[Owasp-boston] OWASP RI: April 16, 6:30 pm, Broken Web Apps Project
patrick.laverty at owasp.org
Mon Apr 14 15:37:23 UTC 2014
Just a final reminder that we have the OWASP Rhode Island meeting this
Wednesday night at 6:30 pm at 10 Dorrance St. in Providence. Lots of
information about the meeting below. And if you haven't already, please
RSVP to me so we can expedite you getting up to the 9th floor. Thanks!
On Tue, Apr 1, 2014 at 2:57 PM, Patrick Laverty
<patrick.laverty at owasp.org>wrote:
> Hi all-
> On Wednesday April 16 at 6:30 pm, we will have Mordecai Kraushar to talk
> about the OWASP Broken Web Applications (BWA) Project. If you've ever
> wanted to learn how to research web application security vulnerabilities
> but don't know what site to practice on, then this talk is for you!
> The presentation will include a demonstration of some of the realistic,
> vulnerable web applications within the OWASP BWA project, including
> applications written in PERL, PHP and Rails.
> The presentation will demonstrate the many benefits of such vulnerable applications
> · Testing web application scanners (people)
> · Testing web application scanners (products)
> · Testing source code analysis tools
> · Examining code that allows the vulnerabilities
> · Testing web application firewalls
> · Reviewing evidence left by attacks
> Mordecai Kraushar is Director of Audit for CipherTechs, a security solutions
> company based in New York City. He leads an OWASP project called Vicnum,
> (it is part of the OWASPBWA project) which demonstrates vulnerabilities
> such as cross-site scripting, SQL injections and session management
> issues that are helpful to IT auditors developing web security skills.
> This application has also been used in multiple 'capture the flag'
> challenges including the Breaking Bad CTF at AppSecUSA in New York this
> past November.
> The meeting will be held at Swipely (https://www.swipely.com), 10
> Dorrance St, 9th Floor at 6:30 pm. Please RSVP to
> patrick.laverty at owasp.org so the lobby security guard will let you up
> Lastly, May's meeting will be on May 7 and it will be about xssValidator. xssValidator
> is a tool developed to automate the testing and validation of Cross-Site
> Scripting (xss) vulnerabilities within web applications.
> Thanks all, hope to see you on the 16th!
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Owasp-boston