This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Ghana"

From OWASP
Jump to: navigation, search
m
 
(39 intermediate revisions by 3 users not shown)
Line 1: Line 1:
[[File:banner15.jpg]]
+
{{Chapter Template|chaptername=Ghana|extra=The chapter leaders are [mailto:[email protected] Ash Dastmalchi] and [mailto:hassan.abudu@owasp.org Hassan Abudu]. Follow chapter news on Twitter at http://twitter.com/OWASPGhana
{{Chapter Template|chaptername=Ghana|extra=The chapter leader is [mailto:theodore.sagoe@owasp.org Theodore Sagoe].|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-ghana|emailarchives=http://lists.owasp.org/pipermail/owasp-ghana}}
+
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-ghana|emailarchives=http://lists.owasp.org/pipermail/owasp-ghana}}
  
== Local News ==
+
===Chapter Sponsors===
 +
We are currently seeking OWASP Corporate Members who would like to aligned themselves with the Ghana chapter and therefore contribute funds to our chapter. Alternatively you can be a facility/venue sponsor or a refreshments sponsors. If Interested please get in touch with the Chapter leaders.
 +
<br />
  
 +
===Meeting Sponsors===
 +
The following is the list of organisations who have generously provided us with space for OWASP Ghana chapter meetings:<br />
 +
<ul><table cellpadding="10" cellspacing="0" border="0"><tr>
 +
<td> [[File:Ghana Tech Labs.jpg||link=http://ghanatechlab.com/|alt=Ghana Tech Lab]]</td>
 +
<td> [[File:University of Ghana.png|link=https://www.ug.edu.gh/cs/|alt=Department of Computer Science University of Ghana]]</td>
 +
<td> [[File:GIMPA logo.jpg|link=http://nweb.gimpa.edu.gh/schools/school-of-technology/|alt=GIMPA School of Technology]]</td>
 +
<td> [[File:LAUG logo.jpg|link=https://linuxaccra.org/|alt=Linux Accra User Group Logo]]</td>
 +
</tr></table></ul>
  
 +
==Chapter Volunteers==
 +
Volunteering carries many benefits including meeting great people, learning new skills, and above all – fun!  We appreciate the assistance that our volunteers provide to ensure our events run smoothly. If you would like to help out for few hours with administrative tasks on the day of events, please reach out via email or twitter. The following is the list of organisation(s) who have provided us volunteers:
 +
<ul><table cellpadding="10" cellspacing="0" border="0"><tr>
 +
<td> [[File:Ghana_Volunteer_Program.png|link=http://volunteeringh.org/|alt=Ghana Volunteer Program]]</td>
 +
</tr> </table> </ul>
 +
==Stay in Touch==
 +
<center>
 +
{| cellspacing="15"
 +
|-
 +
| [[Image:Meetup-button.png|link=https://www.meetup.com/OWASP-Ghana-Chapter/]]
 +
| [[Image:Follow-us-on-twitter.png|175px|link=https://twitter.com/OWASPGhana]]
 +
| [[Image:Mailchimp_Logo-Horizontal_Black.png|175px|link=http://eepurl.com/dDZKDf]]
 +
|} </center>
  
 +
==Next Meeting/Event(s)==
 +
Chapter meetings are held several times a year, typically at a location provided by our current facility sponsor.
  
[[Category:OWASP Chapter]]
+
===  February/March 2020 (Exact date TBC and announced) ===
[[Category:Africa]]
 
  
 +
====TICKETS:====
 +
This event will be free to attend for both members and non-members of OWASP and is open to anyone interested in application security and cyber security.
  
 +
Register to attend this and our future events via [https://www.meetup.com/OWASP-Ghana-Chapter/ meetup.com]
 +
Or via [https://www.eventbrite.com/e/applicationsoftware-security-september-meetup-by-owasp-ghana-tickets-70303689227 eventbrite.com]
  
 +
'''Code of Conduct''':
 +
:We hope you enjoy our events, we care deeply about inclusivity and diversity so that OWASP is a comfortable and welcoming community for everyone. Please reach out to one of our chapter leaders if you have any feedback or would like to speak to us, we take these matters very seriously. You can find out more about our policies here: https://www.owasp.org/index.php/Governance/Conference_Policies
  
 +
== Speaking at OWASP Ghana Chapter Events ==
 +
====Call For Speakers====
 +
Call For Speakers is open - if you would like to present a 15-45 minute talk on Application / Cyber Security at future OWASP Ghana Chapter events - please review and agree with the [[Speaker_Agreement | OWASP Speaker Agreement]] and submit your talk/presentation via  [https://docs.google.com/forms/d/e/1FAIpQLSep6HqWEJoN4l_vbytrAEChBGOyge-A61nd_0JvGsl6r5HpZA/viewform Google Forms]
  
= About =
+
<center>
 +
{| cellspacing="15"
 +
|-
 +
| [[Image:Google_Forms.png|link=https://docs.google.com/forms/d/e/1FAIpQLSep6HqWEJoN4l_vbytrAEChBGOyge-A61nd_0JvGsl6r5HpZA/viewform]]
 +
|} </center>
  
'''About'''
+
Please note that you can also pair up with a colleague and present a joint talk. Please ensure that your talk is objective, stresses open source approaches, and avoids references to any commercial offerings of your
 +
company. We are looking forward to your submissions
  
Ghana CyberSecurity aims to be the premier and marquee Information Security and Assurance event for technologists, auditors, risk managers, and entrepreneurs, gathering the world’s top practitioner, to share the latest research, case studies and practices, in the high energy atmosphere of the British Council, Accra.
+
Speakers are prefered to use [https://www.owasp.org/index.php/Category:OWASP_Presentations OWASP Presentation Template] for submissions.  
  
[[Image:Brochure.pdf|Download OWASP Ghana Brochure]]
+
== Past Events ==
  
 +
===  Saturday 21st September 2019 10am-2pm===
  
'''Why You Should Attend'''
+
'''Location: '''Ghana Tech Lab, Accra Digital Lab, Ring Road West, Accra.
  
• Keynote: Insightful keynote addresses delivered by leading industry visionaries from thought leaders of critical infrastructure.
+
'''Attendance: ''' 55 participants
  
• Delivery: Parallel Running Tracks and Hands-on Advanced Training Sessions. (builder/breaker/defender) with world-renowned subject matter experts
+
====TALKS:====
  
• Format: Sessions will be delivered in 30, 60 or 90 minute blocks, for better topic coverage and improved learning experience.
+
*'''WAF Filter 404 Not Found - Blay Safian''' ([[Media: Waf-filter-404-not-found.pdf |Slides PDF]])
  
• Location: Convenient location at the heart of Accra
+
*'''Lighting Talk on Broken Authentication: What it means, and what you can do - Hassan Abudu''' ([[Media: OWASP_broken_authentication.pdf |Slides PDF]])
  
• Value: Competitive and lower pricing.
+
*'''Wireless Security  and its Discontents - Boyan Lazarevski''' ([[Media: OWASP-Sep-2019-BL_(v.2).pdf |Slides PDF]])
  
• Live Training With Hands-On Bootcamp: Same courseware as APPSEC conferences, with Boot camp hours to reinforce learning.
+
====SPEAKERS:====
  
• Your Instructor: OWASP Instructors are real world practitioners with years of experience.
+
'''Blay Safian'''
 +
:An Electrical Engineering and Automation Degree holder and a certified Advance Penetration tester. Defcon China 2.0 attendee.
  
• Networking: You will get to know your InfoSec peers and can collaborate long after the training, with a unique platform to showcase products and services to decision makers,
+
'''Boyan Lazarevski([https://twitter.com/BoyanLazarevski @BoyanLazarevski])'''
government, policy makers, investigators, regulators, law enforcement agencies, and security and defense establishments.
+
:Boyan is a certified IT Operations Specialist with a passion for computer hardware and cybersecurity.
  
• Online tools: Access to free resources and audio files.
+
'''Hassan Abudu([https://twitter.com/hassanabudu @hassanabudu])'''
 +
:Hassan is OWASP Ghana chapter co leader, a web developer, a teacher and a technologist in general.  
  
• Smaller class sizes: You get more one-on-one time with your instructor so you can master course material.
+
====CTF for Developers:====
 +
OWASP Ghana Chapter is pleased to announce the 2019 OWASP Ghana CTF Tournament for Application Developers.
  
• Certification: You get a certificate at the end of your training demonstrating you have the technical skills needed to meet their security responsibilities.
+
CTF (Capture The Flag) is a type of computer security competition. Contestants are presented with a set of challenges and puzzles which test their creativity, technical coding (and googling) skills, and problem-solving ability. Challenges usually cover a number of categories and when solved, each yields a “flag” which is submitted to a real-time scoring service. The difficulty levels are from beginners to advanced. CTF tournaments are a great and fun way for software developers to learn a wide array of cyber security / application security skills in a safe and legal environment. Most programming languages supported. IMPORTANT: Please bring your own LAPTOP and a charger for it to this event
  
• Standard: Many private companies and government agencies now require new job candidates to have knowledge of OWASP.
+
This CTF environment is kindly provided by [https://securecodewarrior.com/ Secure Code Warrior].
  
[[Image:Powerpoint_file.pdf‎ | Why OWASP pdf file]]
+
===  Saturday, 8th June 2019 10am-2pm===
  
 +
'''Location: '''Department of Computer Science, University of Ghana, Legon, Accra.
  
'''Who Should Attend?'''
+
'''Attendance: ''' 65 participants
  
Developers, Auditors, Risk Managers, Executives, Management, Press, Law Enforcement, Entrepreneurs, Executives, Policy Makers, Managers, Technical Leaders, Analysts, Engineers, and Students, Law Enforcement & Legal Authorities and Entrepreneurs
+
====TALKS:====
  
[http://goo.gl/sQWdpp Registration details]
+
*'''The State of Phishing Attack Vector - Isaac Kweku Acheampong''' ([[Media: Phishing_Presentation(OWASP_Ghana).pdf |Slides PDF]])
  
 +
*'''Lighting Talk on HTTPS - Hassan Abudu''' (no slides)
  
 +
*'''Smart Grid IoT Security - Kwaku Sarpong Manu''' ([[Media: Smart_Grid_IoT_Security_(OWASP_Ghana).pdf |Slides PDF]])
  
= Registration =
+
*'''Achilles and the Bee - Fabiola Amedo''' ([[Media: Achilles_and_the_Bee_Presentation(OWASP_Ghana).pdf |Slides PDF]])
  
'''Special Registration and Membership Prices'''
+
*'''Anatomy of a DNS Cache Poisoning Attack - Boyan Lazarevski''' ([[Media: DNS_Cache_Poisoning(OWASP_GHANA).pdf |Slides PDF]])
  
1 day event: Thursday event
+
====SPEAKERS:====
(Exhibition, Main event and Canapés and cocktail): GH₵180 or $90
 
  
1 day event: Friday event
+
'''Isaac Kweku Acheampong'''
(Training): GH₵100 or $50
+
:Isaac is currently working as a Facilities Manager, holds BSc IT and Sec+ certified.
  
2 day event: Thursday & Friday event: GH₵200 or $100
+
'''Kwaku Sarpong Manu([https://twitter.com/_kwaku__ @_kwaku__])'''
 +
:Kwaku is a Graduate Computer engineering student from KNUST. Avid reader, active sportsman and student politician. He's also an student Consultant at GWCL, advising the Technology and Innovation Department.
  
Corporate & Group Registration
+
'''Fabiola Amedo([https://twitter.com/fabluz @fabluzi])'''
 +
:Fabiola is currently working at KPMG Ghana as an IT advisory professional.
  
10% discount for 6 people and over
+
'''Boyan Lazarevski([https://twitter.com/BoyanLazarevski @BoyanLazarevski])'''
 +
:Boyan is a certified IT Operations Specialist.
  
20% discount for 10 people and over
+
===  Saturday, 16th March 2019 10am-2pm ===
  
[https://www.cvent.com/events/owasp-ghana-2013/registration-a279d65aa3564d7988ec78d36d7cc333.aspx  Register Now]
+
'''Location: '''Department of Computer Science, University of Ghana, Legon, Accra.
  
 +
'''Attendance: ''' 85 participants
  
To get a formal quote for company or group registrations, please send an email to get quote
+
====TALKS:====
  
All attendees have access to of all Ghana CyberSecurity activities including Exhibitor Showroom and Networking session.
+
*'''OWASP Introduction, Welcome and News - Ash Dastmalchi''' ([[Media: Intro_Presenation_-_Chapter_meeting_March_2019.pdf |Slides PDF]])
 +
:Welcome and a brief update on OWASP Projects & Events from the OWASP Ghana Chapter Leader.
  
Cancellations, Refunds, and Substitutions
+
*'''Your web server has been hacked now what? by Archzilon Eshun-Davies''' ([[Media: OWASP_Your_Web_Server_Has_been_hacked_now_what.pdf |Slides PDF]])
 +
:A walk through on what to look out for after a web server has been hacked by analysing the logs and how to prevent future hacks.
  
All ticket sales are final and our general policy is no refunds, but we are willing to make exceptions for extraordinary circumstances. Let us know if you think you should be considered for an exception.
+
*'''Cross-Site Scripting Attacks (XSS) by Adam Nurudini''' ([[Media: OWASP_XSS_Presentation_-_By_Adam_Nurudini.pdf |Slides PDF]])
 +
:Intro to XSS, how it works, what it affects and how to prevent it along with a live demo.
  
In the event you are not able to attend the event, we are able to substitute registrations at no charge until December 1, 2013.
+
*'''OWASP Juice Shop Project video presentation by Bjoern Kimminich'''  ([https://www.youtube.com/watch?v=Lu0-kDdtVf4 Youtube.com])
 +
:A playback of recording from [[OWASP BeNeLux-Days 2018]] giving a complete introduction to the [https://www.owasp.org/index.php/OWASP_Juice_Shop_Project OWASP Juice Shop] including a live demonstration of the application and how to hack it.
  
After December 1, a minimal charge will be associated with any substitute registrations to cover administrative and badge re-printing fees.
+
====SPEAKERS:====
  
 +
'''Adam Nurudini ([https://twitter.com/Bra__Qwesi @Bra__Qwesi])'''
 +
:Adam Nurudini is the Lead Security Researcher @ Netwatch Technologies, project Consultant, Information Security Architects Ltd, Member, Cybersecurity Resilience Service Team and a Web Application Penetration Tester. He is also the president of the GIMPA School of Technology Students Association and Black Hat Attendee.
  
 +
'''Archzilon Eshun-Davies ([https://twitter.com/laudarch @laudarch])'''
 +
:Arch is CISO and CEO of Tactical Intelligence Security(TAISE)
  
= Venue & Hotel =
+
'''Bjoern Kimminich ([https://twitter.com/bkimminich @bkimminich]) '''
 +
:OWASP [[https://www.owasp.org/index.php/OWASP_Juice_Shop_Project Juice Shop Project]] Leader, more Information about Bjoern can be found via his OWASP profile page by [[https://www.owasp.org/index.php/User:Bjoern_Kimminich clicking here]]
  
'''Venue'''
+
=== Saturday, 24th November 2018 2pm-5pm ===
  
British Council
+
'''Location: '''GIMPA School of Technology, Greenhill, Accra. (Legon Bypass)
  
Liberia Road
+
'''Attendance: ''' 120 participants
  
P O Box GP 771
+
====TALKS:====
  
Accra
+
*'''OWASP Introduction, Welcome and News - Ash Dastmalchi'''
 +
:Welcome and a brief update on OWASP Projects & Events from the OWASP Ghana Chapter Leader.
  
Location of British Council view map https://maps.google.co.uk/maps?rlz=1C1CHFX_en-gbGB540GB540&q=british+council,+Liberia+Road+Accra,+Ghana&bav=on.2,or.r_cp.r_qf.&bvm=bv.50165853,d.Yms,pv.xjs.s.en_US.seW1cfrvSKg.O&biw=1040&bih=600&um=1&ie=UTF-8&hl=en&sa=N&tab=wl
+
*''' "OWASP Risk Rating presented by OWASP Risk Rating Management" - Yoseman Putra''' ([https://slideplayer.com/slide/12574283/ Slides Online])
 +
:OWASP Risk Rating Management Project is a tool projects aim to educate user who want to assessment more than one or many web application using owasp risk rating methodologies. The project page can be visited by clicking here [[https://www.owasp.org/index.php/OWASP_Risk_Rating_Management]]
 +
*''' "Defensive Coding" - Archzilon Eshun-Davies '''  ([[Media: Defensive_Coding_Presentation_OWASP_Ghana.pdf |Slides PDF]])
 +
:A talk on defensive coding practices regardless of the language used.
 +
*''' "Open-Source Intelligence (OSINT)" - Adam Nurudini'''  ([[Media: OWASP_OSINT_Presentation.pdf |Slides PDF]])
 +
: A run down on what is OSINT, methods of data gathering via various resources, followed by a hands-on demo using open source tools.
 +
*''' "Wordpress Security" - Nii Ankrah'''  ([[Media: Niiankrah_owasp_nov_18.pdf |Slides PDF]])
 +
: Wordpress Content Management Systems has gained a lot of popularity since its initial launch thanks to its user friendliness and the vast collection of plugins and themes. It is estimated 30% of the world’s website are powered by Wordpress. Like any other web application it is important you deploy and manage properly to ensure your data is safe. Sadly this has not been the case, with over 73.2% of the most popular WordPress installations are vulnerable to vulnerabilities which can be detected using free automated tools. This talk will focus on how to deploy Wordpress safely and managing wordpress instances in a way that safeguards the application from common vulnerabilities and attacks.  
  
Reach out to British Council [email protected]
+
====SPEAKERS:====
  
Visit British Council http://www.britishcouncil.org/africa-gh-contact-us.htm
+
'''Ade Yoseman Putra (@johnleedik)'''
 +
:OWASP Jakarta Indonesia Chapter Leader, more Information about Ade can be found via his OWASP profile page by [[https://www.owasp.org/index.php/Ade_Yoseman_Putra clicking here]]
  
 +
'''Archzilon Eshun-Davies (@laudarch)'''
 +
:Arch is CISO and CEO of Tactical Intelligence Security(TAISE)
  
'''Hotels & Accommodation'''
+
'''Adam Nurudini (@Bra__Qwesi)'''
 +
: Adam Nurudini is the Lead Security Researcher @ Netwatch Technologies, project Consultant, Information Security Architects Ltd, Member, Cybersecurity Resilience Service Team and a Web Application Penetration Tester. He is also the president of the GIMPA School of Technology Students Association.
  
Visit Coconut Grove Hotel Ghana http://www.coconutgrovehotelsghana.com/regency/
+
'''Nii Ankrah (@niiankrah)'''
 +
: Nii has transitioned into information security with special interest malware analysis and helping companies achieve a good cyber security posture His engagements over the period include performing data centre and physical security reviews for clients within various industries, vulnerability assessments, application security audits and incident response.
  
Visit Alisa Hotel Ghana http://www.alisahotels.com/
+
=== Saturday, 18th August 2018 2pm-5pm ===
  
Visit HoliayInn Hotel Ghana http://www.ihg.com/holidayinn/hotels/us/en/accra/accra/hoteldetail
+
'''Location: '''Kofi Annan ICT Centre, Ridge, Accra. (Next to Ministry of Communications)
  
Visit Movenpick Hotel Ghana http://www.moevenpick-hotels.com/en/africa/ghana/accra/hotel-accra/overview/
+
'''Attendance: ''' 70 participants
 
Travel & Tourism News: Ghana makes its entry at 4th place to visit in 2013, out of 46 places to visit in 2013
 
  
 +
====TALKS:====
  
 +
*'''OWASP Introduction, Welcome and News - Ash Dastmalchi & Hassan Abudu'''
 +
:Welcome and a brief update on OWASP Projects & Events from the OWASP Ghana Chapter Leaders.
 +
*''' "Injection Attack" - Hassan Abudu'''  ([[Media: OWASP_injection_attacks.pdf |Slides PDF]])
 +
:A quick primer of injection attacks including SQL injection.
 +
*''' "Bypassing Security Restrictions , The case of CVE-2018-5955" - Adam Nurudini'''  ([[Media: OWASP Gitstack Presentation.pdf |Slides PDF]])
 +
*''' "Exploiting Server Side Template Injection with TPLMAP" - Divine Tsa'''  ([[Media: Owasp_SSTI_final.pdf |Slides PDF]])
 +
*''' "Insecure Direct Object Reference IDOR(Broken Access Control)" - Eric Biako'''  ([[Media: IDOR.pdf |Slides PDF]])
  
= Sponsors  =
+
====SPEAKERS:====
  
'''Want to sponsor this event?'''
+
'''Hassan Abudu(@hassanabudu)'''
OWASP events attract a variety of audience interested in “what’s next?” By becoming an OWASP Conference sponsor, you can increase your brand’s visibility while helping to support OWASP’S mission.
+
:Hassan Abudu is OWASP Ghana chapter co-leader. A Stanford University graduate, Hassan started the Freecodecamp in Ghana teaching students via weekly sessions various aspects of Web Development. He's also a freelance web developer and a part time artist.
  
Open Web Application Security Project (OWASP) is an open-source, not-for-profit application security organization made up of corporations, educational organizations, and individuals from around the world. Providing free, vendor-neutral, practical, cost-effective application security guidance, the organization is the de-facto standards body for web application security used by developers and organizations globally.
+
'''Adam Nurudini (@Bra__Qwesi)'''
 +
: Adam Nurudini is a web application penetration tester at Netwatch Technologies and a recent Black Hat Asia attendee.
  
Join attendees, ranging from thought leaders, security architects and developers, gather to share cutting-edge ideas, initiatives and technology advancements.
+
'''Divine Tsa (@selormofmars)'''
 +
:Divine Tsa is a cybersecurity engineer at a reputable tech company. He helps develop information security plans and policies, tests for vulnerabilities, monitors and investigates security breaches. During his 10 years experience in information technology, he has served in a variety of leadership, technical, and information security roles, including implementing the cybersecurity project in the central bank. Divine holds a bachelors degree in business administration and a post graduate diploma in IT from GIMPA.
  
• 2 day event consisting of talks and providing training
+
'''Eric Biako'''
 
+
: Eric has a Bsc in IT and a CEH v9. He's currently an Information security officer at E-connecta as well as moderator at Legal hackmen. [[Category:OWASP Chapter]] [[Category:Africa]]
• Tracks focusing on the core OWASP mission (Builder, Breaker, Defender)
 
 
 
• Keynote addresses by world renowned Industry experts
 
 
 
• Exhibit area offering solutions to your Information Technology and Information Security challenges
 
 
 
Global Reach: OWASP supports 30,000+ individual participants, more than 65 organizational and 60 academic supporters via 200 local chapters in 75+ countries across 6 continents.
 
 
 
• Access to key representatives and decision-makers from all the major industries and Government sectors
 
 
 
• World renowned speakers
 
 
 
• Conference is focused on Application and Cyber Security to provide solutions to your problems
 
 
 
• At the heart of Accra – Location, Location, Location
 
 
 
• Discounts for OWASP Corporate Supporters
 
 
 
 
 
 
 
 
 
 
 
 
 
= Schedule =
 
= Speakers =
 
 
 
'''Jim Manico:'''
 
 
 
BIO:  
 
 
 
Jim Manico is the VP of Security Architecture for WhiteHat Security, a web security firm. He authors and delivers developer security awareness training for WhiteHat Security and
 
has a 20 year history building software as a developer and architect.
 
 
 
Jim is also a global board member for the OWASP foundation where he helps drive the strategic vision for the organization. He manages and participates in several OWASP projects, including the OWASP cheat sheet series and several additional secure coding projects.
 
 
 
'''Ahmed Neil:'''
 
 
 
BIO:
 
 
 
Ahmed Neil is Delta - Egypt chapter leader, since the year 2011. Neil is passionate with everything about security. He is working hard to make Web application Security possible in Egypt.
 
 
 
Ahmed Neil has a B.A. in Management Information Systems, a diploma in Information systems, and Msc. Information Security specializing in Computer Forensics from faculty of computers and information sciences - Mansoura university- Egypt. Recently, Neil is working as a Database Consultant at Mansoura university Information Network office.
 
 
 
 
 
= Training =
 
Option 1: Building secure web applications boot camp
 
 
 
Option 2: Introduction to Digital forensics
 
 
 
 
 
At the bottom of every page
 
 
 
Join and Connect with us on: [https://www.facebook.com/pages/OWASP-Ghana/142549359285678] Facebook and [http://www.linkedin.com/groups/OWASP-Ghana-4384027?trk=myg_ugrp_ovr LinkedIn]
 
 
 
 
 
Travel & Tourism News: [http://www.nytimes.com/interactive/2013/01/10/travel/2013-places-to-go.html?_r=2& Ghana makes its entry at 4th place to visit in 2013, out of 46 places to visit in 2013]
 
 
 
Endorsers
 
 
 
Government Institutions
 
 
 
logo
 
 
 
[https://www.ghanahighcommissionuk.com/ Ghana High Commission, United Kingdom]
 
 
 
 
 
= Press =
 
 
 
'''Press'''
 
 
 
Media Companies or reporters; for more information or an interview about the event please contact Theodore Sagoe and/or Dennis Groves
 
 
 
For press enquiries and images, contact:
 
 
 
Theodore Sagoe
 
 
 
Regional Event Organizer
 
 
 
 
 
 
Mobile: 00233 (0) 246 870 267
 
 
 
Join and Connect with us on:
 
 
 
[https://www.facebook.com/pages/OWASP-Ghana/142549359285678 Facebook ]
 
 
 
 
 
[http://www.linkedin.com/groups/OWASP-Ghana-4384027?trk=myg_ugrp_ovr LinkedIn]
 
 
 
[[Image:Press_ok.pdf | Download Press Release pdf]]
 
 
 
 
 
 
 
 
 
__NOTOC__ <headertabs /> <BR>
 

Latest revision as of 11:30, 30 December 2019

OWASP Ghana

Welcome to the Ghana chapter homepage. The chapter leaders are Ash Dastmalchi and Hassan Abudu. Follow chapter news on Twitter at http://twitter.com/OWASPGhana


Participation

OWASP Foundation (Overview Slides) is a professional association of global members and is open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.

Sponsorship/Membership

Btn donate SM.gif to this chapter or become a local chapter supporter. Or consider the value of Individual, Corporate, or Academic Supporter membership. Ready to become a member? Join Now BlueIcon.JPG


Chapter Sponsors

We are currently seeking OWASP Corporate Members who would like to aligned themselves with the Ghana chapter and therefore contribute funds to our chapter. Alternatively you can be a facility/venue sponsor or a refreshments sponsors. If Interested please get in touch with the Chapter leaders.

Meeting Sponsors

The following is the list of organisations who have generously provided us with space for OWASP Ghana chapter meetings:

    Ghana Tech Lab Department of Computer Science University of Ghana GIMPA School of Technology Linux Accra User Group Logo

Chapter Volunteers

Volunteering carries many benefits including meeting great people, learning new skills, and above all – fun! We appreciate the assistance that our volunteers provide to ensure our events run smoothly. If you would like to help out for few hours with administrative tasks on the day of events, please reach out via email or twitter. The following is the list of organisation(s) who have provided us volunteers:

    Ghana Volunteer Program

Stay in Touch

Meetup-button.png Follow-us-on-twitter.png Mailchimp Logo-Horizontal Black.png

Next Meeting/Event(s)

Chapter meetings are held several times a year, typically at a location provided by our current facility sponsor.

February/March 2020 (Exact date TBC and announced)

TICKETS:

This event will be free to attend for both members and non-members of OWASP and is open to anyone interested in application security and cyber security.

Register to attend this and our future events via meetup.com Or via eventbrite.com

Code of Conduct:

We hope you enjoy our events, we care deeply about inclusivity and diversity so that OWASP is a comfortable and welcoming community for everyone. Please reach out to one of our chapter leaders if you have any feedback or would like to speak to us, we take these matters very seriously. You can find out more about our policies here: https://www.owasp.org/index.php/Governance/Conference_Policies

Speaking at OWASP Ghana Chapter Events

Call For Speakers

Call For Speakers is open - if you would like to present a 15-45 minute talk on Application / Cyber Security at future OWASP Ghana Chapter events - please review and agree with the OWASP Speaker Agreement and submit your talk/presentation via Google Forms

Google Forms.png

Please note that you can also pair up with a colleague and present a joint talk. Please ensure that your talk is objective, stresses open source approaches, and avoids references to any commercial offerings of your company. We are looking forward to your submissions

Speakers are prefered to use OWASP Presentation Template for submissions.

Past Events

Saturday 21st September 2019 10am-2pm

Location: Ghana Tech Lab, Accra Digital Lab, Ring Road West, Accra.

Attendance: 55 participants

TALKS:

  • WAF Filter 404 Not Found - Blay Safian (Slides PDF)
  • Lighting Talk on Broken Authentication: What it means, and what you can do - Hassan Abudu (Slides PDF)
  • Wireless Security and its Discontents - Boyan Lazarevski (Slides PDF)

SPEAKERS:

Blay Safian

An Electrical Engineering and Automation Degree holder and a certified Advance Penetration tester. Defcon China 2.0 attendee.

Boyan Lazarevski(@BoyanLazarevski)

Boyan is a certified IT Operations Specialist with a passion for computer hardware and cybersecurity.

Hassan Abudu(@hassanabudu)

Hassan is OWASP Ghana chapter co leader, a web developer, a teacher and a technologist in general.

CTF for Developers:

OWASP Ghana Chapter is pleased to announce the 2019 OWASP Ghana CTF Tournament for Application Developers.

CTF (Capture The Flag) is a type of computer security competition. Contestants are presented with a set of challenges and puzzles which test their creativity, technical coding (and googling) skills, and problem-solving ability. Challenges usually cover a number of categories and when solved, each yields a “flag” which is submitted to a real-time scoring service. The difficulty levels are from beginners to advanced. CTF tournaments are a great and fun way for software developers to learn a wide array of cyber security / application security skills in a safe and legal environment. Most programming languages supported. IMPORTANT: Please bring your own LAPTOP and a charger for it to this event

This CTF environment is kindly provided by Secure Code Warrior.

Saturday, 8th June 2019 10am-2pm

Location: Department of Computer Science, University of Ghana, Legon, Accra.

Attendance: 65 participants

TALKS:

  • The State of Phishing Attack Vector - Isaac Kweku Acheampong (Slides PDF)
  • Lighting Talk on HTTPS - Hassan Abudu (no slides)
  • Smart Grid IoT Security - Kwaku Sarpong Manu (Slides PDF)
  • Anatomy of a DNS Cache Poisoning Attack - Boyan Lazarevski (Slides PDF)

SPEAKERS:

Isaac Kweku Acheampong

Isaac is currently working as a Facilities Manager, holds BSc IT and Sec+ certified.

Kwaku Sarpong Manu(@_kwaku__)

Kwaku is a Graduate Computer engineering student from KNUST. Avid reader, active sportsman and student politician. He's also an student Consultant at GWCL, advising the Technology and Innovation Department.

Fabiola Amedo(@fabluzi)

Fabiola is currently working at KPMG Ghana as an IT advisory professional.

Boyan Lazarevski(@BoyanLazarevski)

Boyan is a certified IT Operations Specialist.

Saturday, 16th March 2019 10am-2pm

Location: Department of Computer Science, University of Ghana, Legon, Accra.

Attendance: 85 participants

TALKS:

  • OWASP Introduction, Welcome and News - Ash Dastmalchi (Slides PDF)
Welcome and a brief update on OWASP Projects & Events from the OWASP Ghana Chapter Leader.
  • Your web server has been hacked now what? by Archzilon Eshun-Davies (Slides PDF)
A walk through on what to look out for after a web server has been hacked by analysing the logs and how to prevent future hacks.
  • Cross-Site Scripting Attacks (XSS) by Adam Nurudini (Slides PDF)
Intro to XSS, how it works, what it affects and how to prevent it along with a live demo.
  • OWASP Juice Shop Project video presentation by Bjoern Kimminich (Youtube.com)
A playback of recording from OWASP BeNeLux-Days 2018 giving a complete introduction to the OWASP Juice Shop including a live demonstration of the application and how to hack it.

SPEAKERS:

Adam Nurudini (@Bra__Qwesi)

Adam Nurudini is the Lead Security Researcher @ Netwatch Technologies, project Consultant, Information Security Architects Ltd, Member, Cybersecurity Resilience Service Team and a Web Application Penetration Tester. He is also the president of the GIMPA School of Technology Students Association and Black Hat Attendee.

Archzilon Eshun-Davies (@laudarch)

Arch is CISO and CEO of Tactical Intelligence Security(TAISE)

Bjoern Kimminich (@bkimminich)

OWASP [Juice Shop Project] Leader, more Information about Bjoern can be found via his OWASP profile page by [clicking here]

Saturday, 24th November 2018 2pm-5pm

Location: GIMPA School of Technology, Greenhill, Accra. (Legon Bypass)

Attendance: 120 participants

TALKS:

  • OWASP Introduction, Welcome and News - Ash Dastmalchi
Welcome and a brief update on OWASP Projects & Events from the OWASP Ghana Chapter Leader.
  • "OWASP Risk Rating presented by OWASP Risk Rating Management" - Yoseman Putra (Slides Online)
OWASP Risk Rating Management Project is a tool projects aim to educate user who want to assessment more than one or many web application using owasp risk rating methodologies. The project page can be visited by clicking here [[1]]
  • "Defensive Coding" - Archzilon Eshun-Davies (Slides PDF)
A talk on defensive coding practices regardless of the language used.
  • "Open-Source Intelligence (OSINT)" - Adam Nurudini (Slides PDF)
A run down on what is OSINT, methods of data gathering via various resources, followed by a hands-on demo using open source tools.
Wordpress Content Management Systems has gained a lot of popularity since its initial launch thanks to its user friendliness and the vast collection of plugins and themes. It is estimated 30% of the world’s website are powered by Wordpress. Like any other web application it is important you deploy and manage properly to ensure your data is safe. Sadly this has not been the case, with over 73.2% of the most popular WordPress installations are vulnerable to vulnerabilities which can be detected using free automated tools. This talk will focus on how to deploy Wordpress safely and managing wordpress instances in a way that safeguards the application from common vulnerabilities and attacks.

SPEAKERS:

Ade Yoseman Putra (@johnleedik)

OWASP Jakarta Indonesia Chapter Leader, more Information about Ade can be found via his OWASP profile page by [clicking here]

Archzilon Eshun-Davies (@laudarch)

Arch is CISO and CEO of Tactical Intelligence Security(TAISE)

Adam Nurudini (@Bra__Qwesi)

Adam Nurudini is the Lead Security Researcher @ Netwatch Technologies, project Consultant, Information Security Architects Ltd, Member, Cybersecurity Resilience Service Team and a Web Application Penetration Tester. He is also the president of the GIMPA School of Technology Students Association.

Nii Ankrah (@niiankrah)

Nii has transitioned into information security with special interest malware analysis and helping companies achieve a good cyber security posture His engagements over the period include performing data centre and physical security reviews for clients within various industries, vulnerability assessments, application security audits and incident response.

Saturday, 18th August 2018 2pm-5pm

Location: Kofi Annan ICT Centre, Ridge, Accra. (Next to Ministry of Communications)

Attendance: 70 participants

TALKS:

  • OWASP Introduction, Welcome and News - Ash Dastmalchi & Hassan Abudu
Welcome and a brief update on OWASP Projects & Events from the OWASP Ghana Chapter Leaders.
A quick primer of injection attacks including SQL injection.
  • "Bypassing Security Restrictions , The case of CVE-2018-5955" - Adam Nurudini (Slides PDF)
  • "Exploiting Server Side Template Injection with TPLMAP" - Divine Tsa (Slides PDF)
  • "Insecure Direct Object Reference IDOR(Broken Access Control)" - Eric Biako (Slides PDF)

SPEAKERS:

Hassan Abudu(@hassanabudu)

Hassan Abudu is OWASP Ghana chapter co-leader. A Stanford University graduate, Hassan started the Freecodecamp in Ghana teaching students via weekly sessions various aspects of Web Development. He's also a freelance web developer and a part time artist.

Adam Nurudini (@Bra__Qwesi)

Adam Nurudini is a web application penetration tester at Netwatch Technologies and a recent Black Hat Asia attendee.

Divine Tsa (@selormofmars)

Divine Tsa is a cybersecurity engineer at a reputable tech company. He helps develop information security plans and policies, tests for vulnerabilities, monitors and investigates security breaches. During his 10 years experience in information technology, he has served in a variety of leadership, technical, and information security roles, including implementing the cybersecurity project in the central bank. Divine holds a bachelors degree in business administration and a post graduate diploma in IT from GIMPA.

Eric Biako

Eric has a Bsc in IT and a CEH v9. He's currently an Information security officer at E-connecta as well as moderator at Legal hackmen.