP Ghana Chapter Events

Call For Speakers

Call For Speakers is open - if you would like to present a talk on Application Security at future OWASP Ghana Chapter events - please review and agree with the OWASP Speaker Agreement and send the proposed talk title, abstract and speaker bio to the Chapter Leaders via e-mail:

 Owasp-ghana-owner (at) lists.owasp.org

Speakers are prefered to use OWASP Presentation Template for submissions.

Past Events

Saturday, 24th November 2018 (Greenhill, Legon Bypass)

Location: GIMPA School of Technology, Greenhill, Accra. (Legon Bypass)

Time: Doors Open at 1:30pm for registration and networking. The talks start at 2:00pm

Attendance: 120 participants

TALKS:

• OWASP Introduction, Welcome and News - Ash Dastmalchi

Welcome and a brief update on OWASP Projects & Events from the OWASP Ghana Chapter Leader.

• "OWASP Risk Rating presented by OWASP Risk Rating Management" - Yoseman Putra (Slides Online)

OWASP Risk Rating Management Project is a tool projects aim to educate user who want to assessment more than one or many web application using owasp risk rating methodologies. The project page can be visited by clicking here [[1]]

• "Defensive Coding" - Archzilon Eshun-Davies (Slides PDF)

A talk on defensive coding practices regardless of the language used.

• "Open-Source Intelligence (OSINT)" - Adam Nurudini (Slides PDF)

A run down on what is OSINT, methods of data gathering via various resources, followed by a hands-on demo using open source tools.

• "Wordpress Security" - Nii Ankrah (Slides PDF)

Wordpress Content Management Systems has gained a lot of popularity since its initial launch thanks to its user friendliness and the vast collection of plugins and themes. It is estimated 30% of the world’s website are powered by Wordpress. Like any other web application it is important you deploy and manage properly to ensure your data is safe. Sadly this has not been the case, with over 73.2% of the most popular WordPress installations are vulnerable to vulnerabilities which can be detected using free automated tools. This talk will focus on how to deploy Wordpress safely and managing wordpress instances in a way that safeguards the application from common vulnerabilities and attacks.

SPEAKERS:

Ade Yoseman Putra (OWASP Jakarta Indonesia Chapter Leader) (@johnleedik)

Information about Ade can be found via his OWASP profile page by clicking here [[2]]

Archzilon Eshun-Davies (@laudarch)

Arch is CISO and CEO of Tactical Intelligence Security(TAISE)

Adam Nurudini (@Bra__Qwesi)

Adam Nurudini is the Lead Security Researcher @ Netwatch Technologies, project Consultant, Information Security Architects Ltd, Member, Cybersecurity Resilience Service Team and a Web Application Penetration Tester. He is also the president of the GIMPA School of Technology Students Association.

Nii Ankrah (@niiankrah)

Nii has transitioned into information security with special interest malware analysis and helping companies achieve a good cyber security posture His engagements over the period include performing data centre and physical security reviews for clients within various industries, vulnerability assessments, application security audits and incident response.

TICKETS:

This event is free to attend for both members and non-members of OWASP and is open to anyone interested in application security and cyber security.

Register to attend this event at Meetup.com or at Eventbrite.com

Saturday, 18th August 2018 (Ridge)

Location: Kofi Annan ICT Centre, Ridge, Accra. (Next to Ministry of Communications)

Time: Doors Open at 1:30pm for registration and networking. The talks start at 2:00pm

Attendance: 70 participants

TALKS:

• OWASP Introduction, Welcome and News - Ash Dastmalchi & Hassan Abudu

Welcome and a brief update on OWASP Projects & Events from the OWASP Ghana Chapter Leaders.

• "Injection Attack" - Hassan Abudu (Slides PDF)

A quick primer of injection attacks including SQL injection.

• "Bypassing Security Restrictions , The case of CVE-2018-5955" - Adam Nurudini (Slides PDF)
• "Exploiting Server Side Template Injection with TPLMAP" - Divine Tsa (Slides PDF)
• "Insecure Direct Object Reference IDOR(Broken Access Control)" - Eric Biako (Slides PDF)

SPEAKERS:

Hassan Abudu(@hassanabudu)

Hassan Abudu is OWASP Ghana chapter co-leader. A Stanford University graduate, Hassan started the Freecodecamp in Ghana teaching students via weekly sessions various aspects of Web Development. He's also a freelance web developer and a part time artist.

Adam Nurudini (@Bra__Qwesi)

Adam Nurudini is a web application penetration tester at Netwatch Technologies and a recent Black Hat Asia attendee.

Divine Tsa (@selormofmars)

Divine Tsa is a cybersecurity engineer at a reputable tech company. He helps develop information security plans and policies, tests for vulnerabilities, monitors and investigates security breaches. During his 10 years experience in information technology, he has served in a variety of leadership, technical, and information security roles, including implementing the cybersecurity project in the central bank. Divine holds a bachelors degree in business administration and a post graduate diploma in IT from GIMPA.

Eric Biako

Eric has a Bsc in IT and a CEH v9. He's currently an Information security officer at E-connecta as well as moderator at Legal hackmen.

TICKETS:

This event is free to attend for both members and non-members of OWASP and is open to anyone interested in application security and cyber security.

Register to attend this event at Eventbrite.com