[Owasp-kerala] Summary of OWASP-Kerala meeting on Jan 10, 2010
deepu.joseph1 at gmail.com
Wed Jan 13 06:16:42 EST 2010
OWASP Kerala conducted its monthly meeting on Jan 10th, 2010 at Cyber Prizm,
Cochin. The turnout for the meeting was lower than usual, probably because
we skipped a meeting during the month of December due to problems in getting
a convenient date and venue. The following is a brief summary of the
The session for the day was on "Client side security vulnerability", and was
handled by Binny V A, an independent web developer on the LAMP platform. The
talk focused on Cross site scripting issues and CSRF flaws in websites.
Binny explained the various types of XSS exploits, with code demonstrations
of the same. A demonstration of session hijacking via cookies through XSS
was also conducted. Binny concluded with an explanation of the "Mikeyy" worm
and how it exploited an XSS vulnerability on Twitter.
Manu Zacahria later introduced the recently released Matriux security
distribution to the attendees. A Live CD project, Matriux helps to turn any
system into a powerful penetration testing toolkit. It also includes a set
of computer forensics and data recovery tools that can be used for forensic
analysis, investigations and data retrieval. Matriux is available for
download at http://matriux.com/.
The next OWASP meet is scheduled for the 14th of February. Looking forward
to more participation in the upcoming meetings!
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Owasp-Kerala