[OWASP-Bangalore] Fwd: May 12 OWASP Connector

Akash Mahajan akash.mahajan at owasp.org
Fri May 23 05:28:26 UTC 2014


---------- Forwarded message ----------
From: The OWASP Foundation <The_OWASP_Foundation at mail.vresp.com>
Date: 13 May 2014 03:16
Subject: May 12 OWASP Connector
To: akash.mahajan at owasp.org

  [image: OWASP Global Connector]

May 12, 2014 | |
Brought to you by the OWASP Foundation
   [image: owasp projects]  Featured OWASP Project

OWASP Bricks<http://cts.vresp.com/c/?TheOWASPFoundation/ed8328d802/0307c7c15a/0a3133320f>

OWASP Bricks is a deliberately vulnerable web application built on PHP &
MySQL focuses on variations of commonly seen application security
vulnerabilities & exploits, which can be exploited using tools like Mantra
and ZAP. OWASP Bricks provides a platform for learning web application
security and a test bed for analyzing the performance of web application
security scanners.

For more information, please contact the Project Leader, Abhi Balakrishnan
New OWASP Projects

OWASP Code Pulse 2.0

The OWASP Code Pulse team is proud to announce version 1.0 of their
real-time coverage tool! Are you a penetration tester or a user of tools
like ZAP? Then we think we have something that is going to make your life
as a pen-tester easier. Code Pulse is a real-time code coverage tool that
lets you visually see coverage gaps in your testing activity. To find out
more about it and to download it please visit Code

For more information, please contact the Project Leader, Hassan
Radwan.<Hassan.Radwan at owasp.org>
Project Announcements

Open Source Showcase

The AppSec EU Conference Team is happy to announce that there will be ten
projects participating in this year’s Open Source Showcase at AppSec EU
this summer. The Open Source Showcase is an unique event module that allows
project leaders and/or project contributors to showcase their work in a
demo setting and gain exposure for their projects without to conduct a full
session. The Showcase affords a more personal view of project between

Throughout the conference, these project will be demoing at the Open Source
Showcase space within the conference venue. Join us at the Open Source
Showcase June 23-26. Demo times to be announced closer to the conference.

See you in Cambridge!

Below is a list of all the participating projects.

ByWaf is a web application penetration testing framework (WAPTF). It
consists of a command-line interpreter and a set of plugins.

OWASP Python Security
Python Security aims at creating a hardened version of python that
it easier for security professionals and developers to write applications
more resilient to attacks and manipulations.

OWASP Ninja PingU
is a high performance network scanner tool for large scale analyses.
has been designed with performance as its primary goal and developed as a
framework to allow easy plugin integration.

OWASP PCI Toolkit<http://cts.vresp.com/c/?TheOWASPFoundation/ed8328d802/0307c7c15a/e537546277>-
OWASP PCI toolkit is a c# Windows form project, that will help you to
scope the PCI-DSS requirements for your System Components. Beta version of
this tool will be released May 2014.

WPScan is a black box WordPress vulnerability scanner.

OWASP Hackademic Challenges
The Hackademic Challenges implement realistic scenarios with known
vulnerabilities in a safe, controllable environment. Users can attempt to
discover and exploit these vulnerabilities in order to learn important
concepts of information security through the attacker's perspective.
Currently, there are 10 web application security scenarios available.

OWASP OWTF<http://cts.vresp.com/c/?TheOWASPFoundation/ed8328d802/0307c7c15a/b3c569852f>-
OWASP OWTF is an OWASP+PTES-focused try to unite great tools and make
testing more efficient.

OWASP WTE<http://cts.vresp.com/c/?TheOWASPFoundation/ed8328d802/0307c7c15a/8890b6746c>-
The OWASP WTE project is an enhancement of the original OWASP Live CD
Project and expands the offering from a static Live CD ISO image to a
collection of sub-projects. Its primary goal is to make application
security tools and documentation easily available and easy to use.

OWASP ZAP<http://cts.vresp.com/c/?TheOWASPFoundation/ed8328d802/0307c7c15a/8016cd44ff>-
The Zed Attack Proxy (ZAP) is an easy to use integrated penetration
testing tool for finding vulnerabilities in web applications. It is
designed to be used by people with a wide range of security experience and
as such is ideal for developers and functional testers who are new to
penetration testing. ZAP provides automated scanners as well as a set of
tools that allow you to find security vulnerabilities manually.

is a software vulnerability aggregation and management system that helps
organizations aggregate vulnerability data, generate virtual patches, and
interact with software defect tracking systems.

Project Summit

We are just a little over a month away from AppSec EU and the 2014 Project
Summit. So far we have some great projects signed up to participate, but we
need more projects participating. The Project Summit is a fantastic
opportunity to workshop your project and gather new volunteers for your
project. The Project Summit will be taking place June 23-24 Anglia Ruskin
University in Cambridge, UK and is free and open to the Community. You do
not need a conference pass to attend the Project Summit. Don’t have a
project? No problem, we can still use your help at the Project Summit. Sign
up to participate in the Project Summit by contacting Samantha
Groves<samantha.groves at owasp.org>or Kait
disney-Leugers <kait.disney.leugers at owasp.org>
      [image: membership]  Thank you to our newest Corporate Member: Moki

Honorary Membership applications now being accepted.

Be sure to review the
Honorary Membership before you
submit your form<http://cts.vresp.com/c/?TheOWASPFoundation/ed8328d802/0307c7c15a/2d9c5ba2cd>.
Deadline for Honorary Membership is September 30, 2014 **Please note:
Chapters and Projects MUST be active. Your leadership position MUST be on
file prior to September 30, 2014 in order to be eligible for 2014 Honorary
Membership. ALL qualified individuals MUST apply for Honorary Membership in
order to vote by completing the Honorary Membership
.    [image: conferences]  Global AppSec Events in 2014

LATAM Tour Wrap

Congratulations to all of the chapter leaders and organizers who
participated in the 2014 LATAM Tour

The tour resulted in

   - Organized events in 7 countries
   - Over 650 attendees
   - 8 sponsors, and
   - 16 educational and community supporters

AppSec EU 2014 (June 23 - 26, Cambridge,

   - Keynotes announced! Lorenzo Cavallaro, Tobias Gondrom, Dr. Steven J.
   Murdoch, Wendy Seltzer, and Jacob West
   - A few sponsorship are still
   - Training details are
   - Registration is now

AppSec USA 2014 (September 16 - 19, Denver,

   - Keynotes announced! Steve Crusenberry, Gary McGraw, and Bruce Schneier
   - Sponsorship opportunities are still
   - Member Event
   - Public Registration<http://cts.vresp.com/c/?TheOWASPFoundation/ed8328d802/0307c7c15a/afb1427d6e/id=a2oU0000000LJBkIAO>

Upcoming Regional Events

LASCON 2014 (October 21 - 24, Austin,

Keynotes confirmed include: Kelley Misata (Director Of Outreach and
Communications, The Tor Project), Jeff Williams (CTO, Contrast Security),
Zane Lackey (Founder/CSO @ signal sciences), Marcus Carey, and Chris
Partner and Promotional Events

OWASP has partnered with these great events in beginning of 2014 to grow
our community and build awareness around software security. If you want to
learn more about OWASP's involvement or will be attending and want to help
out contact us<http://cts.vresp.com/c/?TheOWASPFoundation/ed8328d802/0307c7c15a/ff447e9749>

Hacker's IDOL - A Cyber Safety Campaign, April 1-October 17, India.

Information Security Media Group,
Summit, May 14, Chicago IL, Discount code for OWASP Members:

ISSA-LA Security
May 16, Universal City, CA. OWASP Members receive a 25% discount with the
code: Ow at spIssaLA25

Suits & Spooks <http://spooks.wpengine.com/new-york-2014/>, June 20-21, NY,

2-7, Las Vegas, NV. OWASP Members receive $200 off BH briefings with
code: owaBR200off.

BSides LV<http://cts.vresp.com/c/?TheOWASPFoundation/ed8328d802/0307c7c15a/97d320e9c7>,
August 5-6, Las Vegas, NV.

EC-Council TakeDown
August 14-19, Huntsville, AL.

EC-Council Hacker Halted, October 12-17, Atlanta,

Suits & Spooks<http://cts.vresp.com/c/?TheOWASPFoundation/ed8328d802/0307c7c15a/0170141d1a>,
December 14, Singapore.
National Cyber Security Awareness Month

Each and every one of us needs to do our part to make sure that our online
lives are kept safe and secure. That's what National Cyber Security
Awareness Month—observed in October —is all about! Join OWASP on this
important effort. To learn more, please visit: Stay Safe

  [image: Social Media]  OWASP Foundation Social Media



Google +<http://cts.vresp.com/c/?TheOWASPFoundation/ed8328d802/0307c7c15a/24360b4452>



        [image: education]  [image: webinar globe] OWASP Global Webinar

Thursday, April 24th at 10AM EST

Join us for this month’s OWASP Project Webinar lead by Project Leader
Jonathan Carter. Jonathan will be explaining his project OWASP Reverse
Engineering and Code Modification

OWASP Reverse Engineering and Code Modification Project educates security
professionals about the risks of reverse engineering and how to ensure that
code cannot be reverse engineered or modified.

Register for the 10 am EST Presentation

Register for the 9 pm EST Presentation

   [image: communication]  2014 Global Board of Directors Election

Each year The OWASP Foundation holds its annual Global Board of Directors
election. This October, OWASP members will be voting to fill 3 of the 7
seats available. If you are interested in learning more about the election
and what the requirements are to run for a seat, please visit our 2014
Board Elections
Our Call for Candidates is now open! Please submit your candidacy
Call for Candidates will close August 15, 2014.

During the candidates recorded interview, each candidate will be asked a
series of questions provided by our OWASP Community. Anyone can submit a
question(s), vote up or vote down existing questions. The top 5 to 6
questions will then be used for each candidate’s interview. If you have a
question you would like to submit, please do so
Deadline to submit your question is August 25, 2014.

For a complete Election Time line, Click
Bi-Weekly Community Call

Bi-Weekly OWASP Town Hall meetings have been started by Michael Coates. The
next one is scheduled for May 20th at 9am Pacific time.

If you have any updates or announcements regarding OWASP that you would
like to share with the world, please add it to the wiki

The meetings are held using google hangouts and live broadcast. They are
always recorded and publicly posted via YouTube

This is NOT a slide presentation. Items posted on the wiki will be
discussed, and questions will be accepted over twitter or hang out chat.

Check out the updates and announcements from May
OWASP Projects Framework - INPUT REQUESTED

After many discussions over the current OWASP Project Program model, the
Board of Directors have agreed to change the direction of OWASP Projects.
We would like to give the community an opportunity to voice their opinion,
and help us decide how to move projects forward.

We want leaders to comment and debate various project program models to
help us better serve you, the OWASP community.

Please review the project program
2014 OWASP Annual Report is completed

Click here<http://cts.vresp.com/c/?TheOWASPFoundation/ed8328d802/0307c7c15a/bd03c1f03f>to
view the Report
Just for Fun

Congratulations to Dusty Evanoff who was the first person to solve last
week's challenge: *The answer is 100 miles. (Vowels worth 300, consonants
worth -100.)*

Click here to view last issue's

*This puzzle is a short but really tricky one. Good Luck*

>From a book, a number of consecutive pages are missing. The sum of the page
numbers of these pages is 9808. Which pages are missing?

Send your answers to our comment desk <support at owasp.org> for a chance to
win a prize. Winners will be announced in the next connector.

  Click to view this email in a

If you no longer wish to receive these emails, please reply to this message
with "Unsubscribe" in the subject line or simply click on the following
link: Unsubscribe <http://cts.vresp.com/u?ed8328d802/0307c7c15a/mlpftw>
  The OWASP Foundation
1200-C Agora Drive
Bel Air, Maryland 21014

Read <http://www.verticalresponse.com/content/pm_policy.html> the
VerticalResponse marketing policy.
  [image: Non-Profits Email Free with VerticalResponse!]

Warm regards,
Akash Mahajan

*That Web Application Security Guy* | +91 99 805 271 82
akashm.com | *@makash* on twitter | linkd.in/webappsecguy
*OWASP Bangalore Chapter Lead | null Community Manager*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-bangalore/attachments/20140523/403f344b/attachment-0001.html>

More information about the OWASP-Bangalore mailing list