This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Morocco

From OWASP
Revision as of 22:35, 18 November 2015 by Nwhysel (talk | contribs) (Adding second leader, Hamza Waraki)

Jump to: navigation, search

OWASP Morocco Presentation

OWASP Morocco

Welcome to the Morocco chapter homepage. The chapter leader is Azzeddine RAMRAMI and Hamza WARAKI


Participation

OWASP Foundation (Overview Slides) is a professional association of global members and is open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.

Sponsorship/Membership

Btn donate SM.gif to this chapter or become a local chapter supporter. Or consider the value of Individual, Corporate, or Academic Supporter membership. Ready to become a member? Join Now BlueIcon.JPG


Contacts et Propositions de Présentations/Contributions

  • Azzeddine RAMRAMI et les membres du board du Chapitre Marocain sont à votre disposition si vous souhaitez des informations sur l'OWASP ainsi que sur la Sécurité des Applications Web.

Entreprises, Individuels, Monde Académique, Sponsors, Supports, tout le monde est bienvenu à l'OWASP.

Pour les Entreprises souhaitant adhérer à l'OWASP, le montant de l'adhésion annuelle de $5000 US (dont 40% est reversé au Chapitre de votre choix) est 100% déductible!

Les fonds collectés servent à organiser les meetings du Chapitre Marocain, mais aussi et surtout à construire et organiser avec vous une approche spécifique en fonction de vos souhaits (sessions de sensibilisation, meetings internes, interventions de Speakers, etc.). Tout cela peut être discuté avec le Chapitre Marocain et acté conjointement avec vous si vous souhaitez adhérer à l'OWASP.

N'hésitez pas à nous solliciter si vous souhaitez discuter d'un sujet particulier, ou si vous souhaitez effectuer une présentation lors d'un meeting du Chapitre Marocain.

Amis de la Presse écrite et du Multimédia, n'hésitez pas à faire appel à nous si vous souhaitez notre concours pour vos articles et reportages, vous êtes les bienvenus et nous en serions honorés. Nous avons nous aussi besoin de vous.

Moi et le board du Chapitre Marocain restons modestes dans notre approche, mais nous souhaitons vraiment que le Chapitre OWASP Maroc devienne un de vos contacts de référence.


Scope of the board is to discuss and approve local activities, meetings and plans.

In alphabetical order:


OWASP Training Day : Java Secure Coding Course - Session 5 - March 14th, 2015 - at Ecole Vinci Rabat/Morocco

  • MAIN PRESENTERS: Azzeddine RAMRAMI: OWASP Leader
  • ABSTRACT: During this training class Azzeddine RAMRAMI will teach a Java Secure Coding. This training is free of charge and open to all
  • WHEN: March 14th, 2015
  • WHERE: Ecole Vinci Rabat/Morocco;
  • FEES: Course is free of charge. Nb of seat limited to 50 per class
  • SPONSORS: Sponsor are welcome to support this event, please contact the Chapter Leader Azzeddine RAMRAMI
  • -----------------------------------------------
  • AGENDA: Oracle CERT Java Secure Coding:;
  1. 00. Input Validation and Data Sanitization (IDS)
    1. IDS00-J. Sanitize untrusted data passed across a trust boundary
    2. IDS01-J. Normalize strings before validating them
    3. IDS02-J. Canonicalize path names before validating them
    4. IDS03-J. Do not log unsanitized user input
    5. IDS04-J. Safely extract files from ZipInputStream
    6. IDS05-J. Use a subset of ASCII for file and path names
    7. IDS06-J. Exclude user input from format strings
    8. IDS07-J. Do not pass untrusted, unsanitized data to the Runtime. exec() method
    9. IDS08-J. Sanitize untrusted data passed to a regex
    10. IDS09-J. Do not use locale-dependent methods on locale-dependent data without specifying the appropriate locale
    11. IDS10-J. Do not split characters between two data structures
    12. IDS11-J. Eliminate non character code points before validation
    13. IDS12-J. Perform lossless conversion of String data between differing character encodings
    14. IDS13-J. Use compatible encodings on both sides of file or network IO
  2. 01. Declarations and Initialization (DCL)
  3. 02. Expressions (EXP)
  4. 03. Numeric Types and Operations (NUM)
  5. 04. Object Orientation (OBJ)
  6. 05. Methods (MET)
  7. 06. Exceptional Behavior (ERR)
  8. 07. Visibility and Atomicity (VNA)
  9. 08. Locking (LCK)
  10. 09. Thread APIs (THI)
  11. 10. Thread Pools (TPS)
  12. 11. Thread-Safety Miscellaneous (TSM)
  13. 12. Input Output (FIO)
  14. 14. Platform Security (SEC)
  15. 15. Runtime Environment (ENV)
  16. 16. Serialization (SER)
  17. 49. Miscellaneous (MSC)
  • Optional: Please BYOD if you want to participate to PoC, Hands-on and Demo


We need your help, Call for additional sponsors We need sponsors for meeting room, flight cost, hotel accomodations. Please contact the Chapter Leader on how to apply.

Volonteer are encouraged to join OWASP Morocco Chapter. Please contact the Chapter Leader Azzeddine RAMRAMI

2015-03-14 : VINCI school at Rabat provide as with a large room for our seminars. Thanks to the President of VINCI Mr Amine RACHDI

2014-06-22 : MoroccoJUG (Morocco Java User Group) and OWASP Morocco organised a new Java Secure Coding session at Centre Eclipse Casablanca. See http://www.meetup.com/MoroccoJUG/

2012-05-02 : VINCI school at Rabat provide as with a large room for our seminars. Thanks to the President of VINCI Mr Amine RACHDI

2010-12-26 : INSEC (Information Security Club)is planing on 16th of April 2011 the first edition of "Moroccan Cyber Security Challenge". A challenge that will gather teams from 14 engineering schools in Morocco interested to information security and assurance. OWASP will be present in this events.

2010-12-24 : First meeting preparation in Morocco in Rabat or Casablanca

2010-12-24 : Modification of Morocco Local Chapter Wiki

2010-12-24 : Azzeddine RAMRAMI is co-leader for Morocco local chapter. Welcome!


OWASP Training Day : Web Application Security Course - Secure Coding Techniques - March 28th, 2013 - at Rabat/Morocco

  • MAIN PRESENTERS: Azzeddine RAMRAMI: OWASP Leader
  • ABSTRACT: During this training class Azzeddine RAMRAMI and two other OWASP Volunteers will present a Web Application Security and Secure Coding based on Java and PHP Security, .NET Security and Web 2.0 Botnets.
  • WHEN: March 28th, 2013
  • WHERE: VINCI Ecole Supérieure Rabat/Morocco see VINCI Ecole Supérieure Rabat

10,Rue Al Yamama (Aproximité de la gare Rabat-Ville), Rabat - Tél: 05 37 70 69 05 - E-mail: [email protected]

  • REGISTRATION:

At AXEL TELECOM (Axel Telecom) or at VINCI (VINCI Ecole Supérieure)

  • FEES: Course is free of charge. Nb of seat limited to 25 per class
  • SPONSORS: Sponsor are welcome to support this event, please contact the Chapter Leader Azzeddine RAMRAMI
  • AGENDA: OWASP Seminars
  • -----------------------------------------------
  • Opening Session : OWASP Presentation and Introduction - 9:30am to 10am - Seat : No Limit
  • Session 1: Secure Coding Technique - Technical Course - 10am to 5pm - Seat : 25
  • Session 2: Resilient C&C Botnets Using Web 2.0 Technologies - Presentation, PoC and Demo - 10am to 5pm - Seat : 25
  • Session 3: Secure Coding Cryptograhy Crash Course - Theory 10am à 12am - Seat : 25
  • Session 3: Secure Coding Cryptograhy Crash Course - Hands-On 2pm à 5pm - Seat : 25
  • -----------------------------------------------
  • Optional: Please BYOD if you want to participate to PoC, Hands-on and Demo


OWASP Training Day : Web Application Security Course - Secure Coding Techniques - March 28th, 2013 - at Rabat/Morocco

  • MAIN PRESENTERS: Azzeddine RAMRAMI: OWASP Leader
  • ABSTRACT: During this training class Azzeddine RAMRAMI and two other OWASP Volunteers will present a Web Application Security and Secure Coding based on Java and PHP Security, .NET Security and Web 2.0 Botnets.
  • WHEN: March 28th, 2013
  • WHERE: VINCI Ecole Supérieure Rabat/Morocco see VINCI Ecole Supérieure Rabat

10,Rue Al Yamama (Aproximité de la gare Rabat-Ville), Rabat - Tél: 05 37 70 69 05 - E-mail: [email protected]

  • REGISTRATION:

At AXEL TELECOM (Axel Telecom) or at VINCI (VINCI Ecole Supérieure)

  • FEES: Course is free of charge. Nb of seat limited to 25 per class
  • SPONSORS: Sponsor are welcome to support this event, please contact the Chapter Leader Azzeddine RAMRAMI
  • AGENDA: OWASP Seminars
  • -----------------------------------------------
  • Opening Session : OWASP Presentation and Introduction - 9:30am to 10am - Seat : No Limit
  • Session 1: Secure Coding Technique - Technical Course - 10am to 5pm - Seat : 25
  • Session 2: Resilient C&C Botnets Using Web 2.0 Technologies - Presentation, PoC and Demo - 10am to 5pm - Seat : 25
  • Session 3: Secure Coding Cryptograhy Crash Course - Theory 10am à 12am - Seat : 25
  • Session 3: Secure Coding Cryptograhy Crash Course - Hands-On 2pm à 5pm - Seat : 25
  • -----------------------------------------------
  • Optional: Please BYOD if you want to participate to PoC, Hands-on and Demo

Web Application Security Seminar - May 18th, 2012 - at VINCI School Rabat/Morocco

  • MAIN PRESENTERS: Azzeddine RAMRAMI: OWASP Leader, Hamza WARAKI: Pôle Sécurité PenTest OWASP Morocco, Tarif EL AOUADI from Lexi and Intissar from VINCI
  • ABSTRACT: During this seminars Azzeddine RAMRAMI will present a complete Architecture Security Framework to implement Web Application Security the IT landscape. Hamza WARAKI will present how to conduct an OWASP Web Application PenTesting. OWASP activity and spirit will be presented in this event.
  • WHEN: May 18th, 2012
  • WHERE: VINCI Ecole Supérieure Rabat/Morocco see VINCI Ecole Supérieure Rabat

10,Rue Al Yamama (Aproximité de la gare Rabat-Ville), Rabat - Tél: 05 37 70 69 05 - E-mail: [email protected]

  • REGISTRATION:

At AXEL TELECOM (Axel Telecom) or at VINCI (VINCI Ecole Supérieure)

  • PROGRAM:

09:00-09:30 Welcome
09:30-09:45 OWASP Presentation ( Azzeddine RAMRAMI )
09:45-10:00 Security Awarnasse ( Tarik EL AOUADI )
10:00-10:30 OSSTMM v3.0 a PenTest Methodlogy - Overview ( Intissar EL MEZROUI )
10:30-10:45 PAUSE
10:45-11:30 How to conduct a Web Application Pen Testing ( Hamza WARRAKI)
11:30-12:00 OWASP WebGoat & Attack Example (A virtual Hacking Environnement) (Nawfal Makdad )
12:00-14:30 PRIERE DE VENDREDI
14:30-15:30 OWASP WebGoat & Attack Example (A virtual Hacking Environnement) (Nawfal Makdad )
15:30-16:15 Smartphone Security (Tarik EL OUADI)
16:15-16:30 PAUSE
16:30-17:00 Smartphone Security (Tarik EL AOUADI)
17:00-17:45 Writing Secure Code : Java Principles ( Azzeddine RAMRAMI )
17:45-18:00 Questions & Answers



Ethical Hacking LiveCD

To be posted after the first meeting

Downloads

Papers and Articles

Retrieved from "https://wiki.owasp.org/index.php?title=Morocco&oldid=203560"