[OWASP-Philadelphia] OWASP-Philadelphia Digest, Vol 55, Issue 1
lfharrison3 at gmail.com
Thu Dec 10 00:48:43 UTC 2015
What time is the meeting?
On Dec 8, 2015 7:02 AM, <owasp-philadelphia-request at lists.owasp.org> wrote:
> Send OWASP-Philadelphia mailing list submissions to
> owasp-philadelphia at lists.owasp.org
> To subscribe or unsubscribe via the World Wide Web, visit
> or, via email, send a message with subject or body 'help' to
> owasp-philadelphia-request at lists.owasp.org
> You can reach the person managing the list at
> owasp-philadelphia-owner at lists.owasp.org
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of OWASP-Philadelphia digest..."
> Today's Topics:
> 1. Next OWASP Meeting, Tuesday the 15th at Radeon 1500 Market
> St. 32nd Floor (Aaron Weaver)
> Message: 1
> Date: Mon, 7 Dec 2015 17:58:50 -0500
> From: Aaron Weaver <aaron.weaver2 at gmail.com>
> To: owasp-philadelphia at lists.owasp.org
> Subject: [OWASP-Philadelphia] Next OWASP Meeting, Tuesday the 15th at
> Radeon 1500 Market St. 32nd Floor
> 9A6cUycw at mail.gmail.com>
> Content-Type: text/plain; charset="utf-8"
> Hi all,
> Come and join us next week while we eat pizza, hack web apps and learn
> about secure coding. Please RSVP
> for entering the building and so that we can have a count for ordering
> *Hands on Hacking with OWASP Security Shepherd*
> Come and try out one of OWASP's latest projects, OWASP Security Shepherd.
> It's a web app designed for AppSec novices or experienced testers to help
> sharpen penetration testing skills. Security Shepherd has a built in leader
> board and creates a great competitive environment.
> Participants should bring their laptops. No previous experience of hacking
> web sites is required (in fact the tool starts the user from basic hacks up
> to the most advanced). Those without laptops can still attend and learn
> about the tool and hacking techniques involved. Participants can also form
> teams to share their laptops and hack the site faster.
> *Game of Hacks: The Mother of All Honeypots*
> We created a ?Game of Hacks? ? a viral Web app marketed as a tool to train
> developers on secure coding ? with the intention of building a honeypot.
> During a 6-month timeframe, we witnessed each attack that came at this
> game, secured the app against it and studied how attackers adapted to the
> mitigation measures. The lessons learnt can be applied to any Web app
> introduced into the organization.
> How do hackers adjust, in real-time, to various strengthening measures of
> Web apps? We set to answer this question through an interactive Web app
> honeypot. For the honeypot, we created a viral Web-based gaming
> application. However, the lessons learnt could be applied to any Web
> Aptly called ?The Game of Hacks?, our gaming app was marketed as a tool to
> train developers to write secure code. The app presented users a piece of
> vulnerable code and a set of multiple choice questions from which the user
> had to choose the correct vulnerability ? in the minimal amount of time.
> Storing a central database, the app kept a scoreboard of all players,
> displaying the top winners. Additionally, the app was built on
> crowd-sourcing capabilities where users could contribute their own piece of
> code and questions.
> 1500 Market St. 32nd Floor, East Tower Philadelphia, PA 19103
> Share this event on Facebook
> and Twitter
> We hope you can make it!
> OWASP Philadelphia
> Aaron Weaver
> Philadelphia OWASP Chapter Lead
> OWASP AppSec Pipeline Lead
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL: <
> OWASP-Philadelphia mailing list
> OWASP-Philadelphia at lists.owasp.org
> End of OWASP-Philadelphia Digest, Vol 55, Issue 1
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the OWASP-Philadelphia