[Owasp-summit-2013] May 12 OWASP Connector

The OWASP Foundation The_OWASP_Foundation at mail.vresp.com
Mon May 12 21:52:51 UTC 2014

May 12, 2014  |   | www.owasp.org -
http://cts.vresp.com/c/?TheOWASPFoundation/ed8328d802/4f163f6020/98f2ead5be   | Contact Us -
http://cts.vresp.com/c/?TheOWASPFoundation/ed8328d802/4f163f6020/5c9b8b5099   |  Brought to you by the OWASP Foundation

Featured OWASP Project

OWASP Bricks -

OWASP Bricks is a deliberately vulnerable web application built on
PHP & MySQL focuses on variations of commonly seen application
security vulnerabilities & exploits, which can be exploited using
tools like Mantra and ZAP. OWASP Bricks provides a platform for
learning web application security and a test bed for analyzing the
performance of web application security scanners.

For more information, please contact the Project Leader, Abhi

New OWASP Projects

OWASP Code Pulse 2.0

The OWASP Code Pulse team is proud to announce version 1.0 of their
real-time coverage tool! Are you a penetration tester or a user of
tools like ZAP? Then we think we have something that is going to make
your life as a pen-tester easier. Code Pulse is a real-time code
coverage tool that lets you visually see coverage gaps in your
testing activity. To find out more about it and to download it please
visit Code Pulse -

For more information, please contact the Project Leader, Hassan
Radwan. - Hassan.Radwan at owasp.org

Project Announcements

Open Source Showcase

The AppSec EU Conference Team is happy to announce that there will be
ten projects participating in this year’s Open Source Showcase at
AppSec EU this summer. The Open Source Showcase is an unique event
module that allows project leaders and/or project contributors to
showcase their work in a demo setting and gain exposure for their
projects without to conduct a full session. The Showcase affords a
more personal view of project between attendees.

Throughout the conference, these project will be demoing at the Open
Source Showcase space within the conference venue. Join us at the
Open Source Showcase June 23-26. Demo times to be announced closer to
the conference.

See you in Cambridge!

Below is a list of all the participating projects.

Bywaf -
http://cts.vresp.com/c/?TheOWASPFoundation/ed8328d802/4f163f6020/533b032929  - ByWaf is a web application penetration testing framework (WAPTF).
It consists of a command-line interpreter and a set of plugins.

OWASP Python Security Project -
http://cts.vresp.com/c/?TheOWASPFoundation/ed8328d802/4f163f6020/6e729f0b5c  - Python Security aims at creating a hardened version of python that
makes it easier for security professionals and developers to write
applications more resilient to attacks and manipulations.

OWASP Ninja PingU Project -
http://cts.vresp.com/c/?TheOWASPFoundation/ed8328d802/4f163f6020/fde0c50fdd  - is a high performance network scanner tool for large scale
analyses. It has been designed with performance as its primary goal
and developed as a framework to allow easy plugin integration.

OWASP PCI Toolkit -
http://cts.vresp.com/c/?TheOWASPFoundation/ed8328d802/4f163f6020/a782eb2f42  - OWASP PCI toolkit is a c# Windows form project, that will help you
to scope the PCI-DSS requirements for your System Components. Beta
version of this tool will be released May 2014.

WPScan -
http://cts.vresp.com/c/?TheOWASPFoundation/ed8328d802/4f163f6020/37777b9459  - WPScan is a black box WordPress vulnerability scanner.

OWASP Hackademic Challenges Project -
http://cts.vresp.com/c/?TheOWASPFoundation/ed8328d802/4f163f6020/355c9f883a  - The Hackademic Challenges implement realistic scenarios with known
vulnerabilities in a safe, controllable environment. Users can
attempt to discover and exploit these vulnerabilities in order to
learn important concepts of information security through the
attacker's perspective. Currently, there are 10 web application
security scenarios available.

http://cts.vresp.com/c/?TheOWASPFoundation/ed8328d802/4f163f6020/506098aaf7  - OWASP OWTF is an OWASP+PTES-focused try to unite great tools and
make pen testing more efficient.

http://cts.vresp.com/c/?TheOWASPFoundation/ed8328d802/4f163f6020/ca7a325887  - The OWASP WTE project is an enhancement of the original OWASP Live
CD Project and expands the offering from a static Live CD ISO image
to a collection of sub-projects. Its primary goal is to make
application security tools and documentation easily available and
easy to use.

http://cts.vresp.com/c/?TheOWASPFoundation/ed8328d802/4f163f6020/31499a44a4  - The Zed Attack Proxy (ZAP) is an easy to use integrated
penetration testing tool for finding vulnerabilities in web
applications. It is designed to be used by people with a wide range
of security experience and as such is ideal for developers and
functional testers who are new to penetration testing. ZAP provides
automated scanners as well as a set of tools that allow you to find
security vulnerabilities manually.

ThreadFix -
http://cts.vresp.com/c/?TheOWASPFoundation/ed8328d802/4f163f6020/fb7b566206 ThreadFix is a software vulnerability aggregation and management
system that helps organizations aggregate vulnerability data,
generate virtual patches, and interact with software defect tracking

Project Summit

We are just a little over a month away from AppSec EU and the 2014
Project Summit. So far we have some great projects signed up to
participate, but we need more projects participating. The Project
Summit is a fantastic opportunity to workshop your project and gather
new volunteers for your project. The Project Summit will be taking
place June 23-24 Anglia Ruskin University in Cambridge, UK and is
free and open to the Community. You do not need a conference pass to
attend the Project Summit.                                 Don’t
have a project? No problem, we can still use your help at the Project
Summit. Sign up to participate in the Project Summit by contacting
Samantha Groves - samantha.groves at owasp.org  or Kait disney-Leugers -
kait.disney.leugers at owasp.org

Thank you to our newest Corporate Member:  Moki Mobility

Honorary Membership applications now being accepted.

Be sure to review the requirements -
http://cts.vresp.com/c/?TheOWASPFoundation/ed8328d802/4f163f6020/ccc9714d36  for Honorary Membership before you submit your form -
http://cts.vresp.com/c/?TheOWASPFoundation/ed8328d802/4f163f6020/c9859e04a1 .   Deadline for Honorary Membership is September 30, 2014 **Please
note: Chapters and Projects MUST be active.  Your leadership position
MUST be on file prior to September 30, 2014 in order to be eligible
for 2014 Honorary Membership.  ALL qualified individuals MUST apply
for Honorary Membership in order to vote by completing the Honorary
Membership Form -

          Global AppSec Events in 2014

LATAM Tour Wrap Up -

Congratulations to all of the chapter leaders and organizers who
participated in the 2014 LATAM Tour

The tour resulted in                                                 
                    Organized events in 7 countries                  
                  Over 650 attendees                                 
   8 sponsors, and                                     16 educational
and community supporters

AppSec EU 2014 (June 23 - 26, Cambridge, UK) -

Keynotes announced!  Lorenzo Cavallaro, Tobias Gondrom, Dr. Steven J.
Murdoch, Wendy Seltzer, and Jacob West                               
     A few sponsorship are still available -
http://cts.vresp.com/c/?TheOWASPFoundation/ed8328d802/4f163f6020/441f9c3d20                                      Training details are available -
http://cts.vresp.com/c/?TheOWASPFoundation/ed8328d802/4f163f6020/c396fb4363                                      Registration is now OPEN -

AppSec USA 2014 (September 16 - 19, Denver, CO) -

Keynotes announced!  Steve Crusenberry, Gary McGraw, and Bruce
Schneier                                     Sponsorship
opportunities are still available. -
http://cts.vresp.com/c/?TheOWASPFoundation/ed8328d802/4f163f6020/7242f8319e                                      Member Event Registration -
http://cts.vresp.com/c/?TheOWASPFoundation/ed8328d802/4f163f6020/d1f48345d1                                      Public Registration -
http://cts.vresp.com/c/?TheOWASPFoundation/ed8328d802/4f163f6020/4921a91392/id=a2oU0000000LJBkIAO ,

Upcoming Regional Events

LASCON 2014 (October 21 - 24, Austin, TX) -

Keynotes confirmed include:  Kelley Misata (Director Of Outreach and
Communications, The Tor Project), Jeff Williams (CTO, Contrast
Security), Zane Lackey (Founder/CSO @ signal sciences), Marcus Carey,
and Chris Nickerson

Partner and Promotional Events

OWASP has partnered with these great events in beginning of 2014 to
grow our community and build awareness around software security. If
you want to learn more about OWASP's involvement or will be attending
and want to help out contact us -

Hacker's IDOL - A Cyber Safety Campaign, April 1-October 17, India.

Information Security Media Group, Inc. -
http://cts.vresp.com/c/?TheOWASPFoundation/ed8328d802/4f163f6020/5e84102907   Fraud Summit, May 14, Chicago IL, Discount code for OWASP Members:

ISSA-LA Security Summit -
http://cts.vresp.com/c/?TheOWASPFoundation/ed8328d802/4f163f6020/ed98a3faf7 , May 16, Universal City, CA.  OWASP Members receive a 25% discount
with the code: Ow at spIssaLA25

Suits & Spooks -
%20http://cts.vresp.com/c/?TheOWASPFoundation/ed8328d802/4f163f6020/fc5782a122 , June 20-21, NY, NY.

BlackHat -
http://cts.vresp.com/c/?TheOWASPFoundation/ed8328d802/4f163f6020/db4c0bd5e1  August 2-7, Las Vegas, NV.  OWASP Members receive $200 off BH
briefings with code:  owaBR200off.

BSides LV -
http://cts.vresp.com/c/?TheOWASPFoundation/ed8328d802/4f163f6020/e2121c6900 , August 5-6, Las Vegas, NV.

EC-Council TakeDown Con -
http://cts.vresp.com/c/?TheOWASPFoundation/ed8328d802/4f163f6020/03b6f807f0 , August 14-19, Huntsville, AL.

EC-Council Hacker Halted, October 12-17, Atlanta, GA. -

Suits & Spooks -
14%20http://cts.vresp.com/c/?TheOWASPFoundation/ed8328d802/4f163f6020/90bdaa17c6 , December 14, Singapore.

National Cyber Security Awareness Month

Each and every one of us needs to do our part to make sure that our
online lives are kept safe and secure. That's what National Cyber
Security Awareness Month—observed in October —is all about!  Join
OWASP on this important effort.  To learn more, please visit:  Stay
Safe Online -

OWASP Foundation Social Media

LinkedIn -

Twitter -

Google + -

Facebook -

Ning -

StackOverflow -

OWASP Global Webinar

Thursday, April 24th at 10AM EST

Join us for this month’s OWASP Project Webinar lead by Project
Leader Jonathan Carter. Jonathan will be explaining his project OWASP
Reverse Engineering and Code Modification Project -
http://cts.vresp.com/c/?TheOWASPFoundation/ed8328d802/4f163f6020/8056180347 .

OWASP Reverse Engineering and Code Modification Project educates
security professionals about the risks of reverse engineering and how
to ensure that code cannot be reverse engineered or modified.

Register for the 10 am EST Presentation


Register for the 9 pm EST Presentation

      2014 Global Board of Directors Election

Each year The OWASP Foundation holds its annual Global Board of
Directors election.  This October, OWASP members will be voting to
fill 3 of the 7 seats available.  If you are interested in learning
more about the election and what the requirements are to run for a
seat, please visit our 2014 Board Elections page -
http://cts.vresp.com/c/?TheOWASPFoundation/ed8328d802/4f163f6020/5b61e02899 .   Our Call for Candidates is now open!  Please submit your
candidacy here -
http://cts.vresp.com/c/?TheOWASPFoundation/ed8328d802/4f163f6020/b667dcea0d .  Call for Candidates will close August 15, 2014.

During the candidates recorded interview, each candidate will be
asked a series of questions provided by our OWASP Community.   Anyone
can submit a question(s), vote up or vote down existing questions. 
The top 5 to 6 questions will then be used for each candidate’s
interview.  If you have a question you would like to submit, please
do so here -
http://cts.vresp.com/c/?TheOWASPFoundation/ed8328d802/4f163f6020/581a3cc2fc .  Deadline to submit your question is August 25, 2014.

For a complete Election Time line, Click Here -
http://cts.vresp.com/c/?TheOWASPFoundation/ed8328d802/4f163f6020/59d6b7cbe9                               Bi-Weekly Community Call

Bi-Weekly OWASP Town Hall meetings have been started by Michael
Coates.  The next one is scheduled for May 20th at 9am Pacific time.

If you have any updates or announcements regarding OWASP that you
would like to share with the world, please add it to the wiki page -

The meetings are held using google hangouts and live broadcast.  They
are always recorded and publicly posted via YouTube

This is NOT a slide presentation.  Items posted on the wiki will be
discussed, and questions will be accepted over twitter or hang out

Check out the updates and announcements from May 6! -

OWASP Projects Framework - INPUT REQUESTED

After many discussions over the current OWASP Project Program model,
the Board of Directors have agreed to change the direction of OWASP
Projects. We would like to give the community an opportunity to voice
their opinion, and help us decide how to move projects forward.

We want leaders to comment and debate various project program models
to help us better serve you, the OWASP community.

Please review the project program models -
http://cts.vresp.com/c/?TheOWASPFoundation/ed8328d802/4f163f6020/60179b6321                                   2014 OWASP Annual Report is

Click here -
http://cts.vresp.com/c/?TheOWASPFoundation/ed8328d802/4f163f6020/6dfdcceb2d  to view the Report

Just for Fun

Congratulations to Dusty Evanoff who was the first person to solve
last week's challenge:  The answer is 100 miles. (Vowels worth 300,
consonants worth -100.)

Click here to view last issue's puzzle -

This puzzle is a short but really tricky one.  Good Luck

>From a book, a number of consecutive pages are missing. The sum of
the page numbers of these pages is 9808. Which pages are missing?

Send your answers to our comment desk - support at owasp.org  for a
chance to win a prize.  Winners will be announced in the next

Click to view this email in a browser

If you no longer wish to receive these emails, please reply to this
message with "Unsubscribe" in the subject line or simply click on the
following link: 


The OWASP Foundation sent this email free of charge using
VerticalResponse for Non-Profits. Non-Profits email free. You email

The OWASP Foundation
1200-C Agora Drive
Bel Air, Maryland 21014

Read the VerticalResponse marketing policy: 

You received this message because you are subscribed to the Google Groups "OWASP Summit 2013" group.
To unsubscribe from this group and stop receiving emails from it, send an email to owasp-summit-2013+unsubscribe at owasp.org.
To post to this group, send email to owasp-summit-2013 at owasp.org.
Visit this group at http://groups.google.com/a/owasp.org/group/owasp-summit-2013/.
For more options, visit https://groups.google.com/a/owasp.org/d/optout.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-summit-2013/attachments/20140512/609c6646/attachment-0001.html>

More information about the Owasp-summit-2013 mailing list