This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Los Angeles"
m (Adding the meeting information for July) |
|||
| Line 3: | Line 3: | ||
== Local News == | == Local News == | ||
| − | + | Please follow @appsec2010 for the latest updates on AppSec USA 2010 conference. | |
| − | + | http://www.AppSecUSA.org | |
== Next Chapter Meeting: Wednesday, July 21, 2010 from 7:30 PM - 9:30 PM (PT) == | == Next Chapter Meeting: Wednesday, July 21, 2010 from 7:30 PM - 9:30 PM (PT) == | ||
| Line 14: | Line 14: | ||
900 Corporate Pointe | 900 Corporate Pointe | ||
Culver City, CA 90230</pre> | Culver City, CA 90230</pre> | ||
| − | Please RSVP via Eventbrite([http://owaspla.eventbrite.com/ http://owaspla.eventbrite.com/]) | + | Please RSVP via Eventbrite ([http://owaspla.eventbrite.com/ http://owaspla.eventbrite.com/]) |
| − | <br> | + | <br>Complimentary dinner will be served. |
| + | |||
| + | <br>This meeting is sponsored by Citrix Systems (http://www.lacitrix.com/). | ||
<br>'''Description:'''<br>This includes using HTML5 client-side XSS (without XSS hitting the server!), and my newly discovered attacks on PHP session hijacking and random numbers (accurately guessing PHP session cookies), browser protocol confusion (turning a browser into an SMTP server), firewall and NAT penetration via Javascript (turning your router against you), remote iPhone Google Maps hijacking (iPhone penetration combined with HTTP man-in-the-middle), extracting extremely accurate geolocation information from a web browser (not using IP geolocation), and more. | <br>'''Description:'''<br>This includes using HTML5 client-side XSS (without XSS hitting the server!), and my newly discovered attacks on PHP session hijacking and random numbers (accurately guessing PHP session cookies), browser protocol confusion (turning a browser into an SMTP server), firewall and NAT penetration via Javascript (turning your router against you), remote iPhone Google Maps hijacking (iPhone penetration combined with HTTP man-in-the-middle), extracting extremely accurate geolocation information from a web browser (not using IP geolocation), and more. | ||
Revision as of 02:27, 11 July 2010
<paypal>LosAngeles</paypal>
Local News
Please follow @appsec2010 for the latest updates on AppSec USA 2010 conference.
Next Chapter Meeting: Wednesday, July 21, 2010 from 7:30 PM - 9:30 PM (PT)
How I Met Your Girlfriend: Entirely New Classes of Web Attacks
Meeting Location Symantec Corporation 900 Corporate Pointe Culver City, CA 90230
Please RSVP via Eventbrite (http://owaspla.eventbrite.com/)
Complimentary dinner will be served.
This meeting is sponsored by Citrix Systems (http://www.lacitrix.com/).
Description:
This includes using HTML5 client-side XSS (without XSS hitting the server!), and my newly discovered attacks on PHP session hijacking and random numbers (accurately guessing PHP session cookies), browser protocol confusion (turning a browser into an SMTP server), firewall and NAT penetration via Javascript (turning your router against you), remote iPhone Google Maps hijacking (iPhone penetration combined with HTTP man-in-the-middle), extracting extremely accurate geolocation information from a web browser (not using IP geolocation), and more.
Speaker:
Samy Kamkar is best known for the Samy worm, the first XSS worm, infecting over one million users on MySpace in less than 24 hours. A co-founder of Fonality, Inc., an IP PBX company, Samy previously led the development of all top-level domain name server software and systems for Global Domains International (.ws), and worked for Penn State University developing AI-based psychometric personality assessment software.
In the past 10 years, Samy has focused on evolutionary and genetic algorithmic software development, Voice over IP software development, automated security and vulnerability research in network security, reverse engineering, and network gaming. When not strapped behind the Matrix, Samy can be found stunt driving, getting involved in local community service projects, and continuing his focus on staying out of jail.
Would you like to speak at an OWASP Los Angeles Meeting?
Call for Papers (CFP) is NOW OPEN. To speak at upcoming OWASP Los Angeles meetings please submit your BIO and talk abstract via email to Tin Zaw. When we accept your talk, it will be required to use the Powerpoint OWASP Template.
Archives of Previous Meetings
A list of previous presentations conducted at the Los Angeles Chapter can be found here.
Los Angeles Chapter
- Tin Zaw -- Chapter Leader and Chair
- Cassio Goldschmidt -- Board Member
- Richard Greenberg -- Board Member
