[Owasp-royalholloway] Announcement: Next OWASP London Event - March Chapter Meeting - Thursday, 20th March 2014, 6:30pm-8:30pm

Justin Clarke justin.clarke at owasp.org
Fri Mar 7 11:26:34 UTC 2014


Our next meeting in March is at our new venue sponsor for the year, Skype, at their offices at 2 Waterhouse Square, 140 Holborn, London, EC1N 2ST.  

One talks is confirmed so far, I’m open to suggestions on a second talk:

• Using Tunna (HTTP Tunnel) for penetration testing - Nikos Vassakis and Rodrigo Marcos
Once a web application is compromised and command execution is achieved, the attacker faces a number of hurdles. Network filtering is one of the key defensive techniques used to prevent attackers from creating further communication channels. This is usually an effective technique to limit the attacking avenues. Tunna is a tool designed to bypass firewall restrictions on remote web servers. It consists of a local application (supporting Ruby and Python) and a web application (supporting ASP.NET, Java and PHP). This presentation will cover all the steps required to effectively bypass firewalls protecting web applications, bind TCP ports on the compromised host and access other hosts in the DMZ.


• Nikos Vassakis
Nikos is a security consultant at SECFORCE. He holds a BSc in Computer Science and an MSc in Information Security, and has 2 years of security related working experience. When not working breaking one technology or another, he drinks beer, socialises and when time permits works on research projects. Current research activities focus mainly on post-exploitation network traffic tunnelling techniques and trying to take over the world.

• Rodrigo Marcos
Rodrigo is a security CREST consultant at SECFORCE, with 10 years of experience in the penetration testing industry. His interests cover a wide range of areas, such as network protocol fuzzing, programming and "high-protein" web hacking - trying to minimise the gap between web application and infrastructure testing to achieve his ultimate goal: World domination, one IP address at a time.

I've setup the Eventbrite page to RSVP here - http://owasp-london.eventbrite.co.uk/  Please note that RSVPs close the evening before the event so we get names on the door!

See you all there :)


More information about the Owasp-royalholloway mailing list