[Owasp-boston] OWASP Boston April Mtg Tomorrow - 4/1 6:30
Jim.Weiler at starwoodhotels.com
Tue Mar 31 09:25:11 EDT 2009
Date - Wed. April 1
Topic - Breaking Browsers
* Browser attack vendors
* How can browsers be properly secured
* The future of the web - browser vulnerabilities and attacks
* traditional web based attacks
* attacking the browser itself.
* attacking the plugins
* attacking a standard
Josh will demo -
BeEF (Browser Exploitation Framework) setup/ plugin
detection and JS autorun
BeEF exploiting MS09-002
adobe util_printf xml_corruption
Java Applet with Meterpreter payload
Speaker - Joshua D. Abraham - Security Consultant - Rapid7
Josh joined Rapid7 in 2006 as a Security Consultant. Josh has extensive
IT Security and Auditing experience and worked as an
enterprise risk assessment analyst for Hasbro Corporation. Josh
specializes in penetration testing, web application security
assessments, wireless security assessments, and custom code development.
In the past, he has spoken at Infosec World, ShmooCon, LinuxWorld,
Comdex and the Boston Linux User Group. In his spare time, he
contributes code to open source
security projects such as the BackTrack LiveCD, Nikto, Fierce, and PBNJ.
Location and Directions -
Microsoft offices at the Waltham Weston Corporate Center, 201 Jones Rd.,
Sixth Floor Waltham, MA
>From Rt. 128 North take exit 26 toward Waltham, East up the hill on Rt.
20. From Rt 128 South take exit 26 but go around the rotary to get to 20
East to Waltham. Follow signs for Rt. 117 (left at the second light).
When you get to 117 turn left (West). You will cross back over Rt. 128.
Jones Rd. (look for the Waltham Weston Corporate Center sign) is the
second left, at a blinking yellow light, on Rt. 117 going west about 0.1
miles from Rt. 128 (I95). The office building is at the bottom of Jones
Rd. Best parking is to turn right just before the building and park in
the back. Knock on the door to get the security guard to open it. The
room is MPR C.
Jim Weiler CISSP
Starwood Hotels and Resorts
Sr. Mgr. Information Security Risk Assessment
Office - 781 356 0067
Cell - 781 654 6048
This electronic message transmission contains information from the Company that may be proprietary, confidential and/or privileged.
The information is intended only for the use of the individual(s) or entity named above. If you are not the intended recipient, be
aware that any disclosure, copying or distribution or use of the contents of this information is prohibited. If you have received
this electronic transmission in error, please notify the sender immediately by replying to the address listed in the "From:" field.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Owasp-boston