[OWASP-Philadelphia] Philadelphia OWASP Meeting 1/8

Aaron Weaver aaron.weaver2 at gmail.com
Mon Dec 17 14:36:32 UTC 2012


Thanks for putting this together. Looking forward to the CTF.

On Mon, Dec 17, 2012 at 9:05 AM, Justin C. Klein Keane <
jukeane at sas.upenn.edu> wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hello all,
>
>   TLDR: Please RSVP to jukeane at sas.upenn.edu if you plan to attend the
> January meeting, which will be held on Penn's campus in Fisher Bennet
> hall (at the corner of 34th and Walnut) room 224.
>
>   I've tallied the votes for the topic of our 1/8 meeting and there
> were no offers from other speakers or suggestions for alternative
> topics.  Folks voted for just two topics, with capture the flag (CTF)
> getting the most votes, the rest for a discussion of tools.
>
>   I'm working on finishing the capture the flag, which will actually
> focus on a number of tools used for testing.  The CTF follows the
> format of others I've done in the past
> (https://sourceforge.net/projects/lampsecurity/files/CaptureTheFlag/).
>  The exercise will consist of a VMWare virtual machine image along
> with a PDF of documentation for one potential route to compromise the
> target.  The target is a fully working server with a complete LAMP
> stack including a vulnerable web application.  This CTF should be fun
> because I'm going to use PhantomJS to simulate users interacting with
> any web applications installed on the target (making XSS attacks valid).
>
>   In order to make the most of the exercise you should bring a laptop
> with something capable of running a VMWare image (VMWare Player
> (free), Workstation, Fusion, or even VirtualBox (free)).  I'll post
> the exercise (including the target and documentation) up on
> SourceForge following the meeting for folks who can't make it.
>
>   As I'm going to try to bring CDs with the target VMWare image I'll
> need to know how many to make.  If you plan to attend please e-mail me
> at jukeane at sas.upenn.edu so I know how many to burn.
>
>   Have a happy holidays and hope to see you all in January.
>
> Cheers,
>
> - --
> Justin C. Klein Keane, MA MCIT
> Senior Information Security Specialist
> University of Pennsylvania, School of Arts & Sciences
>
> The PGP signature on this email can be verified using the public key at
> https://sites.sas.upenn.edu/kleinkeane
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.12 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://www.enigmail.net/
>
> iQIcBAEBAgAGBQJQzyaiAAoJEIH7slQlJAgKRfAP/iVFs9i4jYBef+wKeNUly5zQ
> iKjrERk7RRq46rPVYa+gS1KxxLBd4FQWWkuaBlEtUgZN4Xggj6qZW8WG+9aM1/j/
> f3DkholyZ4/3xZk13RkN31W5dtdE/pGxvkDHCUaPnOX/ZLj5am8+vEwYkN58t6CA
> a5LSVy+TZir3QlsYK35sgKODdfI2FqlhZH4J5dBGj9V+HBt43vPxWBHKIEY6feV1
> mcY7g6M3T0l4VsPM0DVQ/w4rbm7dWQK+I3rP3F9pIR6l4vZRwMjOpb8bR22Yzudk
> S5efkovnSB6Fu9jn/GJ5ZroMXJIs7F5bo2hiaA5GIvJZiwvp90rI4zsKso3MyL6q
> EokLHrRnUZFUP8tOSQ5IPz6um4hDHn9wC79VcsRCB3X03zwyO7cWoytkk8fWXUSA
> TXPzgMo0RUAbBAL5afEYvIA7y7fejnFZYUBGunnJ42cS9zB50oMermpI1TtXeMJe
> jUYJEI0MozWbMld/BaCioXa50kv71kt15X3XaEdFLZR9FLPdQu4TwXmqQOkVWQsZ
> H0XbyiHguSmB8M7NqZq0j+VFoqwkjCFRdWnUUkzm4l4WtEWQ+QB0K+uXhpbrh56c
> Vkf0CKBsNwDtHGB6F9dtoTnmkdOvVz7+t72KQOVy+QmrENbWNtcVFAUVtYDsGaPr
> keZ5ZrMtmdPG6DwbxUQR
> =Bxjn
> -----END PGP SIGNATURE-----
> _______________________________________________
> OWASP-Philadelphia mailing list
> OWASP-Philadelphia at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-philadelphia
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-philadelphia/attachments/20121217/8ce4dd48/attachment.html>


More information about the OWASP-Philadelphia mailing list