[Owasp-Mumbai] [meet] null Mumbai Chapter | 26th April, 2014 | Saturday

Wasim Halani washal at null.co.in
Fri Apr 18 11:52:55 UTC 2014


Dear all,

Our next NULL Mumbai chapter meet is scheduled on *26th April, 2014
(Saturday)*

Below is agenda for the meet:

1. *Security News Bytes:* A discussion on the latest happenings in the
security industry and sharing of interesting links

2. *Cross-Site Request Forgery (CSRF): *By Kalyan Kumar Komati
CSRF is an attack which forces an end user to execute unwanted actions on a
web application in which he/she is currently authenticated. With a little
help of social engineering (like sending a link via email/chat), an
attacker may trick the users of a web application into executing actions of
the attacker's choosing. A successful CSRF exploit can compromise end user
data and operation in case of normal user. If the targeted end user is the
administrator account, this can compromise the entire web application.

3. *Introductions and networking break*

4. *Threat Modelling Web Applications: *By Neelu Tripathy
This presentation is a discussion around threat modelling and design issues
for applications and all the aspects of a holistic or practical design
review. This would be an introduction to the process and steps to be
followed to create a threat model. We understand the impact and importance
of threat model in ensuring security through SDLC. Also take up a small
exercise.

5.* Setting up a virtual network simulator in your Test Lab Using GNS3: *By
Raashid Shaikh
GNS3 is a virtual graphical network simulator for simulating the
home/enterprise network infrastructure.
It can be use for building the LAB for auditing the networking devices like
Cisco Routers and firewalls.
>From a penetration tester perspective it can be very helpful to simulate
and practice attacks against the entire network infrastructure.

*Registration:*
*For those interested in attending the meet, please register yourself at
the link *http://goo.gl/eiPoQN

*Fees:*
*There is NO entry fee. The meet is open to everyone interested in
security. Feel free to pass on the message to your friends and colleagues.*


*Venue:*
(Google Map Link: http://g.co/maps/5gt23)
Directiplex,
Old Nagardas Road,
Next to Andheri Subway,
Andheri (East)

*Time:*
11:00 AM onwards (approx. duration for each presentation is 30-40 mins.)

*Contact Nos:*
+918879357721 (Varun Nair)
+919619166443 (Narendra Choyal)
+919594955107 (Vinod Tiwari)
+91-9819643034 (Wasim Halani)

Regards,
--
Wasim
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-mumbai/attachments/20140418/197c21cc/attachment.html>


More information about the OWASP-Mumbai mailing list