[OWASP-Philadelphia] OWASP-Philadelphia Digest, Vol 55, Issue 1

Aaron Weaver aaron.weaver2 at gmail.com
Thu Dec 10 01:21:59 UTC 2015


It starts around 5. We will eat first and then begin.
On Wed, Dec 9, 2015 at 8:20 PM K Armetta <krsarmetta at gmail.com> wrote:

> 5pm
> (I had to look it up on the eventbrite page too)
>
> I already have 3 holiday events I'm not going to that evening but it
> sounds like fun.  Glad to see it posted to the list.  I'll try to spread
> the word.
>
>
> Kris
>
> On Wed, Dec 9, 2015 at 7:48 PM, Leonard Harrison <lfharrison3 at gmail.com>
> wrote:
>
>> What time is the meeting?
>> On Dec 8, 2015 7:02 AM, <owasp-philadelphia-request at lists.owasp.org>
>> wrote:
>>
>>> Send OWASP-Philadelphia mailing list submissions to
>>>         owasp-philadelphia at lists.owasp.org
>>>
>>> To subscribe or unsubscribe via the World Wide Web, visit
>>>         https://lists.owasp.org/mailman/listinfo/owasp-philadelphia
>>> or, via email, send a message with subject or body 'help' to
>>>         owasp-philadelphia-request at lists.owasp.org
>>>
>>> You can reach the person managing the list at
>>>         owasp-philadelphia-owner at lists.owasp.org
>>>
>>> When replying, please edit your Subject line so it is more specific
>>> than "Re: Contents of OWASP-Philadelphia digest..."
>>>
>>>
>>> Today's Topics:
>>>
>>>    1. Next OWASP Meeting,       Tuesday the 15th at Radeon 1500 Market
>>>       St. 32nd Floor (Aaron Weaver)
>>>
>>>
>>> ----------------------------------------------------------------------
>>>
>>> Message: 1
>>> Date: Mon, 7 Dec 2015 17:58:50 -0500
>>> From: Aaron Weaver <aaron.weaver2 at gmail.com>
>>> To: owasp-philadelphia at lists.owasp.org
>>> Subject: [OWASP-Philadelphia] Next OWASP Meeting,       Tuesday the 15th
>>> at
>>>         Radeon 1500 Market St. 32nd Floor
>>> Message-ID:
>>>         <CAEAA4XXMxCG39wy7vvL35Z74VAKPVpgvr9hXmJKek=
>>> 9A6cUycw at mail.gmail.com>
>>> Content-Type: text/plain; charset="utf-8"
>>>
>>> Hi all,
>>>
>>> Come and join us next week while we eat pizza, hack web apps and learn
>>> about secure coding. Please RSVP
>>> <
>>> https://www.eventbrite.com/e/owasp-philadelphia-chapter-meeting-at-radian-tickets-19898696537
>>> >
>>> for entering the building and so that we can have a count for ordering
>>> food.
>>>
>>> *Hands on Hacking with OWASP Security Shepherd*
>>>
>>> Come and try out one of OWASP's latest projects, OWASP Security Shepherd.
>>> It's a web app designed for AppSec novices or experienced testers to help
>>> sharpen penetration testing skills. Security Shepherd has a built in
>>> leader
>>> board and creates a great competitive environment.
>>>
>>> Participants should bring their laptops. No previous experience of
>>> hacking
>>> web sites is required (in fact the tool starts the user from basic hacks
>>> up
>>> to the most advanced). Those without laptops can still attend and learn
>>> about the tool and hacking techniques involved. Participants can also
>>> form
>>> teams to share their laptops and hack the site faster.
>>>
>>> *Game of Hacks: The Mother of All Honeypots*
>>>
>>> We created a ?Game of Hacks? ? a viral Web app marketed as a tool to
>>> train
>>> developers on secure coding ? with the intention of building a honeypot.
>>> During a 6-month timeframe, we witnessed each attack that came at this
>>> game, secured the app against it and studied how attackers adapted to the
>>> mitigation measures. The lessons learnt can be applied to any Web app
>>> introduced into the organization.
>>>
>>> How do hackers adjust, in real-time, to various strengthening measures of
>>> Web apps? We set to answer this question through an interactive Web app
>>> honeypot. For the honeypot, we created a viral Web-based gaming
>>> application. However, the lessons learnt could be applied to any Web
>>> application.
>>>
>>> Aptly called ?The Game of Hacks?, our gaming app was marketed as a tool
>>> to
>>> train developers to write secure code. The app presented users a piece of
>>> vulnerable code and a set of multiple choice questions from which the
>>> user
>>> had to choose the correct vulnerability ? in the minimal amount of time.
>>> Storing a central database, the app kept a scoreboard of all players,
>>> displaying the top winners. Additionally, the app was built on
>>> crowd-sourcing capabilities where users could contribute their own piece
>>> of
>>> code and questions.
>>>
>>> *Location*
>>>
>>> 1500 Market St. 32nd Floor, East Tower Philadelphia, PA 19103
>>>
>>> Share this event on Facebook
>>> <
>>> http://www.facebook.com/share.php?u=https%3A//www.eventbrite.com/e/owasp-philadelphia-chapter-meeting-at-radian-tickets-19898696537%3Fref%3Desfb
>>> >
>>>  and Twitter
>>> <
>>> http://twitter.com/home?status=https%3A//www.eventbrite.com/e/owasp-philadelphia-chapter-meeting-at-radian-tickets-19898696537%3Fref%3Destw
>>> >
>>>
>>> We hope you can make it!
>>>
>>> Cheers,
>>> OWASP Philadelphia
>>>
>>> --
>>> Aaron Weaver
>>> Philadelphia OWASP Chapter Lead
>>> OWASP AppSec Pipeline Lead
>>> https://www.owasp.org/index.php/OWASP_AppSec_Pipeline
>>> -------------- next part --------------
>>> An HTML attachment was scrubbed...
>>> URL: <
>>> http://lists.owasp.org/pipermail/owasp-philadelphia/attachments/20151207/fa0fee8a/attachment-0001.html
>>> >
>>>
>>> ------------------------------
>>>
>>> _______________________________________________
>>> OWASP-Philadelphia mailing list
>>> OWASP-Philadelphia at lists.owasp.org
>>> https://lists.owasp.org/mailman/listinfo/owasp-philadelphia
>>>
>>>
>>> End of OWASP-Philadelphia Digest, Vol 55, Issue 1
>>> *************************************************
>>>
>>
>> _______________________________________________
>> OWASP-Philadelphia mailing list
>> OWASP-Philadelphia at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-philadelphia
>>
>>
> _______________________________________________
> OWASP-Philadelphia mailing list
> OWASP-Philadelphia at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-philadelphia
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-philadelphia/attachments/20151210/8c357ca3/attachment.html>


More information about the OWASP-Philadelphia mailing list